Diversion Diversion - the Router Ad-Blocker

[Asus_User_4886]

It depends on your device (Android or iOS). On iOS I would go to Settings - Wi-Fi and tap the i icon to the far right of my WiFi network name. Then scroll to the DNS section to verify “Configure DNS” is set to Automatic. Then tap automatic and it should show you the IP being used.

OK.
I'm using Android, so I downloaded an app called Network Info II, and I can confirm that my wifi DNS server is 192.168.1.1 .
Also, I checked again, and it seems that ads are now indeed blocked on my mobile device via my wifi network.
No idea what caused the problem, but thank you anyway for the quick response.

 

[dave14305]

OK.
I'm using Android, so I downloaded an app called Network Info II, and I can confirm that my wifi DNS server is 192.168.1.1 .
Also, I checked again, and it seems that ads are now indeed blocked on my mobile device via my wifi network.
No idea what caused the problem, but thank you anyway for the quick response.

Good news! Perhaps your device was caching DNS records for a time.

 

[loveleeyoungae]

OK.
I'm using Android, so I downloaded an app called Network Info II, and I can confirm that my wifi DNS server is 192.168.1.1 .
Also, I checked again, and it seems that ads are now indeed blocked on my mobile device via my wifi network.
No idea what caused the problem, but thank you anyway for the quick response.

And if you're using Chrome, it sometimes will bypass your DNS setting to use Google DNS. Just search "Chrome Async Dns" and disable it if you want.

 

[Asus_User_4886]

And if you're using Chrome, it sometimes will bypass your DNS setting to use Google DNS. Just search "Chrome Async Dns" and disable it if you want.

I just did, thanks for the tip.

 

[Asus_User_4886]

Despite what is written in Diversion's FAQ, is it possible to block YouTube ads?

 

[thelonelycoder]

Despite what is written in Diversion's FAQ, is it possible to block TouTube ads?

toutube ads are entirely blocked, even without an adblocker installed. As for the more popular youtube site, there is no proven way of blocking in-video ads, even with the recently posted trick a few pages back.

 

[Asus_User_4886]

toutube ads are entirely blocked, even without an adblocker installed. As for the more popular youtube site, there is no proven way of blocking in-video ads, even with the recently posted trick a few pages back.

Obviously it was a typo, and I meant to YouTube.
No need for sarcasm.

 

[thelonelycoder]

Obviously it was a typo, and I meant to YouTube.
No need for sarcasm.

Wasn't meant as sarcasm as the domain does not exist, hence no ads.

 

[Asad Ali]

Despite what is written in Diversion's FAQ, is it possible to block YouTube ads?

And in any case it's written in FAQ for a reason, otherwise why would @thelonelycoder wrote that. [emoji1787][emoji1787]

 

[DonnyJohnny]

Obviously it was a typo, and I meant to YouTube.
No need for sarcasm.

How do we know? And FAQ are there for a reason. Instead of apologising for typo and showing your appreciation of getting a reply, you said people are sarcastic. If you don’t proof read what you are writing don’t blame others.

