What's new

ad blocking on the router

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Txdk

Regular Contributor
something like this tutorial

is it possible to get some one to write a tutorial about how to do it on asuswrt-merlin as i dont know anything about linux commands or systems at all

or might it be possible to intergrate the function in the firmware so you only need to activate it if you want to use it
 
Last edited:
something like this tutorial

is it possible to get some one to write a tutorial about how to do it on asuswrt-merlin as i dont know anything about linux commands or systems at all

or might it be possible to intergrate the function in the firmware so you only need to activate it if you want to use it

Have you thought about using OpenDNS in order to block ad-sites etc ? (It's my own choice over any other method)
 
Have you thought about using OpenDNS in order to block ad-sites etc ? (It's my own choice over any other method)

But don't they also serve up their own ads when the URL is wrong?

Also, unless you are located in the country where it operates it may make the lookup even longer I think.
 
OpenDNS is not an option as they serve there own ads and redirect you if you type wrong and they are slow as hell and blocks access to some pages that they are forced to block.

i don't want that.
why do that if what i want is no ads when surfing the net as it stands now im using ad-block plus on all my computers but it would be more easy if it was done by the router
 
Hosts-based blacklist, resolved to 127.0.0.1

something like this tutorial

is it possible to get some one to write a tutorial about how to do it on asuswrt-merlin as i dont know anything about linux commands or systems at all

or might it be possible to intergrate the function in the firmware so you only need to activate it if you want to use it
The ad blocking method from tutorial is based on hosts blacklist. I'll describe how to do it, but IMHO, it's a simplest and worst one. Later I tell you why.

You'll need to create two files. A first one is /jffs/scripts/wan-start:
#!/bin/sh
wget -O - http://www.mvps.org/winhelp2002/hosts.txt | grep 127.0.0.1 | sed '2,$s/127.0.0.1/0.0.0.0/g; s/[[:space:]]*#.*$//g;' | grep -v localhost | tr ' ' '\t' |tr -s '\t' | tr -d '\015' | sort -u > /tmp/hosts0
killall dnsmasq && dnsmasq --log-async
The second one is /jffs/configs/dnsmasq.conf.add with this content:
addn-hosts=/tmp/hosts0
Make first one executable:
chmod +x /jffs/scripts/wan-start
and reboot router.
 
Last edited:
If I can figure out how to do this it would be great considering I have several iPads and a MacBook on my network.

Any chance you could create the files and attach them in a zip ? Then I assume we just run those commands ?
 
If I can figure out how to do this it would be great considering I have several iPads and a MacBook on my network.

Any chance you could create the files and attach them in a zip ? Then I assume we just run those commands ?

It looks like the wan-start command that goes out on the internet and downloads the host blacklist gets run when the router boots (assuming that you put it where it is suggested to put it).

Seems like it'll be fun to play with, might give it a go and see if can improve things for devices that don't have ad blocking, like my Android phone. Curious if it'll slow things down much.

Anthony, I did get the "Atomic" browser for my iPad that does have an ad blocker, cost $0.99 as I recall *smile*. Works well for that, the only problem is that when you click on a URL in email, etc., it brings up Safari. But when I read this forum on my iPad, or go looking for stuff, I use the "Atomic" browser, and it blocks most all ads. I don't know if Safari for MacBook has an ad blocker or not, but it might.
 
Seems like it'll be fun to play with, might give it a go and see if can improve things for devices that don't have ad blocking, like my Android phone.
As for me, I redirect all http traffic from Android tablet to privoxy transparent proxy on router with original AdBlock rules.
For what? The embedded browser is real fast but can't use plugins, a firefox got AdBlock plugin but it's slow as hell.

If someone interested, I'll write How-to about that. This solution is quite universal: no matter iOS or Android devices will be used.

Curious if it'll slow things down much.
Yes, all DNS "improvements" needs to be benchmarked. As for DD-WRT variant above, there is
# wget -O - http://www.mvps.org/winhelp2002/hosts.txt | grep 127.0.0.1 | wc -l
...
14316
strings in blacklist. It will not slow down dnsmasq. But if blacklist will be greater, taken from adsuck for example:
$ wc -l /opt/etc/adsuck/Hosts.pub
130063 /opt/etc/adsuck/Hosts.pub
then dnsmasq will consume +8MB RAM and will add delays to DNS resolving.

The second disadvantage of dnsmasq + hosts blacklist is following: every time browser "asks" for blacklisted domain, dnsmasq returns "127.0.0.1", which means "this PC" so every time browser will wait for answer from local PC, where no web server is installed.

There is another solution for hosts-based blacklists: adsuck. Adsuck is a DNS server which immediately returns NXDOMAIN (non existent domain) answer for black listed domains. So browser caches it's answer and not trying to get blocked elements again and again.
 
Last edited:
The ad blocking method from tutorial is based on hosts blacklist. I'll describe how to do it, but IMHO, it's a simplest and worst one. Later I tell you why.

