Ad-block за OpenWRT

[psyx0]

В последно време никак не ми харесват циркаджииските шарени сайтове, и пробвах да пофилтрирам съдържанието на страниците със Adblock скрипт а той е следния 

#!/bin/sh
#Put in /etc/adblock.sh


#Block ads, malware, etc.


#Need pkill installed
if command -v pkill > /dev/null
then
    echo 'Found pkill!'
else
    echo 'Updating package list...'
    opkg update > /dev/null
    echo 'Installing procps/procps-pkill package...'
    opkg install procps > /dev/null
    opkg install procps-pkill > /dev/null
fi


#Need iptables-mod-nat-extra installed
if opkg list-installed | grep -q iptables-mod-nat-extra
then
    echo 'iptables-mod-nat-extra is installed!'
else
    echo 'Updating package list...'
    opkg update > /dev/null
    echo 'Installing iptables-mod-nat-extra...'
    opkg install iptables-mod-nat-extra > /dev/null
fi




#Pre-defined commands (change the cron command to what is comfortable, or leave as is)
FW1="iptables -t nat -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53"
FW2="iptables -t nat -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53"
CRON="0 4 * * 0,3 sh /etc/adblock.sh"
DNSMASQ_EDITED="1"
FIREWALL_EDITED="1"


echo 'Updating config, if necessary...'


#Check proper DHCP config and, if necessary, update it
uci get dhcp.@dnsmasq[0].addnhosts > /dev/null 2>&1 && DNSMASQ_EDITED="0" || uci add_list dhcp.@dnsmasq[0].addnhosts=/etc/block.hosts && uci commit


#Leave crontab alone, or add to it
grep -q "/etc/adblock.sh" /etc/crontabs/root || echo "$CRON" >> /etc/crontabs/root


#Add firewall rules if necessary
grep -q "$FW1" /etc/firewall.user && FIREWALL_EDITED="0" || echo "$FW1" >> /etc/firewall.user
grep -q "$FW2" /etc/firewall.user && FIREWALL_EDITED="0" || echo "$FW2" >> /etc/firewall.user


#Delete the old block.hosts to make room for the updates
rm -f /etc/block.hosts


echo 'Downloading hosts lists...'


#Download and process the files needed to make the lists (add more, if you want)
wget -qO- http://www.mvps.org/winhelp2002/hosts.txt| awk '/^0.0.0.0/' > /tmp/block.build.list 
wget -qO- http://www.malwaredomainlist.com/hostslist/hosts.txt|awk '{sub(/^127.0.0.1/, "0.0.0.0")} /^0.0.0.0/' >> /tmp/block.build.list 
wget -qO- "http://hosts-file.net/.ad_servers.txt"|awk '{sub(/^127.0.0.1/, "0.0.0.0")} /^0.0.0.0/' >> /tmp/block.build.list 
wget -qO- http://winhelp2002.mvps.org/hosts.txt|grep "^127.0.0.1" >> /tmp/block.build.list 
wget -qO- http://malwaredomainlist.com/hostslist/hosts.txt|grep "^127.0.0.1" >> /tmp/block.build.list 
wget -qO- http://hosts-file.net/ad_servers.txt|grep "^127.0.0.1" >> /tmp/block.build.list 
wget -qO- http://adaway.org/hosts.txt|grep "^127.0.0.1" >> /tmp/block.build.list 
wget -qO- http://sysctl.org/cameleon/hosts|grep "^127.0.0.1" >> /tmp/block.build.list 
wget -qO- http://jazz.tvtom.pl/download/hosts|grep "^127.0.0.1" >> /tmp/block.build.list 


#need GNU wget from opkg since BusyBox wget doesn't handle https well (for me it seems, lol)
wget -qO- --no-check-certificate "https://adaway.org/hosts.txt"|awk '{sub(/^127.0.0.1/, "0.0.0.0")} /^0.0.0.0/' >> /tmp/block.build.list 


#Add black list, if non-empty
if [ -s "/etc/black.list" ]
then
    echo 'Adding blacklist...'
    awk '/^[^#]/ { print "0.0.0.0",$1 }' /etc/black.list >> /tmp/block.build.list
fi


echo 'Sorting lists...'


#Sort the download/black lists
awk '{sub(/r$/,"");print $1,$2}' /tmp/block.build.list|sort -u > /tmp/block.build.before


echo 'Adding ipv6 support...'


#Add ipv6 support
sed -ire 's/^(0.0.0.0) (.*)$/1 2n:: 2/g' /tmp/block.build.before


if [ -s "/etc/white.list" ]
then
    #Filter the blacklist, supressing whitelist matches
    #  This is relatively slow =-(
    echo 'Filtering white list...'
    awk '/^[^#]/ {sub(/r$/,"");print $1}' /etc/white.list | grep -vf - /tmp/block.build.before > /etc/block.hosts
else
    cat /tmp/block.build.before > /etc/block.hosts
fi


echo 'Cleaning up...'


#Delete files used to build list to free up the limited space
rm -f /tmp/block.build.before
rm -f /tmp/block.build.list


if [ "$FIREWALL_EDITED" -ne "0" ]
then
    echo 'Restarting firewall...'
    /etc/init.d/firewall restart > /dev/null 2>&1
fi


echo 'Restarting dnsmasq...'


#Restart dnsmasq
if [ "$DNSMASQ_EDITED" -eq "0" ]
then
    pkill -HUP dnsmasq
else
    /etc/init.d/dnsmasq restart
fi


exit 0

директно през рутера, усеща се забавяне определено. Някой сеща ли се за по елегантно решение, по темата или малко да се поореже скрипта. 

[hgd]

Браво за реализацията. Миналата година правих подобни опити, но това натоварваше много домашният ми рутер. Atheros-а му на 400MHz не се справяше.

 

Елегантно решение няма, но за 150-180 лева с един допълнителен Ubnt EdgeRouter Lite може да стане...

[kokaracha]

Може да опиташ с прозрачно филтриращо прокси (tiny/pivoxy +adblock/dansguardian) .Много по елеганто и  добро работно решение е.

[psyx0]

Не храня клиентела да ми пука, за мен самия е употребата на интернета. Ъндрушит телефоните изобщо не ги броя, дразни на уиндоуса. Процесора си е 680Мегашперца за РутерСтайшън става въпрос, а пари за техника веднъж на 3 години фен съм ама не чак толкова. Ще опитам с дансгуардиан в най-скоро време, за пробата и ще докладвам. Kokaracha благодаря за идеята.

Редактирано 7 Август, 2014 от psyx0

[Самуил Арсов]

Edge Router:

ubnt@R3# set service webproxy url-filtering squidguard ?
Possible completions:
  allow-category
  		Category to allow
  allow-ipaddr-url
  		Allow option to allow IP address URLs
  auto-update	Auto update settings
  block-category
  		Category to block
  default-action
  		Default action
  enable-safe-search
  		Enable safe-mode search on popular search engines
  local-block	Local site to block
  local-block-keyword
  		Local keyword to block
  local-block-url
  		Local URL to block
  local-ok	Local site to allow
  local-ok-url	Local URL to allow
  log		Log block category
  redirect-url	Redirect URL for filtered websites
  rule		URL filter rule for a source-group
  source-group	Source group name
  time-period	Time period name

[psyx0]

Това е супер решение. Няма дам 150 лева за рутер и да нямам Вай ВАй. Стига ми модема за адсл, като екстра. За момента само OpenWRT решения търся.

Редактирано 8 Август, 2014 от psyx0