Raw WHOIS Record
Domain Name: toutube.com
Registry Domain ID: 1015981913_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.ionos.com
Registrar URL: http://ionos.com
Updated Date: 2018-04-12T22:03:51.000Z
Creation Date: 2007-06-07T18:47:19.000Z
Registrar Registration Expiration Date: 2019-06-07T18:47:19.000Z
Registrar: 1&1 IONOS SE
Registrar IANA ID: 83
Registrar Abuse Contact Email: abuse@ionos.com
Registrar Abuse Contact Phone: +1.8774612631
Reseller:
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID: REDACTED FOR PRIVACY
Registrant Name: REDACTED FOR PRIVACY
Registrant Organization: 1&1 Internet Inc
Registrant Street: REDACTED FOR PRIVACY
Registrant City: REDACTED FOR PRIVACY
Registrant State/Province: PA
Registrant Postal Code: REDACTED FOR PRIVACY
Registrant Country: US
Registrant Phone: REDACTED FOR PRIVACY
Registrant Phone Ext: REDACTED FOR PRIVACY
Registrant Fax: REDACTED FOR PRIVACY
Registrant Fax Ext: REDACTED FOR PRIVACY
Registrant Email: dataprivacyprotected@1und1.de
Registry Admin ID: REDACTED FOR PRIVACY
Admin Name: REDACTED FOR PRIVACY
Admin Organization: REDACTED FOR PRIVACY
Admin Street: REDACTED FOR PRIVACY
Admin City: REDACTED FOR PRIVACY
Admin State/Province: REDACTED FOR PRIVACY
Admin Postal Code: REDACTED FOR PRIVACY
Admin Country: REDACTED FOR PRIVACY
Admin Phone: REDACTED FOR PRIVACY
Admin Phone Ext: REDACTED FOR PRIVACY
Admin Fax: REDACTED FOR PRIVACY
Admin Fax Ext: REDACTED FOR PRIVACY
Admin Email: dataprivacyprotected@1und1.de
Registry Tech ID: REDACTED FOR PRIVACY
Tech Name: REDACTED FOR PRIVACY
Tech Organization: REDACTED FOR PRIVACY
Tech Street: REDACTED FOR PRIVACY
Tech City: REDACTED FOR PRIVACY
Tech State/Province: REDACTED FOR PRIVACY
Tech Postal Code: REDACTED FOR PRIVACY
Tech Country: REDACTED FOR PRIVACY
Tech Phone: REDACTED FOR PRIVACY
Tech Phone Ext: REDACTED FOR PRIVACY
Tech Fax: REDACTED FOR PRIVACY
Tech Fax Ext: REDACTED FOR PRIVACY
Tech Email: dataprivacyprotected@1und1.de
Nameserver: ns1122.ui-dns.de
Nameserver: ns1122.ui-dns.biz
Nameserver: ns1122.ui-dns.org
Nameserver: ns1122.ui-dns.com
DNSSEC: Unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/

>>> Last update of WHOIS database: 2018-11-25T14:40:49Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

 

[Asus_User_4886]

How do we know? And FAQ are there for a reason. Instead of apologising for typo and showing your appreciation of getting a reply, you said people are sarcastic. If you don’t proof read what you are writing don’t blame others.

You're right, my bad.
Please accept my apologies and appreciation.

 

[thelonelycoder]

How do we know? And FAQ are there for a reason. Instead of apologising for typo and showing your appreciation of getting a reply, you said people are sarcastic. If you don’t proof read what you are writing don’t blame others.

Raw WHOIS Record
Domain Name: toutube.com
Registry Domain ID: 1015981913_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.ionos.com
Registrar URL: http://ionos.com
Updated Date: 2018-04-12T22:03:51.000Z
Creation Date: 2007-06-07T18:47:19.000Z
Registrar Registration Expiration Date: 2019-06-07T18:47:19.000Z
Registrar: 1&1 IONOS SE
Registrar IANA ID: 83
Registrar Abuse Contact Email: abuse@ionos.com
Registrar Abuse Contact Phone: 1.8774612631
Reseller:
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID: REDACTED FOR PRIVACY
Registrant Name: REDACTED FOR PRIVACY
Registrant Organization: 1&1 Internet Inc
Registrant Street: REDACTED FOR PRIVACY
Registrant City: REDACTED FOR PRIVACY
Registrant State/Province: PA
Registrant Postal Code: REDACTED FOR PRIVACY
Registrant Country: US
Registrant Phone: REDACTED FOR PRIVACY
Registrant Phone Ext: REDACTED FOR PRIVACY
Registrant Fax: REDACTED FOR PRIVACY
Registrant Fax Ext: REDACTED FOR PRIVACY
Registrant Email: dataprivacyprotected@1und1.de
Registry Admin ID: REDACTED FOR PRIVACY
Admin Name: REDACTED FOR PRIVACY
Admin Organization: REDACTED FOR PRIVACY
Admin Street: REDACTED FOR PRIVACY
Admin City: REDACTED FOR PRIVACY
Admin State/Province: REDACTED FOR PRIVACY
Admin Postal Code: REDACTED FOR PRIVACY
Admin Country: REDACTED FOR PRIVACY
Admin Phone: REDACTED FOR PRIVACY
Admin Phone Ext: REDACTED FOR PRIVACY
Admin Fax: REDACTED FOR PRIVACY
Admin Fax Ext: REDACTED FOR PRIVACY
Admin Email: dataprivacyprotected@1und1.de
Registry Tech ID: REDACTED FOR PRIVACY
Tech Name: REDACTED FOR PRIVACY
Tech Organization: REDACTED FOR PRIVACY
Tech Street: REDACTED FOR PRIVACY
Tech City: REDACTED FOR PRIVACY
Tech State/Province: REDACTED FOR PRIVACY
Tech Postal Code: REDACTED FOR PRIVACY
Tech Country: REDACTED FOR PRIVACY
Tech Phone: REDACTED FOR PRIVACY
Tech Phone Ext: REDACTED FOR PRIVACY
Tech Fax: REDACTED FOR PRIVACY
Tech Fax Ext: REDACTED FOR PRIVACY
Tech Email: dataprivacyprotected@1und1.de
Nameserver: ns1122.ui-dns.de
Nameserver: ns1122.ui-dns.biz
Nameserver: ns1122.ui-dns.org
Nameserver: ns1122.ui-dns.com
DNSSEC: Unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/

