Diversion Diversion - the Router Ad-Blocker v4.2.x

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

rankok

New Around Here
Does anybody else have issues to update Diversion?
 

Attachments

  • diversion.jpg
    diversion.jpg
    69.3 KB · Views: 120

Twiglets

Senior Member
Does anybody else have issues to update Diversion?
Ditto, I thought I was somehow being blocked by the diversion.ch site ???

I had Diversion 4.1.12 running fine on RT-AC56U and now I cannot install amtm to do a fresh install 'from scratch'. !!!

I have tried installing the 374.43 LTS firmware and got the same issues.

Got Diversion 4.2.0 installed and running on 2 routers with no problem.
Must be missing something obvious !!! :)
 

PeterR

Regular Contributor
Does anybody else have issues to update Diversion?
I can force update Diversion, maybe you need to update the entware ca-certificates package?
 

Twiglets

Senior Member
Ditto, I thought I was somehow being blocked by the diversion.ch site ???

I had Diversion 4.1.12 running fine on RT-AC56U and now I cannot install amtm to do a fresh install 'from scratch'. !!!

I have tried installing the 374.43 LTS firmware and got the same issues.

Got Diversion 4.2.0 installed and running on 2 routers with no problem.
Must be missing something obvious !!! :)
This is the verbose error messages I get if I try to download 'amtm' from diversion.ch !!!

[email protected]:/tmp/home/root/test# curl -v -v -v -Os http://diversion.ch/amtm/amtm
* Trying 80.74.145.140...
* TCP_NODELAY set
* Connected to diversion.ch (80.74.145.140) port 80 (#0)
> GET /amtm/amtm HTTP/1.1
> Host: diversion.ch
> User-Agent: curl/7.60.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Server: nginx
< Date: Sun, 03 Oct 2021 16:09:00 GMT
< Content-Type: text/html
< Content-Length: 162
< Connection: keep-alive
< Location: https://diversion.ch/amtm/amtm
<
 

dave14305

Part of the Furniture
This is the verbose error messages I get if I try to download 'amtm' from diversion.ch !!!
Run the same test with https://diversion.ch/amtm/amtm

Code:
curl -vvv https://diversion.ch/amtm/amtm -o /dev/null
*   Trying 80.74.145.140:443...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to diversion.ch (80.74.145.140) port 443 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [25 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [4045 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=diversion.ch
*  start date: Aug  5 23:06:51 2021 GMT
*  expire date: Nov  3 23:06:49 2021 GMT
*  subjectAltName: host "diversion.ch" matched cert's "diversion.ch"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
} [5 bytes data]
> GET /amtm/amtm HTTP/1.1
> Host: diversion.ch
> User-Agent: curl/7.76.1
> Accept: */*
>
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [265 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [265 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Server: nginx
< Date: Sun, 03 Oct 2021 19:30:27 GMT
< Content-Type: text/plain
< Content-Length: 35187
< Connection: keep-alive
< Vary: Accept-Encoding
< Last-Modified: Sun, 11 Jul 2021 14:58:38 GMT
< Accept-Ranges: none
< Vary: Accept-Encoding
<
{ [16127 bytes data]
100 35187  100 35187    0     0  55587      0 --:--:-- --:--:-- --:--:-- 69677
* Connection #0 to host diversion.ch left intact
 

MXM

Regular Contributor

I'm having the same problem on a RT-AC3200.... Unable to update Diversion at all....

[email protected]:/tmp/home/root# curl -vvv https://diversion.ch/amtm/amtm -o /dev/null
* Trying 80.74.145.140:443...
* TCP_NODELAY set
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Connected to diversion.ch (80.74.145.140) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4STRENGTH
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [108 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [4038 bytes data]
* TLSv1.2 (OUT), TLS alert, certificate expired (557):
} [2 bytes data]
* SSL certificate problem: certificate has expired
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Closing connection 0
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
 

Twiglets

Senior Member
I'm having the same problem on a RT-AC3200.... Unable to update Diversion at all....

[email protected]:/tmp/home/root# curl -vvv https://diversion.ch/amtm/amtm -o /dev/null
* Trying 80.74.145.140:443...
* TCP_NODELAY set
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Connected to diversion.ch (80.74.145.140) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4STRENGTH
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [108 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [4038 bytes data]
* TLSv1.2 (OUT), TLS alert, certificate expired (557):
} [2 bytes data]
* SSL certificate problem: certificate has expired
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Closing connection 0
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
Ditto.

Mistyped the original commandline :)

Not sure what files I need to change & how/where !!!???

Solved:
http://www.snbforums.com/threads/ac87u-all-download-attempts-failed.75049/post-716574
 
Last edited:

dave14305

Part of the Furniture
Ditto.

Mistyped the original commandline :)

Not sure what files I need to change & how/where !!!???
It all goes back to the Let's Encrypt root cert expiry. Normally, you could just install curl and ca-certificates from Entware but amtm won't look at Entware's curl. Or see if the AC87U fork has updated certs.
 

Jack Yaz

Part of the Furniture
It all goes back to the Let's Encrypt root cert expiry. Normally, you could just install curl and ca-certificates from Entware but amtm won't look at Entware's curl. Or see if the AC87U fork has updated certs.
Completely wild idea but could you bind mount Entware's curl over the busybox version?
Code:
mount -o bind /opt/bin/curl /usr/sbin/curl
 

BikeHelmet

Regular Contributor
Completely wild idea but could you bind mount Entware's curl over the busybox version?
Code:
mount -o bind /opt/bin/curl /usr/sbin/curl
On my RT-AC3200 at least, there is no curl at that location. I am not sure where it is actually stored?

