• ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

dave14305

Part of the Furniture
ok there shouldn't be that many. if you review /opt/var/log/dnsmasq.log can you post the snippet with the ptr queries?
I would vote to ignore the IPv6 local client IPs.
 

zaxcom

Regular Contributor
Ok, here is a link to the log output. I see some other odd things in that log too. There are IPv4 PTR requests to devices and IP addresses that don't exist on my network. I don't have anything higher than .26

 

CaptnDanLKW

Regular Contributor
I finally pulled the trigger and added Diversion with the single 'Standard' block list. I've turned off Edge's Tracking prevention and disabled Ghostery in Chrome. So far things feel about the same for most web browsing. I am hoping it can stop some of the the streaming content commercials, though I suspect this will always be a cat and mouse game. Next will be to enable the youtube ad filtering but I suspect that will be more troublesome.

Next step? Start at post #1 and read the 396 pages / 7,343 posts. Only then, if I have questions, I will ask...
 

Dinkygizmo

New Around Here
Just reset my router and installed this again. What is causing this pop up ?

SECURITY ALERT
Revocation informationfor the security certificatefor this site is not available. Do you want to proceed
 

Skillz

Occasional Visitor
Does restarting the router affect the experimental youtube blocker?
In other words, does YT blocker build some kind of cache that get's wiped on a router restart?
Just asking as I restart my router everyday.

edit: And does a wan ip change also affect the YT blocker?
 

thelonelycoder

Part of the Furniture
... Next will be to enable the youtube ad filtering but I suspect that will be more troublesome.

Next step? Start at post #1 and read the 396 pages / 7,343 posts. Only then, if I have questions, I will ask...
The setup for the experimental YouTube video ads blocking is trivial, just follow the on screen guide. As for it's effectiveness - it's a mixed bag. Some have more success than others. Don't expect it to block it all ads. With the release of the next Diversion update an improved version will come along. This version is marginally better in my testing than the current released version.
And have fun reading this thread. There's a lot to learn along with some entertainment with the occasional off topic posts which are sprinkled throughout.
 

thelonelycoder

Part of the Furniture
Just reset my router and installed this again. What is causing this pop up ?

SECURITY ALERT
Revocation informationfor the security certificatefor this site is not available. Do you want to proceed
I'd start with purging the pixelserv-tls domain certificates in ep, 3, 1.
Then they should disappear. Next import/replace the new pixelserv-tls into browsers/devices which probably was generated new when reinstalling Diversion.
 

thelonelycoder

Part of the Furniture
Does restarting the router affect the experimental youtube blocker?
In other words, does YT blocker build some kind of cache that get's wiped on a router restart?
Just asking as I restart my router everyday.
The domain list is written to a file, there is no chaching except Dnsmasq that loads the file into memory whenever it starts/restarts.
You can safely restart your router as often as you deem necessary.
 

Dinkygizmo

New Around Here
What does
Remember to import the pixelserv-tls certificate into browsers and devices
open 192.168.1.2/ca.crt in browser, mean

I've been right through this thread and havent found the answer, you would think it would be part of the guide. I downloaded the ca.crt from firefox, do I import back into firefox ??
 

no_name

Regular Contributor
What does
Remember to import the pixelserv-tls certificate into browsers and devices
open 192.168.1.2/ca.crt in browser, mean

I've been right through this thread and havent found the answer, you would think it would be part of the guide. I downloaded the ca.crt from firefox, do I import back into firefox ??

I found this guide

 

zaxcom

Regular Contributor
Ok, here is a link to the log output. I see some other odd things in that log too. There are IPv4 PTR requests to devices and IP addresses that don't exist on my network. I don't have anything higher than .26


So I am still seeing several hundred PTR requests at the top of each hour. I have tried changing from Stateless to Stateful in my IPv6 config, tried removing Unbound and just using DNSMASQ, rebooted several times, but these massive bursts persist. I have run out of ideas if this is truly an out of normal condition I am seeing.
 

Jack Yaz

Part of the Furniture
So I am still seeing several hundred PTR requests at the top of each hour. I have tried changing from Stateless to Stateful in my IPv6 config, tried removing Unbound and just using DNSMASQ, rebooted several times, but these massive bursts persist. I have run out of ideas if this is truly an out of normal condition I am seeing.
can you send me a copy of ipdistinctclients.js , should be in /opt/share/uiDivStats.d/csv ?
 

