* changed complete dnsmasq handling
- no longer redirect ad requests to internal web server via firewall
rules etc., in fact send back a simple NXDOMAIN for all
ad related (sub-)domains
- smaller memory footprint for block lists
- removed needless uhttpd instances
- removed needless firewall rules/redirects
* init/hotplug system migrated to procd
- removed hotplug.d script, now using procd interface trigger
* reduced code size/complexity
- removed needless internal pre-checks & function blocks,
no longer rely on a separate helper library
- removed flash writes to adblock config
* support different download tools like wget (default), aria2c,
uclient-fetch, curl (see online doc)
* adblock status/statistics via ubus call (see online doc)
* various bug fixes
* documentation update
* changed makefile copyright notice
Signed-off-by: Dirk Brenken <dev@brenken.org>
* add new 'envchk'function to check adblock environment only,
i.e. check volatile firewall rules or uhttpd instances
without list updates
* add new optional parm 'adb_loglevel',
set it to "0" to mute output (print only errors)
* set hotplug priority to '90' as well (missed in the last commit)
* documentation update
* cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
* enhance the new query function:
change the regex to find only the relevant blocklist entries
add a recursive tld search to quickly identify domains for
whitelisting (see documentation)
better result preparation
* add securemecca as new blocklist source
* documentation update
Signed-off-by: Dirk Brenken <dev@brenken.org>
* add a query function to search the active blocklists for a specific
domain (/etc/init.d/adblock query <DOMAIN>)
* fix bug in ap mode/uhttpd port detection
* check general firewall and dnsmasq package dependencies and remove
redundant checks in ap mode
Signed-off-by: Dirk Brenken <dev@brenken.org>
* added a 'window.close()' to adblock landing page to automatically
close any pop-ups that might get loaded with a blocked ad
* simplified dnsmasq check in ap mode
Signed-off-by: Dirk Brenken <dev@brenken.org>
* change the default hphosts list source to ad and tracking servers
only, the overall list includes to many false positives
* new optional config parm 'adb_hotplugif' to restrict hotplug support
to a certain wan interface or to disable it at all
* documentation update
* cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
* fw rule changes:
force_dns now supports multiple lan devices
disable needless force_dns- & forward/output-rules in 'ap mode'
check return codes during adblock chain creation
* simplified the test for a running firewall
* documentation update
Signed-off-by: Dirk Brenken <dev@brenken.org>
* restructured sources
* fix logical glitches in config handling
* many corner case fixes & cosmetics
* show runtime errors in LuCI (in lastrun section)
Signed-off-by: Dirk Brenken <dev@brenken.org>
* rework download/backup/restore handling
* rework firewall handling
* refine whitelist parsing
* changed default null-ip to 198.18.0.1 to prevent conflicts with bcp38
* spread traffic from ad servers (port 80/443) on two uhttpd instances,
this fixes timeouts on sites with many ssl ad server connections, i.e.
youtube.com
* provide statistics & last runtime for LuCI interface
* documentation update
Signed-off-by: Dirk Brenken <dev@brenken.org>
* new config option 'adb_restricted' to disable updates of the adblock
config during runtime (no flash writes, disabled by default)
* new update function, to apply latest configuration changes if needed
(/etc/init.d/adblock cfgup)
* fix dns redirect rule
* various optimizations
Signed-off-by: Dirk Brenken <dev@brenken.org>
* support more router modes, as long as the firewall and the DNS server
are enabled
* new source sites can be added & changed via awk ruleset in uci config
* source domain count, last update time & overall count will be stored
in uci config
* added 3 new source sites:
ransomware tracker
rolist/easylist
winspy
* switch to minimal inline base64 encoded 1×1 GIF for pixel server
(separate png image no longer needed)
* simplified uci parser
* source download & domain sort optimization
* add whitelist parser with wildcard support
* reduced code size & various cleanups
* updated documentation
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
* add sysctl.org as new adblock source
* add main debug switch (by default all stderr outputs are going to
/dev/null)
* small cleanups
* first 'stable' release! ;-)
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
* all relevant adblock events will be properly written to syslog/stdout
* removed needless 'debug log' option
* add optional parm 'adb_forcedns' to redirect all queries to local
resolver (default: '1', enabled)
* revised space check
* various code cosmetics & cleanups
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
* fix ip6tables reject types
* simplified firewall ruleset for IPv4/IPv6
* fix memory detection (swap was always 0)
* fix dnsmasq restart after partial restore
* ad hotplug support, adblock will be started when wan interface comes
up
* change adblock init script accordingly, do nothing on 'boot'
* optimize wget parameters for faster download results (in case of an
error)
* added CC installation notes to readme
* removed needless external online check
* removed needless optional parms 'adb_maxtime', 'adb_maxloop',
'adb_probeipv4' and 'adb_probeipv6'
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
* fix root cause for https timeout issues
* fix startup issues via luci
* detach init start process to fix luci timeout issues
* fix html header in adblock pages
* fix adblock.conf options to single quotes
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
* openwrt init system support, see /etc/init.d/adblock
* support for two new adblock sources: openphish and ruadlist/easylist
* partial block list restore, i.e. if a single list download failed
* fix performance regression on sites with links to https ad servers
* removed no longer used samples dir
* updated documentation
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
- fix possible race condition during startup
- fix duplicate logging during startup
- fix wget parms to prevent partitial downloads
- fix iptables rules to meet openwrt user chains
- added a rule in output chain to reject local ad related requests as
well
- changed default IPv4/IPv6 blackhole ip address to fix routing issues
with windows clients
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
* "zero-conf" installation & setup, usually no manual config changes
required (i.e. ip address, network devices etc.)
* full IPv4 and IPv6 support
* new adblock list source (malwaredomainlist.com)
* adblock related statistics will be done by iptables
* removed curl dependency
* for IPv6 support you need 'kmod-ipt-nat6'
* fix Chaos Calmer compability
* various small changes & fixes
* updated documentation
* updated maintainer email address
Signed-off-by: Dirk Brenken <dirk@brenken.org>