Jump to content

Ad-block за OpenWRT


psyx0
 Share

Recommended Posts

В последно време никак не ми харесват циркаджииските шарени сайтове, и пробвах да пофилтрирам съдържанието на страниците със Adblock скрипт а той е следния 

#!/bin/sh
#Put in /etc/adblock.sh


#Block ads, malware, etc.


#Need pkill installed
if command -v pkill > /dev/null
then
    echo 'Found pkill!'
else
    echo 'Updating package list...'
    opkg update > /dev/null
    echo 'Installing procps/procps-pkill package...'
    opkg install procps > /dev/null
    opkg install procps-pkill > /dev/null
fi


#Need iptables-mod-nat-extra installed
if opkg list-installed | grep -q iptables-mod-nat-extra
then
    echo 'iptables-mod-nat-extra is installed!'
else
    echo 'Updating package list...'
    opkg update > /dev/null
    echo 'Installing iptables-mod-nat-extra...'
    opkg install iptables-mod-nat-extra > /dev/null
fi




#Pre-defined commands (change the cron command to what is comfortable, or leave as is)
FW1="iptables -t nat -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53"
FW2="iptables -t nat -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53"
CRON="0 4 * * 0,3 sh /etc/adblock.sh"
DNSMASQ_EDITED="1"
FIREWALL_EDITED="1"


echo 'Updating config, if necessary...'


#Check proper DHCP config and, if necessary, update it
uci get dhcp.@dnsmasq[0].addnhosts > /dev/null 2>&1 && DNSMASQ_EDITED="0" || uci add_list dhcp.@dnsmasq[0].addnhosts=/etc/block.hosts && uci commit


#Leave crontab alone, or add to it
grep -q "/etc/adblock.sh" /etc/crontabs/root || echo "$CRON" >> /etc/crontabs/root


#Add firewall rules if necessary
grep -q "$FW1" /etc/firewall.user && FIREWALL_EDITED="0" || echo "$FW1" >> /etc/firewall.user
grep -q "$FW2" /etc/firewall.user && FIREWALL_EDITED="0" || echo "$FW2" >> /etc/firewall.user


#Delete the old block.hosts to make room for the updates
rm -f /etc/block.hosts


echo 'Downloading hosts lists...'


#Download and process the files needed to make the lists (add more, if you want)
wget -qO- http://www.mvps.org/winhelp2002/hosts.txt| awk '/^0.0.0.0/' > /tmp/block.build.list 
wget -qO- http://www.malwaredomainlist.com/hostslist/hosts.txt|awk '{sub(/^127.0.0.1/, "0.0.0.0")} /^0.0.0.0/' >> /tmp/block.build.list 
wget -qO- "http://hosts-file.net/.ad_servers.txt"|awk '{sub(/^127.0.0.1/, "0.0.0.0")} /^0.0.0.0/' >> /tmp/block.build.list 
wget -qO- http://winhelp2002.mvps.org/hosts.txt|grep "^127.0.0.1" >> /tmp/block.build.list 
wget -qO- http://malwaredomainlist.com/hostslist/hosts.txt|grep "^127.0.0.1" >> /tmp/block.build.list 
wget -qO- http://hosts-file.net/ad_servers.txt|grep "^127.0.0.1" >> /tmp/block.build.list 
wget -qO- http://adaway.org/hosts.txt|grep "^127.0.0.1" >> /tmp/block.build.list 
wget -qO- http://sysctl.org/cameleon/hosts|grep "^127.0.0.1" >> /tmp/block.build.list 
wget -qO- http://jazz.tvtom.pl/download/hosts|grep "^127.0.0.1" >> /tmp/block.build.list 


#need GNU wget from opkg since BusyBox wget doesn't handle https well (for me it seems, lol)
wget -qO- --no-check-certificate "https://adaway.org/hosts.txt"|awk '{sub(/^127.0.0.1/, "0.0.0.0")} /^0.0.0.0/' >> /tmp/block.build.list 


#Add black list, if non-empty
if [ -s "/etc/black.list" ]
then
    echo 'Adding blacklist...'
    awk '/^[^#]/ { print "0.0.0.0",$1 }' /etc/black.list >> /tmp/block.build.list
fi


echo 'Sorting lists...'


