Diversion Diversion - the Router Ad-Blocker

[codefreeze]

I don't think amtm gives us that possibility to state the size of the Entware partition?



EmeraldDeer has a good point; if you do decide to fully reset your router, it is a good idea to clear away the jffs partition too (use the 'format on next reboot' option), install amtm and then format the USB stick, create a swap file, and install Diversion Standard (which installs Entware and pixelserv-tls).

For the format I would suggest Ext4 with journalling and myself, I use a 2GB swapfile.

Understood. I will then uninstall diversion, reset of router with JFFS purge and then follow the steps for reinstalling diversion. Thank you very much.

 

[EmeraldDeer]

Ah ok. I am thinking for doing the following hope it makes sense?
1. Uninstall diversion
2.use amtm to reintialize the USB partition first because last time I manually created a 16GB ext2 partition on my 32 GB stick.
3. Create swap file with amtm.
4. Reinstall diversion

If none of the above works then a reset after applying latest Merlin FW.

Thanks again for you time.

If I were you, I would just have amtm create swap for now to see if it stabilizes the router with Diversion.
When the next stable firmware release comes out, then follow your ambitious plan.
I have a backup script of my customizations. When I start over with a factory reset, I can more quickly get back to where I had been.

#!/bin/sh
#
umask 022
myentdir="/tmp/mnt/ent"
mybackupdir="/tmp/mnt/smb/share/backup"
myfiledir=${mybackupdir}/file
mynvramdir=${mybackupdir}/nvram
mydbdir=${mybackupdir}/db
#
for myfile in ${myentdir}/entware/share/diversion/list/blacklist /tmp/mnt/ent/entware/var/cache/pixelserv/ca.crt /tmp/mnt/ent/entware/var/cache/pixelserv/ca.key /jffs/scripts/dnsmasq.postconf /jffs/scripts/log-dhcp.sh /jffs/scripts/services-start ${myentdir}/entware/etc/stubby/stubby.yml ${myentdir}/entware/share/diversion/list/wc_blacklist ${myentdir}/entware/share/diversion/list/whitelist
do
        echo "==============================================================================================="
        ls -la ${myfile}
        cp ${myfile} ${myfiledir}
        echo "#"
        echo "Copied ${myfile} to ${myfiledir}"
done
#
for mynvram in custom_clientlist dhcp_staticlist dns_probe_content ntp_server1 sshd_authkeys
do
        echo "==============================================================================================="
        nvram get ${mynvram}
        nvram get ${mynvram} > ${mynvramdir}/${mynvram}
        echo "#"
        echo "Backed up nvram variable ${mynvram} to ${mynvramdir}/${mynvram}"
done
#
for mydb in /jffs/.sys/AiProtectionMonitor/AiProtectionMonitor.db /jffs/.sys/WebHistory/WebHistory.db /jffs/.sys/TrafficAnalyzer/TrafficAnalyzer.db /jffs/.sys/nc/nt_center.db ${myentdir}/traffic/tomato_rstats_0c9d9201f098.gz
do
        echo "==============================================================================================="
        ls -la ${mydb}
        cp ${mydb} ${mydbdir}
        echo "#"
        echo "Copied ${mydb} to ${mydbdir}"
done
echo "==============================================================================================="
#

 

[Zonkd]

You are correct. I used MiniTool Partition Wizard on a Windows PC to partition and create journaled ext4 filesystems before I installed amtm. Amtm came along and just used the first partition filesystem.
Alternatively, you could do it on the router using the FAQ post from @Zonkd

Correct, let it be known AMTM fd creates just 1 partition with default values for first and last cylinder so that the partition uses the entire disk space. If anyone out there on the www needs to create multiple partitions on their disk then they should do so manually following the wiki guide and when at the partitioning stage they wouldn’t use the default first/last cylinder values. I’m sure everyone out there can figure it out as they go

https://github.com/RMerl/asuswrt-merlin/wiki/Disk-formatting#7-repartition-disk

I’m not sure if @thelonelycoder plans to add the ability to create multiple partitions with AMTM fd. Personally I think it’s a good idea to keep it simple the way it is. What percentage of people actually need multiple partitions? Sure some advanced users might have a valid reason but it seems a lot of people want a dedicated “swap partition” for no other reason than thinking it’s better than a “swap file” (which iirc @Adamm said wasn’t the case for skynet). Other people just want a seperate partition to store their swap file. That seems unnecessary too? 1 partition containing swap file and everything else is fine for almost everyone right? Just create directories and assign user access permissions and you’re good to go.

