Congrats on this great release, Dirk. This new Whitelist Mode has the potential to be quite powerful. I may investigate this further for my KidSafe LEDE project, although that may not work without the possibility of two Adblock instances (one per dnsmasq instance).
Keep up the fantastic work! 
Hi Dirk - I'm very pleased with Adblock, looking forwards to version 3.1 going into the next stable LEDE release.
I'd like to combine the ability to whitelist in Adblock with an upstream category blocker like OpenDNS. Currently my understanding is that whitelisted domains are passed to the upstream DNS, so an Adblock whitelist can't override an upstream block?
It would be wonderfully useful to have a default upstream DNS for anything that passes the Adblock filters, but specifically steer whitelisted domains to an alternate DNS provider (like Google DNS for instance).
In that way I'd have the flexibility to control whitelisting from our network with Adblock, but also retain the wider category filtering of OpenDNS, thus avoiding the restriction of only 25/50 items (depending on pricing tier) in the OpenDNS whitelist.
Hope that makes sense but I'm happy to discuss if it sounds achievable.
Mike Thomson
Hi,
I have 2 vlans, 1 with vpn and 1 without. i have adblocking working on non vpn vlan, but cannot get it to work on vpn vlan. i am using custom dns servers to prevent dns leak. any help would be appreciated.
thanks
Cross-posted here...
Meanwhile you've solved your issue (mentioned in the other thread). Please share your solution - thanks.
Hi, thanks for your feedback. Currently I have no good idea to implement that (for all supported backends), but I put it on my todo list ...
Hi, i dont know how to use blocklist, i.e. in www.noticias3d.com i cant manually block ads.
i enter in EDIT BLACKLIST
noticias3d.com/imagenes/banners/
noticias3d.com/admentor
then click submit. Next click on Overview -> Save & apply
But no avail 
the web fully blocked, not only the ads
Hi, Of course. the way i fixed my issue was i simply contacted my vpn provider, who luckily provide DNS servers that block ads - and since they are the providers DNS servers they dont leak DNS either. i think i go lucky with this one.
hope this helps.
In my head, it required a separate set of DNS servers configured that Adblock would use for whitelisted domains, basically making direct requests itself, rather than passing the (non-blocked) domain to a backend for resolution. Otherwise it'd require two parallel resolving backends and configuration in Adblock to use one for the whitelisted entries and another for everything else. That is probably less of a pain to implement but users would need to know how to set up two resolvers that don't fight.
It's by no means a priority so I'll see if I can find another way around. Best of luck with the rest of the to-do list!
May I ask why 2.6.2-1 is still considered the stable implementation for LEDE for such a long time and not one of the newer versions?
It's only a matter of time/effort for a private project ... just use the latest 'snapshot' version if you miss something in 2.6.2. 
Am a total noob to Linux, and find the language a little intimidating, so “cronjobs” and whatnot is just Greek to me !
So… installed lede, and adblock with the luci interface, and all seems dandy… but should I be updating the sources somehow? if how?
… or does it draw on the sources at boot ?
Reading this thread, it seems a cronjob will do the deed... how do we set the event time please (noon) and also add a reboot at say, 6pm ?
so I think I'd sussed the above... but adding via luci crontab and pressing "submit" gives me a blank box... shouldnt they stay displayed, or maybe it wasn't accepted ?
Thanks
Dixie
The cronjob line should look like this:
0 12,18 * * * /etc/init.d/adblock restart
please consult the online doc and adapt the time, e.g.:
0 12 * * * /etc/init.d/adblock reload
likewise for reboot, e.g.:
0 18 * * * /sbin/reboot
To save all entries in LuCI hit 'Enter' after the last line and finally "Save" on the same page. Reload the page and check that both lines are still visible. Finally restart the cron service or simply reboot your router.
Seems that it was the 'return" at the end of each line that did the trick !
Still not sure what a. CRONTAB is though ! but the 2 entries are still in "scheduled tasks" so I assume we are done?
Many thanks
I don't want to come across like a jerk but this was the first hit on Google: https://kb.iu.edu/d/afiz
I use adblock in combination with Unbound and I have a cron job that "reload" adblock each day. This does however also clear the Unbound cache every day. Therefore I made this little patch that dumps the cache before the dns resolver is reloaded and loads it again afterwards. I hope it's appropriate to post it here, else let me know and I will (re)move the post.