#Sort the download/black lists
awk '{sub(/r$/,"");print $1,$2}' /tmp/block.build.list|sort -u > /tmp/block.build.before


echo 'Adding ipv6 support...'


#Add ipv6 support
sed -ire 's/^(0.0.0.0) (.*)$/1 2n:: 2/g' /tmp/block.build.before


if [ -s "/etc/white.list" ]
then
    #Filter the blacklist, supressing whitelist matches
    #  This is relatively slow =-(
    echo 'Filtering white list...'
    awk '/^[^#]/ {sub(/r$/,"");print $1}' /etc/white.list | grep -vf - /tmp/block.build.before > /etc/block.hosts
else
    cat /tmp/block.build.before > /etc/block.hosts
fi


echo 'Cleaning up...'


#Delete files used to build list to free up the limited space
rm -f /tmp/block.build.before
rm -f /tmp/block.build.list


if [ "$FIREWALL_EDITED" -ne "0" ]
then
    echo 'Restarting firewall...'
    /etc/init.d/firewall restart > /dev/null 2>&1
fi


echo 'Restarting dnsmasq...'


#Restart dnsmasq
if [ "$DNSMASQ_EDITED" -eq "0" ]
then
    pkill -HUP dnsmasq
else
    /etc/init.d/dnsmasq restart
fi


exit 0
директно през рутера, усеща се забавяне определено. Някой сеща ли се за по елегантно решение, по темата или малко да се поореже скрипта. 
  • Like 1

I never saw a wild thing sorry for itself . A small bird will drop frozen dead from a bough wit hour ever having felt sorry for itself.

Link to comment
Share on other sites

Браво за реализацията. Миналата година правих подобни опити, но това натоварваше много домашният ми рутер. Atheros-а му на 400MHz не се справяше.

 

Елегантно решение няма, но за 150-180 лева с един допълнителен Ubnt EdgeRouter Lite може да стане...

Link to comment
Share on other sites

Може да опиташ с прозрачно филтриращо прокси (tiny/pivoxy +adblock/dansguardian) .Много по елеганто и  добро работно решение е.

Use since

OpenBSD 3.x

FreeBSD 4.x

Centos 5.x Debian 3.x Ubuntu 7.x

Аз съм фен на OpenWRT.

 

Горчивината от лошото качество остава дълго след като е преминало удоволствието от ниската цена.

_____________________________

___|____|____|____|____|____|__

_|____|____|____|____|____|____

___|____|_ Удряй _|____|____|__

_|____|___ главата ___|____|____

___|____|_ си тук!! |____|____|__

_|____|____|____|____|____|____

___|____|____|____|____|____|__

Link to comment
Share on other sites

Не храня клиентела да ми пука, за мен самия е употребата на интернета. Ъндрушит телефоните изобщо не ги броя, дразни на уиндоуса. Процесора си е 680Мегашперца за РутерСтайшън става въпрос, а пари за техника веднъж на 3 години фен съм ама не чак толкова. Ще опитам с дансгуардиан в най-скоро време, за пробата и ще докладвам. Kokaracha благодаря за идеята.

Edited by psyx0

I never saw a wild thing sorry for itself . A small bird will drop frozen dead from a bough wit hour ever having felt sorry for itself.

Link to comment
Share on other sites

  • Administrator

Edge Router:

ubnt@R3# set service webproxy url-filtering squidguard ?
Possible completions:
  allow-category
  		Category to allow
  allow-ipaddr-url
  		Allow option to allow IP address URLs
  auto-update	Auto update settings
  block-category
  		Category to block
  default-action
  		Default action
  enable-safe-search
  		Enable safe-mode search on popular search engines
  local-block	Local site to block
  local-block-keyword
  		Local keyword to block
  local-block-url
  		Local URL to block
  local-ok	Local site to allow
  local-ok-url	Local URL to allow
  log		Log block category
  redirect-url	Redirect URL for filtered websites
  rule		URL filter rule for a source-group
  source-group	Source group name
  time-period	Time period name

Link to comment
Share on other sites

Това е супер решение. Няма дам 150 лева за рутер и да нямам Вай ВАй. Стига ми модема за адсл, като екстра. За момента само OpenWRT решения търся.

Edited by psyx0

I never saw a wild thing sorry for itself . A small bird will drop frozen dead from a bough wit hour ever having felt sorry for itself.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.