 

[L&LD]

Correct, let it be known AMTM fd creates just 1 partition with default values for first and last cylinder so that the partition uses the entire disk space. If anyone out there on the www needs to create multiple partitions on their disk then they should do so manually following the wiki guide and when at the partitioning stage they wouldn’t use the default first/last cylinder values. I’m sure everyone out there can figure it out as they go

https://github.com/RMerl/asuswrt-merlin/wiki/Disk-formatting#7-repartition-disk

Thanks for the link, couldn't find it too easily (may I ask you to have it in your signature, ty!).

Figure it out as I go? No, never. Your great guide is a 16-page printout. Not anything I would have discovered or attempted on my own.

 

[joe scian]

Hi TheLonelyCoder
I have something to report,
www.baidu.com is reported to be blocked ( it was in my Diversion Stats report ) for my Camera DVR device.

However I was able to access this site when entered in browser.
When I tried to add it to the blacklist it said it was already blocked by a list and adding it may not affect result.

Well I added it manually to blacklist - processed blacklist and now I get a blank page as expected -

Very strange and a possible bug?

 

[L&LD]

Hi TheLonelyCoder
I have something to report,
www.baidu.com is reported to be blocked ( it was in my Diversion Stats report ) for my Camera DVR device.

However I was able to access this site when entered in browser.
When I tried to add it to the blacklist it said it was already blocked by a list and adding it may not affect result.

Well I added it manually to blacklist - processed blacklist and now I get a blank page as expected -

Very strange and a possible bug?

It may be that you hadn't processed the list(s) before? Simply adding an entry doesn't start blocking it immediately.

 

[blauter]

I just installed Diversion + Pixelsrv + Skynet (coming from Pi-Hole on docker) on my router and having an issue with PS Vue. Same issue as mentioned previously in this thread. However, the issue seems to be related to certificate being returned from pixelsrv. Is there way to bypass pixelsrv for a particular domain (google analytics in this case) without whitelisting? PS Vue works fine on diversion without pixelsrv and on pihole so I prefer not to whitelist all of google analytics for one misbehaving app.

Sorry if this has been answered. I searched this thread, site, diversion site and wasnt able to find an answer.

Thanks.

 

[cdikland]

I first tried Diversion on my "Test enviroment" and installed it succesfully on my RT-AC68U running Merlin FW 384.9. After a few hours of testing, all seemed well and decided to make the leap and installed it on my main router RT-AC86U with the same version of Merlin FW. Install went without issue but when I loaded the same sites I tested earlier nothing seemed to work. All ads were still there. Then my real problem started.

I tried to ssh (WinScp and Putty using a saved profile with username/password) into my router and I got access denied error. I went back to the router web interface and under the Admin tab decided I would reset my password. Made no difference. I rechecked my ssh settings on the router but nothing had changed. Things got worst. I logged out of the routers web ui and tried to log back in. Says my login info is incorrect. I am now locked out of my router completely. Is my only option to do a factory rest???

UPDATE: After a power off/on I was able to get back into ssh and web ui of this router. Everything seemed very slow so I uninstalled diversion, removed the USB thumb and rebooted. Voila.. everything seemed normal once again.

For some reason I was suspicious of the thumb drive and grabbed a new one formatted it to ext4. Re-installed Diversion and again it appeared all the ads were still visble on same sites I visited using the test ac68U router. As the AC68U was working well with Diversion within my test network I decided I would uninstall Diversion and re-install. Wanted to see if maybe I was doing something wrong. Sure enough the AC68U worked just fine. No problems at all.

Back to the AC86U and this time I was able to SSH to my router and uninstalled Diversion once again. I removed the USB and rebooted. After 5 minutes I knew something wasnt right and all of a sudden the Asus router setup screen appeared. All my router setting were gone. Fortunately I had setting saved and was able to restore the router.

I am not sure what could have possible caused this but my bet (or hunch) is on the USB. I am afraid to try any further testing with Diversion on this router which is really too bad considering how great it works on the AC68U. Anyone have any ideas what possible could have happened??