>>> Last update of WHOIS database: 2018-11-25T14:40:49Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

Didn't actually check the whois DB, but, you know (REDACTED FOR PRIVACY). Amirite?

 

[robca]

I'm fed up with Microsoft turning on ATP/Safelinks every few months, and mangling my emails/reducing my security/snooping even more than they usually do.

So I want to add the Safelink domain to the wc_blacklist file, so that every time they turn it on, I will notice it right away (usually it takes a few weeks for me to notice)

Problem is, the domain name is *.safelinks.protection.outlook.com (with * being the actual server used). If I understand wc-blacklist correctly, it only recognizes a domain, not an URL formed like the previous one, and even if I'm sure it's probably the best option, I can't simply blacklist outlook.com, since that would completely break my email

Is there a way to add entries like safelinks.protection.outlook.com in wc_blacklist? I tried, and doesn't seem to work

Thanks, Rob

 

[Jest]

Hi.
I'm trying to install diversion on my RT-N18U with HGG 380.70.1 RC2 firmware, 16GB ext2 thumbdrive with entware installed.
But i get an error while installing.

✔ Diversion is now ready to install,
this process runs fully automatic.

! Press [Enter] to continue


✔ Diversion directory structure created
at /opt/share/diversion

i Getting Diversion Standard files
from diversion.ch
✔ functions.div integrated
✔ install.div integrated
✔ post-conf.div integrated
✔ post-mount.div integrated
✔ rc.func.div integrated
✔ rotate-logs.div integrated
✔ S80pixelserv-tls integrated
✔ theme.div integrated
✔ update-bf.div integrated
✔ write-config.div integrated

i Checking white and blacklists
✔ Whitelist
✔ Blacklist
✔ Wildcard blacklist

i Probing for pixelserv-tls
Inconsistency detected by ld.so: get-dynamic-info.h: 133: elf_get_dynamic_info: Assertion `info[DT_RELENT]->d_un.d_val == sizeof (ElfW(Rel))' failed!
i Installing pixelserv-tls

Inconsistency detected by ld.so: get-dynamic-info.h: 133: elf_get_dynamic_info: Assertion `info[DT_RELENT]->d_un.d_val == sizeof (ElfW(Rel))' failed!
Inconsistency detected by ld.so: get-dynamic-info.h: 133: elf_get_dynamic_info: Assertion `info[DT_RELENT]->d_un.d_val == sizeof (ElfW(Rel))' failed!

