diff --git a/net/adblock/Makefile b/net/adblock/Makefile index e197127c7..f2d40c6da 100644 --- a/net/adblock/Makefile +++ b/net/adblock/Makefile @@ -6,8 +6,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=adblock -PKG_VERSION:=2.6.0 -PKG_RELEASE:=2 +PKG_VERSION:=2.6.1 +PKG_RELEASE:=1 PKG_LICENSE:=GPL-3.0+ PKG_MAINTAINER:=Dirk Brenken diff --git a/net/adblock/files/README.md b/net/adblock/files/README.md index fa43b1161..6950ec792 100644 --- a/net/adblock/files/README.md +++ b/net/adblock/files/README.md @@ -59,6 +59,7 @@ A lot of people already use adblocker plugins within their desktop browsers, but * simple but yet powerful adblock engine: adblock does not use error prone external iptables rulesets, http pixel server instances and things like that * automatically selects dnsmasq or unbound as dns backend * automatically selects uclient-fetch or wget as download utility (other tools like curl or aria2c are supported as well) +* support http only mode (without installed ssl library) for all non-SSL blocklist sources * automatically supports a wide range of router modes, even AP modes are supported * full IPv4 and IPv6 support * supports tld compression (top level domain compression), this feature removes thousands of needless host entries from the block lists and lowers the memory footprint for the dns backends @@ -73,6 +74,8 @@ A lot of people already use adblocker plugins within their desktop browsers, but * suspend & resume adblock actions temporarily without block list reloading * runtime information available via LuCI & via 'status' init command * query function to quickly identify blocked (sub-)domains, e.g. for whitelisting +* optional: force dns requests to local resolver +* optional: force overall sort / duplicate removal for low memory devices (handle with care!) * optional: automatic block list backup & restore, backups will be (de-)compressed and restored on the fly in case of any runtime error * optional: add new adblock sources on your own via uci config @@ -81,7 +84,7 @@ A lot of people already use adblocker plugins within their desktop browsers, but * a usual setup with an enabled dns backend at minimum - dump AP modes without a working dns backend are _not_ supported * a download utility: * to support all blocklist sources a full version (with ssl support) of 'wget', 'uclient-fetch' with one of the 'libustream-*' ssl libraries, 'aria2c' or 'curl' is required - * for limited devices with real memory constraints, adblock provides also a plain http option and supports wget-nossl and uclient-fetch (wihout libustream-ssl), too + * for limited devices with real memory constraints, adblock provides also a plain http option and supports wget-nossl and uclient-fetch (without libustream-ssl), too * for more configuration options see examples below ## LEDE trunk Installation & Usage @@ -104,7 +107,6 @@ A lot of people already use adblocker plugins within their desktop browsers, but * **restrict procd interface trigger:** restrict the procd interface trigger to a (list of) certain interface(s) (default: wan). To disable it at all, remove all entries * **suspend & resume adblocking:** to quickly switch the adblock service 'on' or 'off', simply use _/etc/init.d/adblock [suspend|resume]_ * **domain query:** to query the active block lists for a specific domain, please run _/etc/init.d/adblock query ``_ (see example below) -* **divert dns requests:** to force dns requests to your local dns resolver add an appropriate firewall rule (see example below) * **add new list sources:** you could add new block list sources on your own via uci config, all you need is a source url and an awk one-liner (see example below) * **disable active dns probing in windows 10:** to prevent a yellow exclamation mark on your internet connection icon (which wrongly means connected, but no internet), please change the following registry key/value from "1" to "0" _HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet\EnableActiveProbing_ @@ -115,7 +117,9 @@ A lot of people already use adblocker plugins within their desktop browsers, but * adb\_iface => set the procd interface trigger to a (list of) lan / wan interface(s) (default: 'wan') * adb\_fetch => full path to a different download utility, see example below (default: not set, use wget) * adb\_fetchparm => options for the download utility, see example below (default: not set, use wget options) - * adb\_triggerdelay => additional trigger delay in seconds before adblock processing starts (default: '1') + * adb\_triggerdelay => additional trigger delay in seconds before adblock processing starts (default: '2') + * adb\_forcedns => force dns requests to local resolver (default: '0', disabled) + * adb\_forcesrt => force overall sort on low memory devices with less than 64 MB RAM (default: '0', disabled) ## Examples **change default dns backend to 'unbound':** @@ -209,17 +213,6 @@ For every domain it returns the overall count plus a distinct list of active blo In the example above whitelist "www.doubleclick.net" to free the submitted domain. -**divert dns requests to local dns resolver in /etc/config/firewall:** -