 

[blauter]

I just installed Diversion + Pixelsrv + Skynet (coming from Pi-Hole on docker) on my router and having an issue with PS Vue. Same issue as mentioned previously in this thread. However, the issue seems to be related to certificate being returned from pixelsrv. Is there way to bypass pixelsrv for a particular domain (google analytics in this case) without whitelisting? PS Vue works fine on diversion without pixelsrv and on pihole so I prefer not to whitelist all of google analytics for one misbehaving app.

Sorry if this has been answered. I searched this thread, site, diversion site and wasnt able to find an answer.

Thanks.

I temporarily worked around the issue by editing blockinglist file and changed www.google-analytics.com to 0.0.0.0 instead of pixelsrv ip. But is this change permanent? Is there a local host file that takes precedence over this that wont get updated?

 

[Zonkd]

In my stats these appear as "Top Domains" on a few different devices:

5055 error
726 0.0.0.0.in-addr.arpa
16 DHCPREQUEST(br0)
16 DHCPACK(br0)
4 DHCPOFFER(br0)
5 attack
294 unprintable>
40 -

The last domain I listed there is just a - hyphen.

Does everybody normally see these? Or should I be looking into it further?

 

[martinr]

In my stats these appear as "Top Domains" on a few different devices:

5055 error
726 0.0.0.0.in-addr.arpa
16 DHCPREQUEST(br0)
16 DHCPACK(br0)
4 DHCPOFFER(br0)
5 attack
294 unprintable>
40 -

The last domain I listed there is just a - hyphen.

Does everybody normally see these? Or should I be looking into it further?

The closest I get (and this is from the weekly top 10 domains for 10 clients stats email) is for my Humax Foxsat Freesat recorder:

192.168.10.53, Foxsat:
--------------------------------------------------------
63 DHCPREQUEST(br0)
63 192.168.10.53
42 DHCPOFFER(br0)
3 tap.api.bbc.co.uk



And the only other entry that matches one of yours is:

16 DHCPREQUEST(br0)

on a Humax Freebiew DVR.


Of course, it’s possible that I might have other entries like yours for rhe other clients but crashlytics etc pushed them out of the top 10.

 

[thelonelycoder]

In my stats these appear as "Top Domains" on a few different devices:

5055 error
726 0.0.0.0.in-addr.arpa
16 DHCPREQUEST(br0)
16 DHCPACK(br0)
4 DHCPOFFER(br0)
5 attack
294 unprintable>
40 -

The last domain I listed there is just a - hyphen.

Does everybody normally see these? Or should I be looking into it further?

Noticed these odd entries too, it started recently. I'm going to look into it.

 

[thelonelycoder]

I just installed Diversion + Pixelsrv + Skynet (coming from Pi-Hole on docker) on my router and having an issue with PS Vue. Same issue as mentioned previously in this thread. However, the issue seems to be related to certificate being returned from pixelsrv. Is there way to bypass pixelsrv for a particular domain (google analytics in this case) without whitelisting? PS Vue works fine on diversion without pixelsrv and on pihole so I prefer not to whitelist all of google analytics for one misbehaving app.

Sorry if this has been answered. I searched this thread, site, diversion site and wasnt able to find an answer.

Thanks.

Can you import the pixelserv-tls certificate into it. I have no idea what a PS Vue is.

 

[thelonelycoder]

I temporarily worked around the issue by editing blockinglist file and changed www.google-analytics.com to 0.0.0.0 instead of pixelsrv ip. But is this change permanent? Is there a local host file that takes precedence over this that wont get updated?

No.

 

[thelonelycoder]

I first tried Diversion on my "Test enviroment" and installed it succesfully on my RT-AC68U running Merlin FW 384.9. After a few hours of testing, all seemed well and decided to make the leap and installed it on my main router RT-AC86U with the same version of Merlin FW. Install went without issue but when I loaded the same sites I tested earlier nothing seemed to work. All ads were still there. Then my real problem started.

I tried to ssh (WinScp and Putty using a saved profile with username/password) into my router and I got access denied error. I went back to the router web interface and under the Admin tab decided I would reset my password. Made no difference. I rechecked my ssh settings on the router but nothing had changed. Things got worst. I logged out of the routers web ui and tried to log back in. Says my login info is incorrect. I am now locked out of my router completely. Is my only option to do a factory rest???