It requires "unbound-control" to be installed. I've only tested it with "Unbound Control App" set to "Local Host, No Encryption" in LuCI.
can be applied to 3.1.1 using:
cd /
patch -p0 <thescriptbelow.patch
--- /rom/usr/bin/adblock.sh 2017-12-04 20:24:51.000000000 +0100
+++ /usr/bin/adblock.sh 2017-12-05 19:50:01.000000000 +0100
@@ -335,16 +335,44 @@
# f_dnsrestart: restart the dns backend
#
f_dnsrestart()
{
+ if [ "${adb_dns}" = "unbound" ] && [ -f /usr/sbin/unbound-control ]
+ then
+ unbound-control -c /var/lib/unbound/unbound.conf dump_cache >/tmp/adblock-unbound-cache
+ if [ $? -eq 0 ]
+ then
+ f_log "info " "unbound dump_cache: $(wc -l /tmp/adblock-unbound-cache | awk '{print $1}') lines / $(ls -lh /tmp/adblock-unbound-cache | awk '{print $5}')"
+ else
+ rm /tmp/adblock-unbound-cache
+ fi
+ fi
+
local dns_up cnt=0
"/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
while [ ${cnt} -le 10 ]
do
dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running")"
if [ "${dns_up}" = "true" ]
then
+ if [ -f /tmp/adblock-unbound-cache ]
+ then
+ retry=0
+ while [ ${retry} -le 15 ] # unbound sometimes needs time before it can accept commands
+ do
+ unbound-control -c /var/lib/unbound/unbound.conf load_cache </tmp/adblock-unbound-cache >/dev/null 2>&1
+ if [ $? -eq 0 ]
+ then
+ f_log "info " "unbound load_cache: $((retry+1)). attempt"
+ return 0
+ fi
+ retry=$((retry+1))
+ sleep 1
+ done
+ f_log "warn " "unbound load_cache failed"
+ rm /tmp/adblock-unbound-cache
+ fi
return 0
fi
cnt=$((cnt+1))
sleep 1
Output will look similar to this (look for unbound dump_cache / load_cache)
Wed Dec 6 02:00:00 2017 user.notice adblock-[3.1.1] info : start adblock processing ...
Wed Dec 6 02:00:23 2017 user.notice adblock-[3.1.1] info : unbound dump_cache: 20273 lines / 997.6K
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: service stopped (unbound 1.6.7).
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: server stats for thread 0: 21381 queries, 17749 answers from cache, 3632 recursions, 721 prefetch, 0 rejected by ip ratelimiting
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: server stats for thread 0: requestlist max 27 avg 0.77326 exceeded 0 jostled 0
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: average recursion processing time 0.069960 sec
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: histogram of recursion processing times
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: [25%]=0.0211768 median[50%]=0.0408439 [75%]=0.0870508
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: lower(secs) upper(secs) recursions
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 0.000000 0.000001 129
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 0.000512 0.001024 220
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 0.001024 0.002048 89
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 0.002048 0.004096 15
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 0.004096 0.008192 26
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 0.008192 0.016384 147
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 0.016384 0.032768 964
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 0.032768 0.065536 917
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 0.065536 0.131072 661
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 0.131072 0.262144 292
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 0.262144 0.524288 157
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 0.524288 1.000000 12
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 1.000000 2.000000 1
Wed Dec 6 02:00:23 2017 daemon.info unbound: [2906:0] info: 4.000000 8.000000 2
Wed Dec 6 02:00:29 2017 daemon.notice unbound: [7428:0] notice: init module 0: validator
Wed Dec 6 02:00:29 2017 daemon.notice unbound: [7428:0] notice: init module 1: iterator
Wed Dec 6 02:00:29 2017 daemon.info unbound: [7428:0] info: start of service (unbound 1.6.7).
Wed Dec 6 02:00:36 2017 user.notice adblock-[3.1.1] info : unbound load_cache: 1. attempt
Wed Dec 6 02:00:36 2017 user.notice adblock-[3.1.1] info : blocklist with overall 7658 domains loaded successfully (Xiaomi Mi Router 3G, LEDE Reboot SNAPSHOT r5447-e23ff06)You could also email the dnsmasq developer - he's pretty responsive usually.
Greetings everyone!
Blacklist is not working for me in following config:
::: adblock runtime information
option adb_forcedns '1'
On my macbook laptop I set DNS as 8.8.8.8
nslookup is returning the IP address for blocked domains too.
When I remove google DNS from laptop, blacklist seems to work.
It appears the adb_forcedns is not working as expected.
$ nslookup facebook.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: facebook.com
Address: 157.240.16.35
$nslookup facebook.com 192.168.7.1 (my router's ip)
Server: 192.168.7.1
Address: 192.168.7.1#53
** server can't find facebook.com: NXDOMAIN
Is this expected?
Any help is appreciated.
Did you use your device as an Access Point (LAN-only) or as a router to the internet with LAN/WAN-interfaces? Only the latter one supports this firewall redirection.