Dirk Brenken 1e99336f3c | 8 years ago | |
---|---|---|
.. | ||
README.md | 8 years ago | |
adblock.blacklist | 9 years ago | |
adblock.conf | 8 years ago | |
adblock.init | 8 years ago | |
adblock.sh | 8 years ago | |
adblock.whitelist | 9 years ago |
A lot of people already use adblocker plugins within their desktop browsers, but what if you are using your (smart) phone, tablet, watch or any other wlan gadget...getting rid of annoying ads, trackers and other abuse sites (like facebook ;-) is simple: block them with your router. When the dns server on your router receives dns requests, you will sort out queries that ask for the resource records of ad servers and return a simple 'NXDOMAIN'. This is nothing but Non-eXistent Internet or Intranet domain name, if domain name is unable to resolved using the dns server, a condition called the 'NXDOMAIN' occurred.
<DOMAIN>
(see example below)example to change the ssl backend for 'uclient-fetch' or 'curl':
opkg update
opkg remove --force-depends libustream-polarssl
opkg install libustream-mbedtls
example configuration for different download utilities:
config for wget (default):
option adb_fetch="/usr/bin/wget"
option adb_fetchparm="--no-config --quiet --tries=1 --no-cache --no-cookies --max-redirect=0 --timeout=5 --no-check-certificate -O"
config for aria2c:
option adb_fetch '/usr/bin/aria2c'
option adb_fetchparm '-q --max-tries=1 --timeout=5 --allow-overwrite=true --auto-file-renaming=false --check-certificate=false -o'
config for uclient-fetch (download errors with default ssl backend!):
option adb_fetch '/bin/uclient-fetch'
option adb_fetchparm '-q --timeout=5 --no-check-certificate -O'
config for curl (download errors with default ssl backend!):
option adb_fetch '/usr/bin/curl'
option adb_fetchparm '-s --retry 1 --connect-timeout 5 --insecure -o'
example to receive adblock statistics via ubus:
ubus call service list '{"name":"adblock_stats"}'
This will output the active block lists, the overall domain count and the last runtime as JSON, i.e.:
{
"adblock_stats": {
"instances": {
"stats": {
"running": false,
"command": [
""
],
"data": {
"active_lists": [
{
"palevo": "14",
"blacklist": "143",
"winspy": "164",
"zeus": "446",
"rolist": "644",
"malwarelist": "1218",
"openphish": "1515",
"ransomware": "1463",
"ruadlist": "1773",
"yoyo": "2320",
"dshield": "123",
"disconnect": "3181",
"spam404": "6155",
"malware": "9882",
"whocares": "11825",
"winhelp": "10917",
"sysctl": "8529",
"securemecca": "9919",
"shalla": "25779",
"hphosts": "37111"
}
],
"blocked_domains": "133121",
"last_rundate": "31.12.2016 07:19:25",
"system": "LEDE Reboot SNAPSHOT r2709-b7677f05d6"
}
}
}
}
}
example cronjob for a regular block list update (/etc/crontabs/root):
0 06 * * * /etc/init.d/adblock start
example blacklist entry (/etc/adblock/adblock.blacklist):
ads.example.com
This entry blocks the following (sub)domains:
http://ads.example.com/foo.gif
http://server1.ads.example.com/foo.gif
https://ads.example.com:8000/
This entry does not block:
http://ads.example.com.ua/foo.gif
http://example.com/
example whitelist entry (/etc/adblock/adblock.whitelist):
here.com
This entry removes the following (sub)domains from the block lists:
maps.here.com
here.com
This entry does not remove:
where.com
www.adwhere.com
example to query active block lists for a certain (sub-)domain, i.e. for whitelisting:
/etc/init.d/adblock query "example.www.doubleclick.net"
:: distinct results for domain 'example.www.doubleclick.net' (overall 0)
no matches in active block lists
:: distinct results for domain 'www.doubleclick.net' (overall 1)
adb_list.securemecca : www.doubleclick.net
:: distinct results for domain 'doubleclick.net' (overall 127)
adb_list.adaway : ad-g.doubleclick.net
adb_list.securemecca : 1168945.fls.doubleclick.net
The query function checks against the submitted (sub-)domain and recurses automatically to the upper top level domain(s).
For every domain it returns the overall count plus a distinct list of active block lists with the first relevant result.
In the example above whitelist "www.doubleclick.net" to free the submitted domain.
example to divert dns requests to local dns resolver (/etc/config/firewall):
config redirect
option name 'Divert DNS'
option src 'lan'
option proto 'tcp udp'
option src_dport '53'
option dest_port '53'
option target 'DNAT'
example to add a new block list source:
1. the easy way ...
example: https://easylist-downloads.adblockplus.org/rolist+easylist.txt
adblock already supports an easylist source, called 'ruadlist'. To add the additional local easylist
as a new source, copy the existing config source 'ruadlist' section and change only
the source name, the url and the description - that's all!
config source 'rolist'
option enabled '0'
option adb_src 'https://easylist-downloads.adblockplus.org/rolist+easylist.txt'
option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
option adb_src_desc 'focus on romanian ad related domains plus generic easylist additions, weekly updates, approx. 600 entries'
2. a bit harder ...
to add a really new source with different domain/host format you have to write a suitable
awk one-liner on your own, so basic awk skills are needed. As a starting point check the already
existing awk strings (adb_src_rset) in adblock config, maybe you need only small changes for your individual list.
Download the desired list and test your new awk string locally with:
cat new.list | awk 'fs__individual search__search core__result'
'fs' => field separator (optional)
'individual search' => individual search part to filter out needless list information
'search core' => always '([A-Za-z0-9_-]+\.){1,}[A-Za-z]+', this is part of all list sources and should be unchanged
'result' => always '{print tolower(\$n)}', only the output column 'n' may vary
the output result should be a sequential list with one domain/host per line - nothing more.
If your awk one-liner works quite well, add a new source section in adblock config and test your new source
Please join the adblock discussion in this forum thread or contact me by mail dev@brenken.org
Have fun!
Dirk