UPDATE: After a power off/on I was able to get back into ssh and web ui of this router. Everything seemed very slow so I uninstalled diversion, removed the USB thumb and rebooted. Voila.. everything seemed normal once again.

For some reason I was suspicious of the thumb drive and grabbed a new one formatted it to ext4. Re-installed Diversion and again it appeared all the ads were still visble on same sites I visited using the test ac68U router. As the AC68U was working well with Diversion within my test network I decided I would uninstall Diversion and re-install. Wanted to see if maybe I was doing something wrong. Sure enough the AC68U worked just fine. No problems at all.

Back to the AC86U and this time I was able to SSH to my router and uninstalled Diversion once again. I removed the USB and rebooted. After 5 minutes I knew something wasnt right and all of a sudden the Asus router setup screen appeared. All my router setting were gone. Fortunately I had setting saved and was able to restore the router.

I am not sure what could have possible caused this but my bet (or hunch) is on the USB. I am afraid to try any further testing with Diversion on this router which is really too bad considering how great it works on the AC68U. Anyone have any ideas what possible could have happened??

Sounds like your 86U has some other problems. I would reinstall the firmware, followed by a reset and manual configuration.

 

[Butterfly Bones]

I just installed Diversion + Pixelsrv + Skynet (coming from Pi-Hole on docker) on my router and having an issue with PS Vue. Same issue as mentioned previously in this thread. However, the issue seems to be related to certificate being returned from pixelsrv. Is there way to bypass pixelsrv for a particular domain (google analytics in this case) without whitelisting? PS Vue works fine on diversion without pixelsrv and on pihole so I prefer not to whitelist all of google analytics for one misbehaving app.

Sorry if this has been answered. I searched this thread, site, diversion site and wasnt able to find an answer.

Thanks.

There is a workaround in the pixelserv-tls thread. You should scroll back and forward from this link to fully understand.
https://www.snbforums.com/threads/p...bserver-for-adblock.26114/page-86#post-396073

 

[Zonkd]

Noticed these odd entries too, it started recently. I'm going to look into it.

Do you have dns rebind protection enabled? My initial thought was that could be causing the domain “attack” to appear.

 

[blauter]

Can you import the pixelserv-tls certificate into it. I have no idea what a PS Vue is.

Playstation VUE is a streaming TV cable replacement. I run it on 4 NVIDIA shield android TVs. I may be able to do that with the one I have rooted but prefer if I can do what I suggest.

There is a workaround in the pixelserv-tls thread. You should scroll back and forward from this link to fully understand.
https://www.snbforums.com/threads/p...bserver-for-adblock.26114/page-86#post-396073

Perfect. Thank you so much. I was so focused on looking for a host file as part of Diversion I didnt even think of using local hosts entry and whitelisting the domains. So simple and working perfectly

Just added below to /jffs/configs/host.add:
0.0.0.0 analytics.google.com
0.0.0.0 dpm.demdex.net
0.0.0.0 google-analytics.com
0.0.0.0 sb.scorecardresearch.com
0.0.0.0 sb.voicefive.com
0.0.0.0 secure-us.imrworldwide.com
0.0.0.0 settings.crashlytics.com
0.0.0.0 www.google-analytics.com

Restarted dnsmasq and then whitelisted the above domains in Diversion. Everything is working perfect. The issue was only only on the Android devices and only for PS Vue (so far at least).

 

[thelonelycoder]

Do you have dns rebind protection enabled? My initial thought was that could be causing the domain “attack” to appear.

Not that I'm aware of. I'd have to look at the logfile to find the entries and figure things out from there.

 

[cdikland]

Sounds like your 86U has some other problems. I would reinstall the firmware, followed by a reset and manual configuration.

Did a factory reset, re-installed FW, did another factory reset, setup my router (wireless, static ip, ssh,traffic, etc) then went to install Diversion. This time the install did not even complete. I went into a loop with numerous messages similar to "Waiting for cronjob...." After a few of those it the messages changes to "retrieving/getting files..." then back to waiting for conjob." Had to do another reset to recover. Router is working fine now albeit without Diversion.