Inconsistency detected by ld.so: get-dynamic-info.h: 133: elf_get_dynamic_info: Assertion `info[DT_RELENT]->d_un.d_val == sizeof (ElfW(Rel))' failed!
____ _ _
| _ \(_)_ _____ _ __ ___(_) ___ _ __
| | | | \ \ / / _ \ '__/ __| |/ _ \| '_ \
| |_| | |\ V / __/ | \__ \ | (_) | | | |
|____/|_| \_/ \___|_| |___/_|\___/|_| |_|

This is Diversion 4.0.5 coded by thelonelycoder
____________________________________________________


Welcome to Diversion - the Router Ad-Blocker!

Diversion is not installed on this router...
____________________________________________________

[ Error ] pixelserv-tls install failed.

Install it now? [1=Yes e=Exit]

 

[thelonelycoder]

I'm fed up with Microsoft turning on ATP/Safelinks every few months, and mangling my emails/reducing my security/snooping even more than they usually do.

So I want to add the Safelink domain to the wc_blacklist file, so that every time they turn it on, I will notice it right away (usually it takes a few weeks for me to notice)

Problem is, the domain name is *.safelinks.protection.outlook.com (with * being the actual server used). If I understand wc-blacklist correctly, it only recognizes a domain, not an URL formed like the previous one, and even if I'm sure it's probably the best option, I can't simply blacklist outlook.com, since that would completely break my email

Is there a way to add entries like safelinks.protection.outlook.com in wc_blacklist? I tried, and doesn't seem to work

Thanks, Rob

Adding safelinks.protection.outlook.com to the wildcard blacklist works just fine.
Did you enter it through the UI or manually? Did you process the list after adding it?
If you added it manually, make sure to only add one domain per line, nothing else. The wc_blacklist is not the same format as the blacklist. If unsure, add it through the UI.

 

[thelonelycoder]

Hi.
I'm trying to install diversion on my RT-N18U, 16GB ext2 thumbdrive with entware installed.
But i get an error while installing.

✔ Diversion is now ready to install,
this process runs fully automatic.

! Press [Enter] to continue


✔ Diversion directory structure created
at /opt/share/diversion

i Getting Diversion Standard files
from diversion.ch
✔ functions.div integrated
✔ install.div integrated
✔ post-conf.div integrated
✔ post-mount.div integrated
✔ rc.func.div integrated
✔ rotate-logs.div integrated
✔ S80pixelserv-tls integrated
✔ theme.div integrated
✔ update-bf.div integrated
✔ write-config.div integrated

i Checking white and blacklists
✔ Whitelist
✔ Blacklist
✔ Wildcard blacklist

i Probing for pixelserv-tls
Inconsistency detected by ld.so: get-dynamic-info.h: 133: elf_get_dynamic_info: Assertion `info[DT_RELENT]->d_un.d_val == sizeof (ElfW(Rel))' failed!
i Installing pixelserv-tls

Inconsistency detected by ld.so: get-dynamic-info.h: 133: elf_get_dynamic_info: Assertion `info[DT_RELENT]->d_un.d_val == sizeof (ElfW(Rel))' failed!
Inconsistency detected by ld.so: get-dynamic-info.h: 133: elf_get_dynamic_info: Assertion `info[DT_RELENT]->d_un.d_val == sizeof (ElfW(Rel))' failed!

Inconsistency detected by ld.so: get-dynamic-info.h: 133: elf_get_dynamic_info: Assertion `info[DT_RELENT]->d_un.d_val == sizeof (ElfW(Rel))' failed!
____ _ _
| _ \(_)_ _____ _ __ ___(_) ___ _ __
| | | | \ \ / / _ \ '__/ __| |/ _ \| '_ \
| |_| | |\ V / __/ | \__ \ | (_) | | | |
|____/|_| \_/ \___|_| |___/_|\___/|_| |_|

This is Diversion 4.0.5 coded by thelonelycoder
____________________________________________________


Welcome to Diversion - the Router Ad-Blocker!

Diversion is not installed on this router...
____________________________________________________

[ Error ] pixelserv-tls install failed.

Install it now? [1=Yes e=Exit]

Try with a fresh install, not pre-installed Entware. Diversion does the Entware install automatically.

 

[Jack Yaz]

Try with a fresh install, not pre-installed Entware. Diversion does the Entware install automatically.

