I am not responsible if your devices send you back in time, explodes, implodes, bricks or flies into space from the use of any software I put up.


Saturday, September 14, 2013

How to block advertisement using OpenWRT

Blacklist Ad Content Delivery Domains 

This is how I block advertisement at DNS level on OpenWRT.
Blocking at DNS level is advisable because it does not impact bandwidth and latency.
Simply said it tricks your computer that your loopback address is where adserver are located but cannot be found so adservers are ignored totally.
AdServers are becoming more and more of a nuisance.
  1. They serve up malware advertisement, 
  2. They load flash advertisements which waste bandwidth and increase latency. 
  3. They run javascripts to try and "take over" your web browser via redirection and popups.
If you run adblocker on client computers it becomes harder to manage when the number of client systems increase.
Fortunately OpenWRT makes this easy with the use of dnsmasq.
My web surfing experience has since greatly improved since
Here is how to do it in 2 steps(Yes it is that simple and powerful with Linux):
  1.  SSH into your router
  2. Copy and paste this Command into the terminal
wget -O /etc/dnsmasq.conf "http://pgl.yoyo.org/as/serverlist.php?hostformat=dnsmasq&showintro=1&startdate[day]=&startdate[month]=&startdate[year]=&mimetype=plaintext" && /etc/init.d/dnsmasq restart
What this script does is telling your Router to http://pgl.yoyo.org/adservers/ to get a list of known adservers in a dnsmasq friendly format and save it to /etc/dnsmasq.conf if that command is successful then restart dnsmasq.

After that you will soon notice the disappearance of many irritating advertisement when using the web .
Hopefully this improves your web surfing experience as well as let you realise and embrace the power of shell scripting.

If you want to point the ip address to (invalid ip) instead of
sed -e 's/' -i /etc/dnsmasq.conf && /etc/init.d/dnsmasq restart

Blacklist Malware Delivery Domains

Copy the ads list to temporary directory
cp /etc/dnsmasq.conf /tmp/adlist.txt 
Change to temporary directory
cd /tmp/ 
Download the Malware Domain List from malwaredomains.com
wget http://mirror1.malwaredomains.com/files/domains.txt 
Filter the file to match the format dnsmasq requires
awk '{ print $1 }' domains.txt | grep '\.' | sed 's/^/address=\//g' | sed 's/$/\/' > malwarelist.txt 
Combine the files
sed -i -e '$a\' adlist.txt && cat adlist.txt malwarelist.txt > combinelist.txt 
Sort the files
sort combinelist.txt > dnsmasq.conf 
Copy back the final file and restart dnsmasq
mv dnsmasq.conf /etc/dnsmasq.conf && /etc/init.d/dnsmasq restart && rm *.txt

Unblock a particular domain

Assuming there is this domain "example.com" that falls into the blacklist but you know you need it, so how do you unblock it? This example uses vi but you can use any text editor, the idea is the same remove the line and it will be unblocked.

Edit the file using the text editor vi
vi /etc/dnsmasq.conf
Search the file for the block domain
Delete the line navigate to the line using arrow then
The line should dissppear
Press escape to return to command mode then
to save and quit
Restart the DNS Service
/etc/init.d/dnsmasq restart
Reload the browser with Ctrl + F5 and the domain should be unblocked.


nurettin alp said...

i want this script in crontab but i cant use how to use ?

Quangahh said...

Hi, just wondering with your script, is this a once off execution?
What happens if there is an update to list of ad servers, do we run the script again?

Admin said...

Yes you need to.

Quangahh said...

Would that leave duplicates?

Unknown said...

You can run
"rm /etc/dnsmasq.conf" to remove the config file before downloading it again.
Or you can add a -N behind.

wget -N

-N, --timestamping don't re-retrieve files unless newer than

Mike Tarbox said...

May 21 22:48:33 OpenWrt user.info sysinit: dnsmasq: bad option at line 1 of /etc/dnsmasq.conf
May 21 22:48:33 OpenWrt daemon.crit dnsmasq[1810]: bad option at line 1 of /etc/dnsmasq.conf
May 21 22:48:33 OpenWrt daemon.crit dnsmasq[1810]: FAILED to start up

Admin said...

Bad line at your config file and the program is unable to parse.
Either find the line and fix it or delete the whole file and start over.

Mike Tarbox said...

Line 1 is < html > without the spaces

Admin said...

There should be no html tags in the config file.
nuke the file and copy the whole command as displayed on the blog post and paste it in your telnet/SSH and enter

Mike Tarbox said...

I had posted above, ended up scrapping the whole project, but back in it now.
I downloaded and installed your binary, and so far it looks good.
Still running into an issue blocking ads.
Even after I delete /etc/dnsmasq.conf and plug in the commands, I still receive this msg:
dnsmasq: bad option at line 1 of /etc/dnsmasq.conf


Admin said...

Use scp to download /etc/dnsmasq.conf.
Open up the file with your notepad
It should look like this

Delete any line which does not look like the above.
Upload the file and put back and restart dnsmasq

Mike Tarbox said...

Thank you very much.
mine looks a little different, but seems to work.

www.chrisdavistech.com said...

A HUGE THANK YOU!!! I am now nuking ads from orbit!