You'll need to create two files. A first one is /jffs/scripts/wan-start:

The second one is /jffs/configs/dnsmasq.conf.add with this content:

Make first one executable:

and reboot router.


i cant make that work

first of all i dont think that wan-start is even run when the router boots
in the log it says that there is no file or folder /tmp/hosts0

and if i run wan-start manually it downloads the hostfile and then says something about wrong paramaters for dnsmasq and to look in --help

im a total noob dealing with linux but i did what you said these is the files i created adblock
do i need to create the files on the router with the vi editor.
i created them under windows and notepad with copy paste.


if there is i better way to block ads i dont mind if you post a how to for that

adsuck sounds promising
 
Last edited:
it seens adblock can be installed from entware so a toturial about how to do that at set it up would be great
 
As for me, I redirect all http traffic from Android tablet to privoxy transparent proxy on router with original AdBlock rules.
For what? The embedded browser is real fast but can't use plugins, a firefox got AdBlock plugin but it's slow as hell.

If someone interested, I'll write How-to about that. This solution is quite universal: no matter iOS or Android devices will be used.

Yes, I'd be interested in this. Don't need it for iOS, since as I said I got the "Atomic" browser, but for my Android phone this would be worthwhile.

And thanks for the note about the slowdown with the first method you mentioned, that's helpful to steer me away from bothering with that one *smile*.
 
I know this thread is about blocking ads on the router.

But so far I cannot figure out all those Linux scripts and how to run them on the router.

What works for me is SquidGuard on a PfSense box.

You drop Shalla's Blacklist on it and the box will block bad sites as per your selection, INCLUDING blocking most all ads.
 
Last edited:
Is it possible for someone to make a tutorial for adsuck, installed it (entware) but no idea what to do :p
 
[HOW-TO] adsuck — blocking ads by DNS

dsuck is a small DNS server, that returns NXDOMAIN answer for blacklisted sites, so browser/OS will not wait for answer from blocked hosts. It's main advantage over DD-WRT solution.

Requirements to run adsuck are:
  • Asuswrt-Merlin driven RT-N16/RT-N66U/RT-AC66U router with USB-drive and jffs partition enabled.
  • Working Entware environment. Please, refer HOW-TO for details.

Installation:
  • Install adsuck package:
    opkg install adsuck
  • copy provider's DNS list to adsuck folder:
    cp -f /tmp/resolv.conf /opt/etc/adsuck/
  • choose what type of sites you want to filter, all filter files is in the /opt/etc/adsuck/Hosts.*:
    • Hosts.blc - 1916 sites anti-phishing white list,
    • Hosts.mis - 566350 other potential dangerous sites (drugs, sects, spam, traps, violence)
    • Hosts.pub - 106338 advert. sites,
    • Hosts.rsk - 120033 sites with potencial dangerous contents, viruses mostly,
    • Hosts.sex - 905497 adult content sites,
    • Hosts.trc - 46584 anti tracker/counters list.
  • let adsuck to run at boot time:
    echo \#!/bin/sh > /jffs/scripts/services-start
    echo adsuck -d -l 127.0.0.1 -c /opt/etc/adsuck -f resolv.conf -p 65053 -u admin Hosts.sex Hosts.trc Hosts.pub >> /jffs/scripts/services-start
    echo no-resolv > /jffs/configs/dnsmasq.conf.add
    echo server=127.0.0.1\#65053 >> /jffs/configs/dnsmasq.conf.add
and reboot router. In example, i've added three filters: Hosts.pub + Hosts.sex + Hosts.trc which gives over a million hosts to be blacklisted.

Feel free to ask any details you want to know!
 
Last edited:
no luck

dsuck is a small DNS server, that returns NXDOMAIN answer for blacklisted sites, so browser/OS will not wait for answer from blocked hosts. It's main advantage over DD-WRT solution.

Requirements to run adsuck are:
  • Asuswrt-Merlin driven RT-N16/RT-N66U/RT-AC66U router with USB-drive and jffs partition enabled.
  • Working Entware environment. Please, refer HOW-TO for details.

Installation:
  • Install adsuck package:
  • copy provider's DNS list to adsuck folder:
  • choose what type of sites you want to filter, all filter files is in the /opt/etc/adsuck/Hosts.*:
    • Hosts.blc - 1916 sites anti-phishing white list,
    • Hosts.mis - 566350 other potential dangerous sites (drugs, sects, spam, traps, violence)
    • Hosts.pub - 106338 advert. sites,
    • Hosts.rsk - 120033 sites with potencial dangerous contents, viruses mostly,
    • Hosts.sex - 905497 adult content sites,
    • Hosts.trc - 46584 anti tracker/counters list.
  • let adsuck to run at boot time:
and reboot router. In example, i've added three filters: Hosts.pub + Hosts.sex + Hosts.trc which gives over a million hosts to be blacklisted.

Feel free to ask any details you want to know!

No luck, configured as above, after reboot no internet.
 
No luck, configured as above, after reboot no internet.
I think there is something wrong with jffs scripts or configs. Let's try to run adsuck manually:
  • please, remove adsuck autostart:
    rm /jffs/scripts/services-start
    rm /jffs/configs/dnsmasq.conf.add
  • reboot router and type:
    killall dnsmasq
    adsuck -d -l 127.0.0.1 -c /opt/etc/adsuck -f resolv.conf -p 65053 -u admin Hosts.sex Hosts.trc
    dnsmasq --no-resolv --server=127.0.0.1#65053
Is internet connection is up this way?
 
yes, i am also interested!
Hi All,
I'm completely new to this kind of modding and my experience is really limited.
I'm also interested in improving my knowledge ...
Is there a document already available that teaches how to install a package and run it ?

Thanks for the support.
Luca
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top