Menu
What's new
By:
Filters Better Search

pixelserv pixelserv - A Better One-pixel Webserver for Adblock

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

my statistics of runing pixelserv-tls in one day and six hours.....

fW92zY.png
 
i have to stop using this pixelserv-tls....I have a problem with certificate after each reboot router or computer.....all of the above possible solutions do not work....
 
bayern1975 said:
i have to stop using this pixelserv-tls....I have a problem with certificate after each reboot router or computer.....all of the above possible solutions do not work....
Click to expand...

I don't want to ask about your problem :)

Do you know the way out to uninstall..?
 
kvic said:
I don't want to ask about your problem :)

Do you know the way out to uninstall..?
Click to expand...
But I would be interested what the problem is, for science reasons...
 
thelonelycoder said:
But I would be interested what the problem is, for science reasons...
Click to expand...
this is the reason....if i reboot router or computer i got everytime message from kaspersky for self-signed certificate....

EUqEX4S.png


i have installed certificate in right place and seems to be valid....
srfbJ0.png
 
bayern1975 said:
this is the reason....if i reboot router or computer i got everytime message from kaspersky for self-signed certificate....
Click to expand...

What certificate is this? Is that HTTPD cert?

Click "View Certificate", show the detail pls..
 
This is indeed the router's certificate for HTTPD.

The firmware generates a new certificate on every reboot if you've chosen HTTPS.

Silly default if you ask me.

There is a way to tell router to generate a certificate once for all and re-use on reboots. I think this has been raised multiple times on the forum. Anyway, here are the steps:

Code: 
nvram set https_crt_save=1
nvram commit

reboot

This will generate a new certificate for HTTPD and save it in NVRAM that'll survive reboots.

After that browse to WebUI. Import the new certificate into both Windows (follow the steps of importing ca.crt) and Firefox if you're using FF.

Also

If Kaspersky still not happy, you can disable this kind of pop-up. The steps are in the second link of post #139.
 
kvic said:
This is indeed the router's certificate for HTTPD.

The firmware generates a new certificate on every reboot if you've chosen HTTPS.

Silly default if you ask me.

There is a way to tell router to generate a certificate once for all and re-use on reboots. I think this has been raised multiple times on the forum. Anyway, here are the steps:

Code: 
nvram set https_crt_save=1
nvram commit

reboot

This will generate a new certificate for HTTPD and save it in NVRAM that'll survive reboots.

After that browse to WebUI. Import the new certificate into both Windows (follow the steps of importing ca.crt) and Firefox if you're using FF.
Click to expand...

maybe will this help me....i done this, import certificate to windows and firefox....then reboot computer and router and kaspersky didn`t ask me again for self-signed cert....:)i will more testing....what about when i upgrade the firmware? then i lost this setting?
Code: 
nvram set https_crt_save=1
 
Kaspersky is one annoying piece of software. Lots of customers who used it ran into all kind of issue, as that software tries to insert itself into virtually everywhere in the OS, and raises alarms for all kind of totally inoffensive events.

Half of the time, my customer get fed up and simply move to a different less invasive software.
 
bayern1975 said:
another question? Ab-Solution from @thelonelycoder updating once a week and then replaced my router IP to 0.0.0.0 in adblock file? is there any solution to stay my settings there?
Click to expand...

@thelonelycoder has many code references to 0.0.0.0, you need to ask for the redirect IP to be made a configurable variable, this sed command for example changes 127.0.0.1 to 0.0.0.0

Code: 
cat \$dir/temp1 | sed 's/127.0.0.1/0.0.0.0/g;s/\r$//' |...

https://github.com/decoderman/AB-Solution/blob/master/ab-solution.sh#L593
 
mstombs said:
@thelonelycoder has many code references to 0.0.0.0, you need to ask for the redirect IP to be made a configurable variable, this sed command for example changes 127.0.0.1 to 0.0.0.0