#TY

Senior Member
The setup for the experimental YouTube video ads blocking is trivial, just follow the on screen guide. As for it's effectiveness - it's a mixed bag. Some have more success than others. Don't expect it to block it all ads. With the release of the next Diversion update an improved version will come along. This version is marginally better in my testing than the current released version.
And have fun reading this thread. There's a lot to learn along with some entertainment with the occasional off topic posts which are sprinkled throughout.
I get more ads since enabling it lol
 

thelonelycoder

Part of the Furniture
I get more ads since enabling it lol
That would mean that the YT coders found out about this (marginally) effective trick and adapted to it. I doubt it though.
 

CannaLucente

Occasional Visitor
Hi, cross-posting from another thread as it is relevant to Diversion and can help other users.

In the page https://diversion.ch/faq-reader/diversion-is-installed-and-i-still-see-ads.html it is mentioned

Newer Android Devices use hard coded IP addresses for some domains. This circumvents Dnsmasq and with it Diversion.
To force all devices to resolve through your router, set Enable DNS-based Filtering to ON in LAN / DNSFilter on the router WebUI. Then select Router as the Global Filter Mode.

I have done that but didn't work for my Oneplus 6t. Having searched further, I have found this thread:


The advice is basically to force the DNS from the router. I have tested it and it works.

Do you see any issue if I hard code my router IP as primary and secondary DNS in LAN --> DHCP Server --> DNS and WINS Server Setting?

Thank you!
 

thelonelycoder

Part of the Furniture
Hi, cross-posting from another thread as it is relevant to Diversion and can help other users.

In the page https://diversion.ch/faq-reader/diversion-is-installed-and-i-still-see-ads.html it is mentioned

Newer Android Devices use hard coded IP addresses for some domains. This circumvents Dnsmasq and with it Diversion.
To force all devices to resolve through your router, set Enable DNS-based Filtering to ON in LAN / DNSFilter on the router WebUI. Then select Router as the Global Filter Mode.

I have done that but didn't work for my Oneplus 6t. Having searched further, I have found this thread:


The advice is basically to force the DNS from the router. I have tested it and it works.

Do you see any issue if I hard code my router IP as primary and secondary DNS in LAN --> DHCP Server --> DNS and WINS Server Setting?

Thank you!
Per the Dnsmasq Man page:
By default, dnsmasq sends some standard options to DHCP clients, the netmask and broadcast address are set to the same as the host running dnsmasq, and the DNS server and default route are set to the address of the machine running dnsmasq.
This is also shown as a hint when hovering over the DNS Server 1 and 2 fields.
One would expect this to work as is. But it looks like some devices just need some more enforcing than the workaround that I posted on the Diversion website.
It seems to be a matter of the time that apps and devices may come with hard coded ways to resolve things. That was not the case years ago.

Let me know how setting DNS Server 1 and DNS Server 2 to the routers IP works after a while. I've set them on my main router too to see for myself.
 

CannaLucente

Occasional Visitor
Let me know how setting DNS Server 1 and DNS Server 2 to the routers IP works after a while. I've set them on my main router too to see for myself.

So far so good... Been using it all day, in and out of work VPN, many devices etc. and all seems to be working properly (TV, mobile, laptops etc.). Will let you know should I find any surprises but for now it's perfect...

Thanks for this great tool!
 

Treadler

Very Senior Member
Per the Dnsmasq Man page:
This is also shown as a hint when hovering over the DNS Server 1 and 2 fields.
One would expect this to work as is. But it looks like some devices just need some more enforcing than the workaround that I posted on the Diversion website.
It seems to be a matter of the time that apps and devices may come with hard coded ways to resolve things. That was not the case years ago.

Let me know how setting DNS Server 1 and DNS Server 2 to the routers IP works after a while. I've set them on my main router too to see for myself.

I’ve set Server1 & 2 to = my router’s ip.
Router took offence & needed a reboot to function once more, but, all good since then.:cool:
 

Skillz

Occasional Visitor
I'm trying to add <here was a link to an host file> as a custom host list (yt blocking testing purposes), but the list doesn't seem to be loading properly. None of the blocked domains are found when I try to search for them. Is it because of the size of this host file?

update: the host file sadly also doesn't block yt videos and even prevents them from playing!
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top