Menu
What's new
By:
Filters Better Search

Diversion Diversion 4.3.3 - the Router Ad-Blocker, released April 02 2023

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

SomeWhereOverTheRainBow said:
It is possible to map all ipv6 request to the same ipv4 address by specifying ::ffff:192.168.50.3 for ipv6 replies instead of [::]. This will allow ipv4 to also handle ipv6 blocking. pixelserv-tls and dnsmasq understand these modifications. When pixelserv-tls recieves it , it assumes it is from ipv4, dnsmasq does all the magic. (this will only work with pixelserv-tls, generic diversion-lite blocking would have to be ::, since the main is 0.0.0.0 )
Click to expand...
I have IPv4 requests mapped to 192.168.50.3 using generic Diversion-Lite blocking, if I also want to apply it to IPv6 requests, what exactly should I specify in the for IPv6 box? Should I leave it blank or do I specify a code (I'm not clear on what you meant by [::])? Thank you.
 

Attachments

  • Router Screen Shot.png
    Router Screen Shot.png
    165.2 KB · Views: 74
Dux said:
I have IPv4 requests mapped to 192.168.50.3 using generic Diversion-Lite blocking, if I also want to apply it to IPv6 requests, what exactly should I specify in the for IPv6 box? Should I leave it blank or do I specify a code (I'm not clear on what you meant by [::])? Thank you.
Click to expand...
::ffff:c0a8:3203 is what you would use to replace ipv6, other wise blocked ipv6 requests get handled by [::], but my post is old and has nothing to do with diversion lite, it is meant for diversion standard.
 
Last edited:
Hi.

Does anyone have a Hosts file with Reddit addresses to block their ads?
 
hi all! can anyone share some insight as to how type=65 blocking is achieved in Diversion? is it purely in dnsmasq, or are there firewall rules involved as well?
 
Jack Yaz said:
can you share the applicable rules? i'm trying to help someone track down why YazFi is bypassing it and not sure what I'm looking for without going through Diversion's code :)
Click to expand...
They’re here in the forum somewhere, I’ve done much searching but no joy.
I’ll keep hunting……
 
Jack Yaz said:
can you share the applicable rules? i'm trying to help someone track down why YazFi is bypassing it and not sure what I'm looking for without going through Diversion's code :)
Click to expand...
Discussion here….

www.snbforums.com

Diversion - Diversion - the Router Ad-Blocker v4.2.x (see new thread for 4.3.x)

Anywayz, Does Diversion work on firmware as old as 380.70? Sure does, all functions work on it. One of my RT-AC66U test routers remains in perpetuity on that firmware. The other runs Johns fork.
www.snbforums.com www.snbforums.com
 
SomeWhereOverTheRainBow said:
The biggest problem with using the type65 firewall rules is that it seems to break functionality of using certain web browsers on certain websites as well.
Click to expand...
I remember asking you for help with this. On iOS devices checking dnscheck.tools it wont’t give the latency result and slow to check other DNSSEC extensions
 
All Apple house here.
Type 65 blocking solved the mystery of ads from blocked domains appearing. All fixed now.;)
 
SomeWhereOverTheRainBow said:
The biggest problem with using the type65 firewall rules is that it seems to break functionality of using certain web browsers on certain websites as well.
Click to expand...
Yes, unfortunately it breaks some site. For the time being, I don't feel much of the impact yet so I still have the rules applied.

Mogsy said:
I remember asking you for help with this. On iOS devices checking dnscheck.tools it wont’t give the latency result and slow to check other DNSSEC extensions
Click to expand...
Same happened to www.dnssec-or-not.com
As see from packet capture, iOS device only send HTTPS query to this site. There is no response because HTTPS query is dropped by our rule. By the time it send a Type A query, it is to "bad.dnssec-or-not.com". So, this DNSSEC test site does not work when we block type 65 query.
In a way, the rule is working as expected by dropping type 65 HTTPS query.
2022-12-20 18_45_51-test6.pcap.png


In comparison, sample below is what normally happened. iOS device send HTTPS query followed by type A query. HTTPS query is dropped. Type A query is processed by adblock. In this sample, it is blocked and the response is 0.0.0.0.
If we do not apply type65 blocking here, this HTTPS query will get resolved and not blocked.
2022-12-20 19_06_48-test4.pcap.png
 
Treadler said:
All Apple house here.
Type 65 blocking solved the mystery of ads from blocked domains appearing. All fixed now.;)
Click to expand...
Actually it does break some sites. For such sites, it appears idevice keep sending HTTPS query and does not revert to type A query. In my normal usage, I don't remember hitting this issue so I keep the rule. Once we are used to ads free browsing, it is an eyesore to see ads popping up in browser or apps.
 
chongnt said:
Actually it does break some sites. For such sites, it appears idevice keep sending HTTPS query and does not revert to type A query. In my normal usage, I don't remember hitting this issue so I keep the rule. Once we are used to ads free browsing, it is an eyesore to see ads popping up in browser or apps.
Click to expand...
I like how pihole blocks these query- it returns an empty response whereas the firewall rule simply refuses to connect. Probably why some sites break.
 
