OpenWrt Adblock (Tracking Protection on Router)

Discussion in 'privacy technology' started by WildByDesign, Mar 19, 2016.

  1. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    1,640
    Location:
    Toronto, Canada
    Over the years there have been different methods within OpenWrt to filter content on the DNS level, but many of those required clunky scripts and were difficult to setup.

    Soon, adblocking will be built into OpenWrt along with an easy to configure UI. This can already be utilized now within trunk builds (Designated Driver) or by installing the adblock package and UI package within Chaos Calmer with a one line installer package (opkg).

    Keep in mind, you still need to SSH/SCP into your OpenWrt router initially to install this. From that point on, much of what you need to do can be accessed within the web UI. The built-in features are quite surprising, as can be realized in the readme below.

    Readme: https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md
    - Shows the tracking, ad, malware, etc. lists that you can subscribe to within the UI along with great documentation and installation details.

    Credits: Dirk Brenken (OpenWrt Adblock package) and Hannu Nyman (UI)


    Click thumbnail for full UI view to get an idea of functionality:

    full.png
     
    Last edited: Mar 19, 2016
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    Adblocking at the DNS level or "HOSTS file" level will never be successful. It's like trying to use a 10 year old AV program against viruses of today. An archaic "block everything" system will *always* cause breakage. One glance at the EasyList whitelist is enough to verify this.

    At first I thought this plugin might be using HTTP filtering, like a modern adblocker should. But if it's on the router, it would then need to perform messy man-in-the-middle hackery on your connections to provide filtering for HTTPS (a browser plugin doesn't need to do this). Unfortunately, it seems to use DNS filtering.

    If you want filtering on your smartphone the solution is simple, use a browser like Firefox that supports extensions, or use an adblock enabled browser.
     
  3. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,089
    Hostname grained blocking is totally fine in many cases, and acceptable in many others where the user is willing to tolerate some breakage in exchange for protection. A DNS server based approach is lightweight and can cover browser, app, and IoT scenarios across HTTP, HTTPS, and other ports/protocols. It is a useful tool to have in the toolbox.
     
    Last edited: Mar 20, 2016
  4. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    If you're the kind of person to use a hammer on a screw, sure.
     
Loading...