AB-Solution - The Ad Blocking Solution

[Xentrk]

@thelonelycoder

As we know, AB-Solution does not work over the VPN tunnel when using Policy Rules and the Accept DNS Configuration = Exclusive. The work around is to set Accept DNS Configuration = Srict. But this may then cause a DNS leak! The selective routing scripts I use fixes this issue and allows the use of DNS Configuration = Exclusive.

Thinking of posting the script, and perhaps a few others, on github rather than maintaining them in the forum, for better version control and maintenance. What is your recommendation?

 

[thelonelycoder]

As we know, AB-Solution does not work over the VPN tunnel when using Policy Rules and the Accept DNS Configuration = Exclusive. The work around is to set Accept DNS Configuration = Srict. But this may then cause a DNS leak! The selective routing scripts I use fix this issue and allow the use of DNS Configuration = Exclusive.

That's good to hear!

I am towing with the thought of posting the script, and perhaps a few others, on github rather than maintaining them in the forum, for better version control and maintenance. What is your recommendation?

My love/hate relationship with github now leans more to the like side.
amtm rekindled the use of it in me. I suggest you do so too.
Let me know if I should add anything to amtm or AB-Solution to make it easier for others.

 

[Xentrk]

That's good to hear!

My love/hate relationship with github now leans more to the like side.
amtm rekindled the use of it in me. I suggest you do so too.
Let me know if I should add anything to amtm or AB-Solution to make it easier for others.

Thanks for the confirmation. I will start working on it tomorrow and let you know when it's done so you can post the link on the FAQ page.

 

[wyldstallyn]

Is it okay to use the additional exploit, hijack and phishing protection hosts if Skynet is not installed / compatible?

I have a friend with a RT-N66U on merlin 380.68_4. AB-Solution and YA-malware block are installed.

 

[thelonelycoder]

Is it okay to use the additional exploit, hijack and phishing protection hosts if Skynet is not installed / compatible?

I have a friend with a RT-N66U on merlin 380.68_4. AB-Solution and YA-malware block are installed.

Your friends router will be delighted to hear that it's OK to use the + files in AB-Solution. No matter if you have Skynet, YA-m or none installed.

 

[Lynoad]

Hi, I really like this script, at least in theory but I do have a persistent problem with hangs, and I'm hoping to resolve that. Basically, what I get is this:
Start UI with ab-solution.sh
(Hang for several minutes)
Kill pid associated with "wget -q --tries=6 --retry-connrefused -O /tmp/servstats.txt" cmd, which fails despite pixelserv up and running
UI load completes, with errmsg re 22
if 22
(Hang for several minutes)
Kill pid associated with "wget -q --tries=6 --retry-connrefused -O /tmp/servstats.txt" cmd, which fails despite pixelserv up and running
(Hang for several minutes)
Kill pid associated with "wget -q --tries=6 --retry-connrefused -O /tmp/servstats.txt" cmd, which fails despite pixelserv up and running
Mesgs Errors found. | Read the check's output for clues. | Hit [Enter] to return to Menu
UI load completes, with errmsg re 22
else
ps
(Hang for several minutes)
ps menu loads
if 6
(Delay for 1-2 minutes)
"Done pixelserv-tls settings reset"

Here, I have no idea how most effectively to proceed. Typically, I turn off logging so that I can unmount the device partition without filesystem errors that can otherwise occur, then I e2fsck [-f], then sometimes I reinstall the script, sometimes I backup/reformat first.

Otherwise, I remount, restart the UI, reinstall the ps add-on, get errors afterward, reboot, restart UI, and the errors have gone away and all is good until the next time I run the UI.

I hope this helps me and maybe somebody else. THANKS!

Running:
RT-AC87R (armv7l) fw-380.68 @ 192.168.1.1
AB-Solution 3.10
pixelserv-tls @ 192.168.1.2
Also running I-Blocklist-loader.sh (and I think possibly I get less frequent AB errors when it's not running)

 

[skeal]

IMO I think it's file system error or drive corruption. "You format and install and its the same." This means it is not installing correctly. What file system are you using? Corruption can happen when a drive is being written to and the router is rebooted. There is no way that the router can demount the drives correctly or shall we say gently. The best defence against this I have had so far is: No system logging to the usb drive, Swaps are alright, use a pre-mount disk scan in /jffs/scripts I know of a script that you can use. This scans the file system and drive when its flagged for any reason. This is not a complete fix if you reboot a lot you can get into trouble. In my opinion a router is best rated by its uptime. Scheduled reboots can cause trouble as well.

 

[thelonelycoder]

Hi, I really like this script, at least in theory but I do have a persistent problem with hangs, and I'm hoping to resolve that. Basically, what I get is this:
Start UI with ab-solution.sh
(Hang for several minutes)
Kill pid associated with "wget -q --tries=6 --retry-connrefused -O /tmp/servstats.txt" cmd, which fails despite pixelserv up and running
UI load completes, with errmsg re 22
if 22
(Hang for several minutes)
Kill pid associated with "wget -q --tries=6 --retry-connrefused -O /tmp/servstats.txt" cmd, which fails despite pixelserv up and running
(Hang for several minutes)
Kill pid associated with "wget -q --tries=6 --retry-connrefused -O /tmp/servstats.txt" cmd, which fails despite pixelserv up and running
Mesgs Errors found. | Read the check's output for clues. | Hit [Enter] to return to Menu
UI load completes, with errmsg re 22
else
ps
(Hang for several minutes)
ps menu loads
if 6
(Delay for 1-2 minutes)
"Done pixelserv-tls settings reset"

Here, I have no idea how most effectively to proceed. Typically, I turn off logging so that I can unmount the device partition without filesystem errors that can otherwise occur, then I e2fsck [-f], then sometimes I reinstall the script, sometimes I backup/reformat first.