How do you fix this error? Showed up after Entware update on my AX58U #1, standalone.

i Updating ads counter...

/opt/bin/grep: warning: stray \ before /
/opt/bin/grep: warning: stray \ before /
/opt/bin/grep: warning: stray \ before /
/opt/bin/grep: warning: stray \ before /
/opt/bin/grep: warning: stray \ before /


A uninstall and reinstall of Diversion from backup didn't work, fresh install didn't work.
Uninstalled Skynet and reinstalled, appears OK.
Unbound, appears OK.
 
John Fitzgerald said:
How do you fix this error? Showed up after Entware update on my AX58U #1, standalone.

i Updating ads counter...

/opt/bin/grep: warning: stray \ before /
/opt/bin/grep: warning: stray \ before /
/opt/bin/grep: warning: stray \ before /
/opt/bin/grep: warning: stray \ before /
/opt/bin/grep: warning: stray \ before /


A uninstall and reinstall of Diversion from backup didn't work, fresh install didn't work.
Uninstalled Skynet and reinstalled, appears OK.
Unbound, appears OK.
Click to expand...
Check this thread

www.snbforums.com

Scribe - Scribe "Grep" Error Has Recently Appeared?

Is anyone else seeing a Scribe cli error after the most recent updates to Entware and/or upgrading to Merlin 388.1? Can't pin down when it changed exactly but now when I run an "s" command for "Show scribe status" it mostly appears to be OK but mixed in there I get a grep: warning: stray \...
www.snbforums.com www.snbforums.com
 
SomeWhereOverTheRainBow said:
Check this thread

www.snbforums.com

Scribe - Scribe "Grep" Error Has Recently Appeared?

Is anyone else seeing a Scribe cli error after the most recent updates to Entware and/or upgrading to Merlin 388.1? Can't pin down when it changed exactly but now when I run an "s" command for "Show scribe status" it mostly appears to be OK but mixed in there I get a grep: warning: stray \...
www.snbforums.com www.snbforums.com
Click to expand...

This only shows up briefly when you call up Diversion option #1, not anything else.

This is in spite of force updating AMTM, Diversion, Skynet and Unbound, after the Entware update.
Also this seems to have only happened on 1 of 4 routers. Maybe needs a second look on my part.

Thank you for the link.
 
As an experiment I started over, FD the drive and install all scripts from scratch. Format JFFS.

Problem gone.
So my feeling is that the Entware update does not play well with Diversion and that the integration could not be accomplished. The other scripts appeared not to be affected. FWIW.
 
You must log in or register to reply here.

Similar threads

thelonelycoder
Diversion Diversion 5.1.2 - the Router Ad-Blocker, April 21, 2024
27 28 29
Replies
567
Views
51K
martinr
M
thelonelycoder
Diversion Diversion - the Router Ad-Blocker v4.2.x (see new thread for 4.3.x)
23 24 25
Replies
499
Views
102K
Treadler
Treadler
Jack Yaz
YazFi YazFi v4.x - continued
4 5 6
Replies
107
Views
15K
Martinski
M
Viktor Jaep
BACKUPMON BACKUPMON v1.7.2 -Apr 1, 2024- Backup/Restore your Router: JFFS + NVRAM + External USB Drive! CIFS/SMB/NFS! (Now available in AMTM!)
9 10 11
Replies
204
Views
10K
ColinTaylor
C
ExtremeFiretop
MerlinAU MerlinAU v1.1.1 - The Ultimate Firmware Auto-Updater (Now available in AMTM)
15 16 17
Replies
332
Views
31K
maghuro
maghuro
Similar threads
Thread starter Title Forum Replies Date
thelonelycoder Diversion Diversion 5.1.2 - the Router Ad-Blocker, April 21, 2024 Asuswrt-Merlin AddOns 567
cofetym Diversion Diversion & Skynet Missing on GUI after Router Reboot. Asuswrt-Merlin AddOns 7
D uiDivStats Diversion Statistics Report: you don't have a weekly stats file from Diversion present on your router. Asuswrt-Merlin AddOns 1
thelonelycoder uiDivStats uiDivstats 4.0.0 - WebUI Stats for Diversion, April 21, 2024 Asuswrt-Merlin AddOns 27
R Diversion Diversion and Ubisoft Connect - how to find out what is the problematic block? Asuswrt-Merlin AddOns 5
Philip Bondi Diversion Diversion 5.0 ad blocking sample; very happy with user experience Asuswrt-Merlin AddOns 7
B Diversion Diversion help Asuswrt-Merlin AddOns 14
C Diversion Pixelserv replacement Asuswrt-Merlin AddOns 2
A Diversion apparently blocks domains not included in any list Asuswrt-Merlin AddOns 9
E Diversion GUI not working Asuswrt-Merlin AddOns 1

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,004 (members: 24, guests: 980)
Top