What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
Thanks - however I now have more questions: the d for default is not an option in 3.8.1 (in my AC88 router) - I can only choose 1=Yes or e=Exit. And "only when logging is enabled" (which I guess it is since I get the email for stats from AB-solution). Anyway, "dnsmasq settings is inactive at the moment." - and the only option is "Enable it? [1=Yes e=Exit]" - ehh if I need default, and d is not accepted - how to proceed?

Some trial and error later: Just enter 1 to get into the next sub menu so to speak :)
 
Some trial and error later: Just enter 1 to get into the next sub menu so to speak :)
Yes, you need to enable it first, then it gives you that option.
With domain-needed, Dnsmasq will gently ignore these queries.
 
How old is this version, surely it's not the latest release.
Copy and paste the following into the terminal and post output:
Code:
netstat -tuln | grep ":80 "
It should return about two lines.

Then enter the this, which should return nothing:
Code:
netstat -tuln | grep ":80 " | grep '0\.0\.0\.0:80 '
If it does, your firmware is indeed too old to run pixelserv-tls.

Here is the result of running the mentioned commands
Code:
admin@rt-n66u:/tmp/home/root# netstat -tuln | grep ":80 "
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN
admin@rt-n66u:/tmp/home/root# netstat -tuln | grep ":80 " | grep '0\.0\.0\.0:80 '
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN

When you say how old is the version, are you referring to the firmware version? If yes, I am running @john9627's LTS which is a fork of Asuswrt-Merlin based on 374.43_2.

I can also confirm that I am able to run pixel-tls via manual Optware install.
Code:
admin@rt-n66u:/tmp/home/root# curl http://192.168.1.1/servstats.txt
pixelserv-tls version: v35.HZ12.Kj compiled: May 31 2017 04:30:23 options: <none>
29493 uts, 0 log, 74 req, 256 avg, 352 rmx, 57 tav, 528 tmx, 6 slh, 1 slm, 0 sle, 0 slu, 27 nfe, 9 gif, 0 ico, 18 txt, 0 jpg, 0 png, 0 swf,
0 sta, 1 stt, 0 ufe, 2 rdr, 0 nou, 0 pth, 0 204, 0 pst, 0 hed, 0 bad, 0 err, 0 tmo, 5 cls
admin@rt-n66u:/tmp/home/root#

Hope this helps.
 
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
As @john9527 confirms, and I'm sure he runs his latest release, yours is an older version of John's fork.
Update your firmware, just as AB's original error says, then uninstall Optware (Entware and pixelserv will NOT and cannot install with Optware present) then run the ps command again.
There is no way around it, the automated install and the way AB runs pixelserv is very different from what you likely did in Optware.
Especially the listening IP you posted will also not work, as your routers IP address likely is 192.168.1.1.
Even if you run the WebUI over https and on another port, do not mix the two.
The ps installer explains that in detail.
 
Some trial and error later: Just enter 1 to get into the next sub menu so to speak :)
You likely also see client host names in the stats report in the domain fields column. If so, set rs option "4. Filter local client names" to on. If not, don't bother.
 
@unknownz

Looking at the fork changes, I think it may require the updated busybox.....so V24E3 or later.
With older fork versions and Merlin 380.60 and older, the WebUI listens on more than the router's IP address. This has changed in Asuswrt-Merlin 380.61.
You implemented this at one point as well. In the last year or so since AB includes pixelserv, this has never been a problem on the then latest versions of your fork.
I have not tested with the very latest, but I'm sure users would have driven me mad with if it were so. I can count on them reporting these things right away. Which is nice.
 
With older fork versions and Merlin 380.60 and older, the WebUI listens on more than the router's IP address. This has changed in Asuswrt-Merlin 380.61.
You implemented this at one point as well. In the last year or so since AB includes pixelserv, this has never been a problem on the then latest versions of your fork.
Even better answer.....thanks!
 
Important, please read:
Updating / upgrading pixelserv-tls to the latest version Kj
4. in the ps menu, select '4. Purge generated pixelserv certificates' and confirm to purge the old certificates
thelonelycoder,
Could you confirm, #4 won’t recreate CA certificate, please?
I really don’t want to update trusted root cert store on every client…
 
thelonelycoder,
Could you confirm, #4 won’t recreate CA certificate, please?
I really don’t want to update trusted root cert store on every client…
The purge deletes the certs created by pixelserv-tls for the served domains FROM the CA certificate.
I know it's confusing but the CA certs are not deleted, just the generated domain certs from it as they are no longer valid with the changes made in the pixelserv-tls binary.
 
Even better answer.....thanks!

thanks to the input/response of both @john9527 and @thelonelycoder

apologies on the confusion in my previous reply that i was running Optware when in actual fact i was already running Entware-ng

the firmware version that i am running is 3.0.0.4.374.43_2-25E1j9527
i decided to do a factory reset since @john9527 mentioned that he did not encounter the results that i posted on the same router

with the factory reset, i did not encounter the error and was able to get AB-Solution to do the install of pixelserv-tls ;)

thumbs up and much appreciated on the good work done for the firmware and ad-blocking solution
 
Do you guys can connect to host-files.net those days ? I cannot even if i try another internet connection with differents DNS servers. Thanks.

I'm not able to update my hosts list as i'm using some of that website.
 
Do you guys can connect to hosts-file.net those days ? I cannot even if i try another internet connection with differents DNS servers. Thanks.

I'm not able to update my hosts list as i'm using some of that website.
They must have a Name server or server issue, as they have had before.
One of my ISP's loads it, the other not.
But availability is at best intermittent at the moment. It will sort itself out eventually.
In the meantime, AB uses the last successful backup file instead for every hosts file that times out.
 
Last edited:
The purge deletes the certs created by pixelserv-tls for the served domains FROM the CA certificate.
I know it's confusing but the CA certs are not deleted, just the generated domain certs from it as they are no longer valid with the changes made in the pixelserv-tls binary.
Ok, thanks for clarification! :)
 
They must have a Name server or server issue, as they have had before.
One of my ISP's loads it, the other not.
But availability is at best intermittent at the moment. It will sort itself out eventually.
In the meantime, AB uses the last successful backup file instead for every hosts file that times out.
Thanks for the explanation. That explains why I was getting the failed to download message yesterday. And great coding for using the backup file when that happens!!!
 
Thanks for the explanation. That explains why I was getting the failed to download message yesterday. And great coding for using the backup file when that happens!!!
That anti-ads pack you're using uses a 5 yo IP list, this might be very outdated.
 
Hello.

Is there any advantage or disadvantage in using the ab-solution at the same time with another software blocker for iOS for example?


Enviado do meu iPad usando o Tapatalk
 
Status
Not open for further replies.

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top