Might add the firmware being run is of the "not supported" flavour

 

[thelonelycoder]

Might add the firmware being run is of the "not supported" flavour

The post has been locked for the "unsupported term" and released for a reason by a moderator. I'll leave it at that.

 

[robca]

Adding safelinks.protection.outlook.com to the wildcard blacklist works just fine.
Did you enter it through the UI or manually? Did you process the list after adding it?
If you added it manually, make sure to only add one domain per line, nothing else. The wc_blacklist is not the same format as the blacklist. If unsure, add it through the UI.

First of all, thanks for the prompt reply.

I used the UI, selecting "el", then selecting wc-blacklist, then to add a domain to wc blacklist.

When I do it again, I see

Enter your selection [1-5 e=Exit] 3
____________________________________________________

Your wc_blacklist has these 1 entries:

1: safelinks.protection.outlook.com
____________________________________________________

Which tells me the site name is correctly entered

I then select 3 to process the blacklist

But when I click on a safelinks URL (e.g.
https://nam01.safelinks.protection....qofj/PZ5n+ZAee5AEYrqq7p/X6VRNGpBs=&reserved=0 which is redirected to the Android app store) I get redirected to the link originally obfuscated by Safelinks instead of getting the usual error screen in the browser.

I looked at the log, and I see:

Nov 26 16:45:11 dnsmasq[1240]: query[A] nam01.safelinks.protection.outlook.com from 192.168.1.66
Nov 26 16:45:11 dnsmasq[1240]: config nam01.safelinks.protection.outlook.com is 192.168.1.2

instead of the usual

Nov 26 16:45:21 dnsmasq[1240]: query[A] www.googleadservices.com from 192.168.1.66
Nov 26 16:45:21 dnsmasq[1240]: /opt/share/diversion/list/blockinglist www.googleadservices.com is 192.168.1.2

What's also weird is that Diversion is installed on my 192.168.1.1 router, but somehow Diversion seems to redirect to 192.168.1.2 which does not exist on my network currently (usually it's another router)

In the new "follow dnsmasq.log" I see


This follows the Dnsmasq log file (tail -f)

1. Unfiltered log
2. Unfiltered log extra highlighted
3. Filtered by blocked domains
4. Filtered by term

Enter selection [1-4 e=Exit] 3

Press Ctrl-C to exit

16:52:14 blocked by blockinglist teredo.ipv6.microsoft.com
16:52:18 blocked by blockinglist mobile.pipe.aria.microsoft.com
16:52:32 blocked by blockinglist ads.nexage.com
16:52:38 blocked by wc-blacklist nam01.safelinks.protection.outlook.com
16:52:41 blocked by blockinglist www.google-analytics.com
16:52:44 blocked by blockinglist teredo.ipv6.microsoft.com
16:52:47 blocked by blockinglist wpad.Workgroup
16:52:47 blocked by blockinglist nexusrules.officeapps.live.com
16:52:48 blocked by blockinglist nexusrules.officeapps.live.com
16:52:48 blocked by blockinglist wpad.Workgroup
^C
____________________________________________________

But nam01.safelinks.protection.outlook.com is not blocked as expected

Can you try enabling wc_blacklist with just safelinks.protection.outlook.com and then click on the Google store URL to see if you get blocked or not?

 

[dave14305]

What's also weird is that Diversion is installed on my 192.168.1.1 router, but somehow Diversion seems to redirect to 192.168.1.2 which does not exist on my network currently (usually it's another router)

That would usually be the blocking IP assigned to Pixelserv-tls if you installed Diversion Standard.

I have both installed and tested your wc blacklist:

20:19:25 dnsmasq[2387]: query[A] nam01.safelinks.protection.outlook.com from 192.168.1.161
20:19:25 dnsmasq[2387]: blocked by wc-blacklist nam01.safelinks.protection.outlook.com is 192.168.1.2

Got a page that the site could not be found, as expected.

It also matters in terms of output formatting if you follow the dnsmasq log from within Diversion or tail the raw file in /opt/var/log/dnsmasq.log.