Code: 
cat \$dir/temp1 | sed 's/127.0.0.1/0.0.0.0/g;s/\r$//' |...

https://github.com/decoderman/AB-Solution/blob/master/ab-solution.sh#L593
Click to expand...
so, if i configured like this then will script add entries to my router IP 192.168.200.1.....or i need to do something else?
Code: 
Code:

cat \$dir/temp1 | sed 's/127.0.0.1/192.168.200.1/g;s/\r$//' |...
 
bayern1975 said:
so, if i configured like this then will script add entries to my router IP 192.168.200.1.....or i need to do something else?
Code: 
Code:

cat \$dir/temp1 | sed 's/127.0.0.1/192.168.200.1/g;s/\r$//' |...
Click to expand...

Sorry I haven't analyzed the script in detail, might be be easier to just add it once just before the new conf file is used, there are many uses of 0.0.0.0. I do things more manually, just have a simple script to grab the pgl.yoyo domain block list

Code: 
#!/bin/sh
CNF=/mnt/usb4gb/adblock.conf
WHL=/mnt/usb4gb/whitelist
ADS="http://pgl.yoyo.org/adservers/serverlist.php?hostformat=dnsmasq&showintro=0&mimetype=plaintext"
AIP="192.168.66.254" # changes 127.0.0.1 to this globally
wget -O - "$ADS"|sed "s/127.0.0.1/$AIP/" | grep -Fvf $WHL >$CNF

I also have to admit I am not currently using this tls version, but have caught a lot of ad attempts recently, and most are ssl, must get round to it!:-

Code: 
/mnt/usb4gb/pixelserv version: V35.HZ13 compiled: Oct 6 2015 22:34:24 options: 192.168.66.254 -p 80 -p 81 -p 8080 -p 8081 -p 443 -o 2
1760701 uts, 2051023 req, 2006 avg, 26934 rmx, 2264 tav, 4587 tmx, 0 err, 7059 tmo, 2982 cls, 0 nou, 0 pth, 3688 nfe, 203 ufe, 244 gif, 0 bad, 7304 txt, 18 jpg, 6 png, 2 swf, 2 ico, 2027069 ssl, 4 sta, 0 stt, 0 204, 1869 rdr, 573 pst, 0 hed
 
Last edited:
@mstombs

I bet something wrong with your pixelserv. A bug perhaps.

Cannot be over 98% of your 2 million ad requests are HTTPS...!
 
I decided to finally set up the tls version last night since it was included in the Entware repository. There's also a package for easyrsa. Getting it set up was a little different from the guide in the OP but it was close enough that I was able to figure it out. Very pleased with it so far.
 
You must log in or register to reply here.

Similar threads

L
pixelserv SOLVED - Is PixelServ WebGui script trustworthy at the moment? Redirects to strange website...
Replies
10
Views
3K
gspannu
gspannu
thelonelycoder
Diversion Need help with selecting new set of filter lists / block lists for Diversion 5.0
Replies
19
Views
2K
Gary_Dexter
Gary_Dexter
blacksheep
pixelserv Does "How to best run Pixelserv tls on asuswrt" still apply?
Replies
3
Views
3K
elorimer
E
garycnew
Entware [SOLUTION] Cross-Compile PixelServ-TLS 2.4 Entware Package via Debian Live DVD
Replies
13
Views
3K
garycnew
garycnew
Jack Yaz
YazFi YazFi v4.x - continued
4 5 6
Replies
107
Views
15K
Martinski
M
Similar threads
Thread starter Title Forum Replies Date
C Diversion Pixelserv replacement Asuswrt-Merlin AddOns 2
D amtm bus error, pixelserv-tls segmentation fault Asuswrt-Merlin AddOns 17
F pixelserv pixelserv-tls stats does not load Asuswrt-Merlin AddOns 1
black-raison-detre Idea for better web Addons Asuswrt-Merlin AddOns 13

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 961 (members: 18, guests: 943)
Top