Otherwise, I remount, restart the UI, reinstall the ps add-on, get errors afterward, reboot, restart UI, and the errors have gone away and all is good until the next time I run the UI.

I hope this helps me and maybe somebody else. THANKS!

Running:
RT-AC87R (armv7l) fw-380.68 @ 192.168.1.1
AB-Solution 3.10
pixelserv-tls @ 192.168.1.2
Also running I-Blocklist-loader.sh (and I think possibly I get less frequent AB errors when it's not running)

Can you see the pixelserv-tls stats in the browser: 192.168.1.2/servstats

 

[ludespeedny]

Can someone help me figure what to add to my whitelist for this site?
I am trying to go to: https://www.asus.com/us/Motherboards/ROG-STRIX-X370-F-GAMING/HelpDesk_Download/
And that works, but when I select a OS option (ex: Win10 x64) nothing shows up. But when I disable AB it works fine. When enabled nothing shows in the logfile as blocked and I have forced asus.com in the whitelist. Any Ideas?

 

[thelonelycoder]

Can someone help me figure what to add to my whitelist for this site?
I am trying to go to: https://www.asus.com/us/Motherboards/ROG-STRIX-X370-F-GAMING/HelpDesk_Download/
And that works, but when I select a OS option (ex: Win10 x64) nothing shows up. But when I disable AB it works fine. When enabled nothing shows in the logfile as blocked and I have forced asus.com in the whitelist. Any Ideas?

Whitelist www.googletagmanager.com

 

[Lynoad]

IMO I think it's file system error or drive corruption. "You format and install and its the same." This means it is not installing correctly.

So, unlikely a filesystem error, I concluded.

What file system are you using?

ext2.
Not using scheduled reboots; only trying to troubleshoot.
Three partitions on usb mounted by fstab - "absolution" and "entware" (both ext2) + swap although I was suspecting a memory issue, and I'm not seeing any actual swapping logged in procs.

Thanks for the suggestion re fs checking by pre-mount script; I've been planning on getting around to that.

I have also tried using different media.

 

[Lynoad]

Can you see the pixelserv-tls stats in the browser: 192.168.1.2/servstats

Yes, I do, and each time I refresh, the timestamp moves up, even while AB-Solution{pixelserv-tls} reports unsuccessful wgets (and pings, I think, because of the hangs).

 

[thelonelycoder]

Yes, I do, and each time I refresh, the timestamp moves up, even while AB-Solution{pixelserv-tls} reports unsuccessful wgets (and pings, I think, because of the hangs).

Enter this in the terminal, post return:

netstat -tuln | grep ":80 "

 

[Lynoad]

Enter this in the terminal, post return:

netstat -tuln | grep ":80 "

Note, I'm not sure this will be helpful because just at this moment, AB-Solution appears to be working as expected.

# netstat -tuln | grep ":80 "
tcp        0      0 192.168.1.2:80          0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:80            0.0.0.0:*               LISTEN
tcp        0      0 192.168.1.1:80          0.0.0.0:*               LISTEN

 

[thelonelycoder]

Note, I'm not sure this will be helpful because just at this moment, AB-Solution appears to be working as expected.

# netstat -tuln | grep ":80 "
tcp        0      0 192.168.1.2:80          0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:80            0.0.0.0:*               LISTEN
tcp        0      0 192.168.1.1:80          0.0.0.0:*               LISTEN

Looking good.
How about:

wget 192.168.1.2/servstats

 

[Lynoad]

Looking good.
How about:

wget 192.168.1.2/servstats

Again, with all apparently working (most recent re-init of ps was with new certs, as that seems usually more fruitful).

# wget 192.168.1.2/servstats
--2017-12-10 17:20:46--  http://192.168.1.2/servstats
Connecting to 192.168.1.2:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3371 (3.3K) [text/html]
Saving to: 'servstats'

servstats           100%[=====================>]   3.29K  --.-KB/s   in 0s

2017-12-10 17:20:46 (81.2 MB/s) - 'servstats' saved [3371/3371]

(wget-log is empty)

 

[ludespeedny]

Whitelist www.googletagmanager.com

That worked! Thanks!

 

[thelonelycoder]

Again, with all apparently working (most recent re-init of ps was with new certs, as that seems usually more fruitful).

# wget 192.168.1.2/servstats
--2017-12-10 17:20:46--  http://192.168.1.2/servstats
Connecting to 192.168.1.2:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3371 (3.3K) [text/html]
Saving to: 'servstats'

servstats           100%[=====================>]   3.29K  --.-KB/s   in 0s

2017-12-10 17:20:46 (81.2 MB/s) - 'servstats' saved [3371/3371]

(wget-log is empty)

What is your DHCP Address pool starting and ending address in the router LAN settings?
Are you sure there's no other device connecting with the 192.168.1.2?

 

[Lynoad]

What is your DHCP Address pool starting and ending address in the router LAN settings?
Are you sure there's no other device connecting with the 192.168.1.2?

Excellent questions.
IP Pool Starting Address: 192.168.1.3
IP Pool Ending Address: 192.168.1.254
I haven't explicitly configured anything other than ps to use 192.168.1.2. Would VMWare do that, maybe? It's always resident on my usually-connected laptop. Otherwise, no.

 

[thelonelycoder]

Excellent questions.
IP Pool Starting Address: 192.168.1.3
IP Pool Ending Address: 192.168.1.254
I haven't explicitly configured anything other than ps to use 192.168.1.2. Would VMWare do that, maybe? It's always resident on my usually-connected laptop. Otherwise, no.

Next time it happens, check what IPs devices have. If you tracert/traceroute the ps IP from a device it should end at the router, not another device.