I'd like to get updated, so once someone has a simple command, let me know and I'll punch it into my router. :p
 

thelonelycoder

Part of the Furniture
Sorting the Whitelist causes the operation to crash within diversion, with the following message:

Sort the file now? [1=Yes e=Exit] 1
awk: cmd. line:1: Unexpected end of string


After which the whitelist is completely wiped (0 entries).

Any ideas?
(obviously I just restored the whitelist from backups, just pointing this out in case it's an obvious bug)
Seeing the same error when sorting wc_blacklist.

Sort the file now? [1=Yes e=Exit] 1
awk: cmd. line:1: Unexpected end of string


After which the wc_blacklist is completely wiped also.
Confirmed, a misplaced piece of code made it there which affects the wildcard and whitelist when sorting.
Fix will be out soon.
 

thelonelycoder

Part of the Furniture
A hotfix for Diversion 4.2.0 has been uploaded, no version change.

This fixes the file sorting error in el. Thanks for reporting.

Use u to update Diversion, or use the WebUI update function.
 

thelonelycoder

Part of the Furniture
On another positive note: My supposedly dead RT-AC87U sprung back to live today, trying to recreate @rankok 's woes with the expired cert.
So, thanks @rankok for encouraging me to try the ASUS Restoration tool one more time on that old router.
 

thelonelycoder

Part of the Furniture
Does anybody else have issues to update Diversion?
I can confirm your error with the RT-AC87U with the old Firmware 384.13_8. Generally, that applies to all old firmware that uses expired root CA's. Unfortunately, there's nothing I can do in amtm or Diversion to circumvent that as both need to download files first to act.
 

Twiglets

Senior Member
I can confirm your error with the RT-AC87U with the old Firmware 384.13_8. Generally, that applies to all old firmware that uses expired root CA's. Unfortunately, there's nothing I can do in amtm or Diversion to circumvent that as both need to download files first to act.
Solved:
http://www.snbforums.com/threads/ac87u-all-download-attempts-failed.75049/post-716574

Setting the .curlrc file in the $HOME directory to 'insecure' works !!!
I had the same issue with RT-AC56U running 384.6 firmware.

At least it will allow you to install updates !!!
:)
 

fweh298hf32lk

New Around Here
I cannnot enable the youtube blocking feature, keep seeing "YouTube IP is not valid"
I tried resetting Dnsmasq log files and watch some youtube clips to no avail
 

Diamond67

Senior Member
A hotfix for Diversion 4.2.0 has been uploaded, no version change.

edit: Problem (described below) solved. After cold boot, option 1 (= Diversion) was missing and I could (re)install Diversion from i-menu. Settings were automatically restored from backup. All is fine now (see message #45).

Something went wrong when I tried to normally install the update using amtm. Diversion did not update.

Now, afterwards, after rebooting the router a couple of times, amtm still shows that update is available
Code:
 1  open     Diversion     v4.2.0  -> min upd

But when I choose 1, to open Diversion menu, it just "refreshes" the amtm page and won't go into Diversion menu at all.

When I go to Merlin GUI LAN - Diversion tab, it also shows that an update is available. But when I try to install the update it shows

Diversion updateDiversion update 0% Reload page

And nothing happens. Until I reboot. But the update fails again. And again.

Seems that my Diversion is somehow broken now. How can I fix it? By reinstalling? Best way to uninstall and reinstall Diversion so that my settings are restored from backup as normally?
 
Last edited:

HorseCalledHorse

Occasional Visitor
Something went wrong when I tried to normally install the update using amtm. Diversion did not update.

Now, afterwards, after rebooting the router a couple of times, amtm still shows that update is available

Seems that my Diversion is somehow broken now. How can I fix it? By reinstalling? Best way to uninstall and reinstall Diversion so that my settings are restored from backup as normally?
Same issue hereon my RT-AC86U. Now getting these errors:

Code:
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
Diversion 4.2.0                  by thelonelycoder

RT-AC86U (aarch64) FW-386.3 @ 192.168.0.1 IPv6

90,966  blocked domains by  0  hosts file(s)
hosts list empty, blocking list update will not run
2.004M t  10,907 w  2,929 n ads since Oct 02 17:20

Also see this:

Code:
Done  Added missing swap file entry to /jffs/scripts/post-mount

Result being my Diversion is, to use the technical term, borked.
 
Last edited:

Diamond67

Senior Member
Same issue here. Now getting these errors:

Code:
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
/opt/bin/diversion: line 66: /opt/bin/grep: Accessing a corrupted shared library
Diversion 4.2.0                  by thelonelycoder

RT-AC86U (aarch64) FW-386.3 @ 192.168.0.1 IPv6

90,966  blocked domains by  0  hosts file(s)
hosts list empty, blocking list update will not run
2.004M t  10,907 w  2,929 n ads since Oct 02 17:20

Also see this:

Code:
Done  Added missing swap file entry to /jffs/scripts/post-mount

Result being my Diversion is, to use the technical term, borked.

I unplugged my router and left home. So, I cannot check the log files at the moment. But yes, borked it is. I mean my Diversion.

I decided not to try and fix the problem because I don't know what the problem is. I hope somebody more experienced person knows what I should do.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top