What's new

Diversion Diversion - the Router Ad-Blocker v4.2.x (see new thread for 4.3.x)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I enabled it, and waiting for my family's screams as I beta test it on them... everything is still quiet on the homefront! :)
No interruptions so far with the six Apple devices here - or any of the other Linux and Windows boxes.
 
Haven’t scanned my dnsmasq log yet, but all my Apple devices are working fine so far. Except Siri. She’s still as bitchy as ever.
Use this to see how many type 65 query were made. They stop right at the time tb is enabled.

Substitute aword with opt and bword with var
grep type=65 /aword/bword/log/dnsmasq.log | wc -l

Use this to see the last entry:
grep type=65 /aword/bword/log/dnsmasq.log
 
Last edited:
Appreciating all the enhancements to Diversion! Following this guide for Pixelserv CA certificate https://github.com/kvic-z/pixelserv...ificate#import-pixelserv-ca-on-client-devices
Running iOS 15.5 & iOS 15.6 (Beta6) on our iPhone 13's but after ca.crt certificate download via Safari or Firefox, it's not present to Enable in Trust Settings? The requested step...
==> Since iOS 10.3, a user-installed CA cert requires enabling trust explicitly.
  • Go to Settings > General About > Certificate Trust Settings.
  • Under Enable full trust for root certificates, turn on trust for Pixelserv CA.
 
Appreciating all the enhancements to Diversion! Following this guide for Pixelserv CA certificate https://github.com/kvic-z/pixelserv...ificate#import-pixelserv-ca-on-client-devices
Running iOS 15.5 & iOS 15.6 (Beta6) on our iPhone 13's but after ca.crt certificate download via Safari or Firefox, it's not present to Enable in Trust Settings? The requested step...
==> Since iOS 10.3, a user-installed CA cert requires enabling trust explicitly.
  • Go to Settings > General About > Certificate Trust Settings.
  • Under Enable full trust for root certificates, turn on trust for Pixelserv CA.
Steps to import the pixelserv-tls certificate in iOS devices.
1. Open http://pixelserv-tls IP/ca.crt in Safari.
2. Allow download of configuartion file in Safari.
3. Go to Settings / General / VPN & Device Management.
4. Click on Pixelserv CA and after reviewing content click Install in top right.
5. Go to Settings / General / About / Certificate Trust Settings and make sure it is on.
 
Steps to import the pixelserv-tls certificate in iOS devices.
1. Open http://pixelserv-tls IP/ca.crt in Safari.
2. Allow download of configuartion file in Safari.
3. Go to Settings / General / VPN & Device Management.
4. Click on Pixelserv CA and after reviewing content click Install in top right.
5. Go to Settings / General / About / Certificate Trust Settings and make sure it is on.
Bingo, all operational now, thank-you. Donation inbound as a general thank-you for this app and updates in recent days.
 
Bingo, all operational now, thank-you. Donation inbound as a general thank-you for this app and updates in recent days.
Thank you, received and much appreciated.
 
Use this to see how many type 65 query were made. They stop right at the time tb is enabled.

Substitute aword with opt and bword with var
grep type=65 /aword/bword/log/dnsmasq.log | wc -l

Use this to see the last entry:
grep type=65 /aword/bword/log/dnsmasq.log
Hmmm.
What have I done wrong?
I have enabled type 65 blocking but the first grep gets me an ever increasing count, the second grep an ever increasing list up to the moment in real time. No stop?
 
Hmmm.
What have I done wrong?
I have enabled type 65 blocking but the first grep gets me an ever increasing count, the second grep an ever increasing list up to the moment in real time. No stop?

Time to get the family to switch to Android! :p
 
Use this to see how many type 65 query were made. They stop right at the time tb is enabled.

Substitute aword with opt and bword with var
grep type=65 /aword/bword/log/dnsmasq.log | wc -l

Use this to see the last entry:
grep type=65 /aword/bword/log/dnsmasq.log
Type 65 blocking doesn’t appear to be working via IPv6.
Disabled IPv6 on router, type 65 is no more………
 
Type 65 blocking doesn’t appear to be working via IPv6.
Disabled IPv6 on router, type 65 is no more………
The neighbors cat will never let me forget that.
 
Diversion 4.3.1 is now available

What's new
- Adds option to block type 65 queries in tb using iptables.

Thanks for all the contributors in these threads - and surely elsewhere:

iOS 14 and newer, as well as a growing number of apps or devices use the type 65 query.
Dnsmasq currently has no option to suppress or specifically handle these types of queries and therefore circumvent Diversion ad-blocking.

How to update Diversion
Use u or the WebUI function to update to this latest version.

e4gdc5wpg4r.png
Yea unfortunately the only way to dnsmasq the type 65 queries without the aid of the firewall is by query type per specific domain. Imagine a lot of domains using query type 65, this is why it was determined iptables are more sufficient.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top