-config redirect
-    option name 'Divert DNS'
-    option src 'lan'
-    option proto 'tcp udp'
-    option src_dport '53'
-    option dest_port '53'
-    option target 'DNAT'
-
- **add a new block list source:** 

 1. the easy way ...
diff --git a/net/adblock/files/adblock.conf b/net/adblock/files/adblock.conf
index 7c1143483..0e4fd0257 100644
--- a/net/adblock/files/adblock.conf
+++ b/net/adblock/files/adblock.conf
@@ -4,6 +4,8 @@
 config adblock 'global'
 	option adb_enabled '1'
 	option adb_debug '0'
+	option adb_forcesrt '0'
+	option adb_forcedns '0'
 	option adb_iface 'wan'
 	option adb_triggerdelay '2'
 	option adb_whitelist '/etc/adblock/adblock.whitelist'
diff --git a/net/adblock/files/adblock.sh b/net/adblock/files/adblock.sh
index f886723bb..701712384 100755
--- a/net/adblock/files/adblock.sh
+++ b/net/adblock/files/adblock.sh
@@ -10,10 +10,12 @@
 #
 LC_ALL=C
 PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-adb_ver="2.6.0-2"
+adb_ver="2.6.1"
 adb_sysver="$(ubus -S call system board | jsonfilter -e '@.release.description')"
 adb_enabled=1
 adb_debug=0
+adb_forcesrt=0
+adb_forcedns=0
 adb_backup=0
 adb_backupdir="/mnt"
 adb_whitelist="/etc/adblock/adblock.whitelist"
@@ -113,6 +115,26 @@ f_envload()
     #
     config_load adblock
     config_foreach parse_config source
+
+    # force dns to local resolver
+    #
+    if [ ${adb_forcedns} -eq 1 ] && [ -z "$(uci -q get firewall.adblock_dns)" ]
+    then
+        uci -q set firewall.adblock_dns="redirect"
+        uci -q set firewall.adblock_dns.src="lan"
+        uci -q set firewall.adblock_dns.proto="tcp udp"
+        uci -q set firewall.adblock_dns.src_dport="53"
+        uci -q set firewall.adblock_dns.dest_port="53"
+        uci -q set firewall.adblock_dns.target="DNAT"
+    elif [ ${adb_forcedns} -eq 0 ] && [ -n "$(uci -q get firewall.adblock_dns)" ]
+    then
+        uci -q delete firewall.adblock_dns
+    fi
+    if [ -n "$(uci -q changes firewall)" ]
+    then
+        uci -q commit firewall
+        /etc/init.d/firewall reload >/dev/null 2>&1
+    fi
 }
 
 # f_envcheck: check/set environment prerequisites
@@ -416,7 +438,7 @@ f_main()
 
         # download block list
         #
-        f_log "debug" "name: ${src_name}, enabled: ${enabled}, backup: ${adb_backup}, dns: ${adb_dns}, fetch: ${adb_fetchinfo}, memory: ${mem_total}"
+        f_log "debug" "name: ${src_name}, enabled: ${enabled}, backup: ${adb_backup}, dns: ${adb_dns}, fetch: ${adb_fetchinfo}, memory: ${mem_total}, force srt/dns: ${adb_forcesrt}/${adb_forcedns}"
         if [ "${src_name}" = "blacklist" ]
         then
             cat "${url}" 2>/dev/null > "${adb_tmpload}"
@@ -488,7 +510,7 @@ f_main()
     #
     for src_name in $(ls -dASr "${adb_tmpdir}/${adb_dnsprefix}"* 2>/dev/null)
     do
-        if [ ${mem_total} -ge 64000 ]
+        if [ ${mem_total} -ge 64000 ] || [ ${adb_forcesrt} -eq 1 ]
         then
             if [ -s "${adb_tmpdir}/blocklist.overall" ]
             then