You are right, I did not get the point about domains v.s. IPs. By the way, fail2ban is able to find reverse DNS names.

Anyhow, a honeypot is a "pot of honey, which acts like a glue attracting insects" in order to produce a blacklist/banlist of IPs. For example, ssh TCP port 22 on WAN when running SSH on port 1022, or TCP port 80 if you are not running a webserver on WAN.

I used to run a honeypot on my webserver and could produce a huge blacklist/banlist. Those blacklist are interesting, because you can manage them directly and ban IPs forever (unless you decide to unban).

Using LEDE, I would like to combine adblock with iptables mechanisms to be able to manage my own blacklist. So my first need would be to be able to integrate blacklisted IPs and domain names, for example produced by fail2ban.

By the way, although fail2ban is Python, we need it in LEDE, as there is no real equivalent today. I will start a separate thread about fail2ban.

Hi Everyone,

I have installed adblock 2.6.2 to my AP running Openwrt Chaos Calmer 15.05.1. The AP is connected to a cable modem/router supplied by ISP.

I have the following questions:

1. In order to have adblocking take effect, all WiFi connected devices have to set their DNS to the IP address of the AP. Otherwise, the default "Obtain DNS automatically" would use the DNS supplied by the modem/router and adblocking is not working. Is this normal?
2. Is it possible to have adblocking effect even though "Obtain DNS automatically" is used in WiFi devices? May be setting the DNS in the modem/router to IP of AP may help but it has been confirmed that the modem/router does not allow user to change its DNS entries.
3. Can "Force local DNS" option in adblock Luci do the trick? Do I need to enable firewall in the AP to use this option?

Just configure the DHCP service on your ISP router to advertise the DNS of your AP.[quote="kingfish, post:166, topic:507"]

3. Can "Force local DNS" option in adblock Luci do the trick? Do I need to enable firewall in the AP to use this option?
   [/quote]
   No, it's a firewall rule (between lan/wan) and therefore not working in AP mode.

Hi dibdot,
Unfortunately the modem/router provided by ISP does not have settings for changing its default DNS entries.

Then implement a kind of "double NAT" solution, e.g.: attach all local wired and wireless network devices to your LEDE/adblock router on a different subnet (e.g. 192.168.2.), with NAT between that and the 192.168.1. LAN network provided by your ISP.

Any chance this selective adblock feature could be included to adblock 2.x ?

What should be implemented? Simply use another DNS server than the local one.

Dear @dibdot
I want get the neweset adblock in LEDE 17.01 firmware,how to compile in LEDE 17.01 tree environment

I found luci-app-adblock is new,but adblock allways is 2.6.2 in my firmware, after compiling LEDE 17.01

please help,thank you

Did you mean in your own custom build environment? If so, edit your feeds.conf and fetch the packages from master and not from lede-17.01 tree.

(Better) alternatives:

• use latest git snapshots (source + packages) - usually quite stable
• install 17.01 and add manually the latest adblock package from sources linked in my first post via opkg

yes,in my own custom buid environment

I will use manually install the lastest adblock package on 17.01

thank you Dibdot,your project is awesome,I have been use it over 1 year

Guys I want to add ABPindo as another source but I don't understand what option adb_src_rset means in /etc/config/adblock the ABPindo repo is located at https://github.com/ABPindo/indonesianadblockrules and the source list is at https://raw.githubusercontent.com/ABPindo/indonesianadblockrules/master/subscriptions/abpindo.txt

Someone please tell me how I can add this source to adblock. Thanks

EDIT:
One more thing, is it possible to block youtube ads with this package ?

EDIT AGAIN:
I've read the documentation at https://github.com/openwrt/packages/tree/master/net/adblock/files but I don't know anything about awk since I'm not a programmer, if someone's kind enough to help me. I'd really appreciate it.

Take this one (untested!):

config source 'reg_id'
	option enabled '1'
	option adb_src 'https://raw.githubusercontent.com/ABPindo/indonesianadblockrules/master/subscriptions/abpindo.txt'
	option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
	option adb_src_desc 'focus on indonesian ads, weekly updates, approx. 130 entries'

Thank you it works really well. If you don't mind please add that source to your repository so that other people wouldn't have to ask something like this again in the future.

EDIT:
Some ads are still showing, if you don't mind please add this one too https://easylist.to/easylist/easylist.txt I'm sorry for troubling you so much

Sorry, there are already several regional lists with easylist addition included - take one of these. Please remember that you block always on (sub-)domain level (and not on page element level!) ... anyway you'll never get 100%.

Okay so I can just pick one of those regional easylist sources and it'll work the same way as https://easylist.to/easylist/easylist.txt right ? Anyway please add that ABPindo into your repo. Many indonesians are using openwrt/lede I'm sure your package will be helpful to them. Thank you again for creating adblock on openwrt.

For references you can find many other sources at https://filterlists.com/

Can someone suggest me a subscription url to block youtube ads ? Right now some ads on youtube are still showing on my browser. This is my adblock configuration:

[details=Summary]```

adblock configuration, for further information

see 'https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md'

config adblock 'global'
option adb_enabled '1'
option adb_debug '1'
option adb_forcesrt '0'
option adb_forcedns '0'
option adb_iface 'wan'
option adb_triggerdelay '2'
option adb_whitelist '/etc/adblock/adblock.whitelist'
option adb_whitelist_rset '$1 ~/^([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower("^"$1"\|[.]"$1)}'
option adb_backup '0'
option adb_backupdir '/mnt'
option adb_rtfile '/tmp/adb_runtime.json'

config source 'adaway'
option enabled '1'
option adb_src 'https://adaway.org/hosts.txt'
option adb_src_rset '$0 ~/^127.0.0.1[ \t]+([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($2)}'
option adb_src_desc 'focus on mobile ads, infrequent updates, approx. 400 entries'

config source 'adguard'
option enabled '0'
option adb_src 'https://raw.githubusercontent.com/AdguardTeam/AdguardDNS/master/Filters/filter.txt'
option adb_src_rset '{FS="[|^]"} $0 ~/^||([A-Za-z0-9_-]+.){1,}[A-Za-z]+^$/{print tolower($3)}'
option adb_src_desc 'combined adguard dns filter list, approx. 12.000 entries'

config source 'anti_popads'
option enabled '1'
option adb_src 'https://raw.githubusercontent.com/Yhonay/antipopads/master/popads.txt'
option adb_src_rset '$0 ~/^127.0.0.1[ \t]+([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($2)}'
option adb_src_desc 'Blocks shady, annoying pop-under ads from the infamous PopAds ad network.'

config source 'blacklist'
option enabled '0'
option adb_src '/etc/adblock/adblock.blacklist'
option adb_src_rset '$1 ~/^([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($1)}'
option adb_src_desc 'static local domain blacklist (always deny these domains)'

config source 'disconnect'
option enabled '0'
option adb_src 'https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt'
option adb_src_rset '$1 ~/^([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($1)}'
option adb_src_desc 'mozilla driven blocklist, numerous updates on the same day, approx. 6.500 entries'

config source 'dshield'
option enabled '0'
option adb_src 'https://www.dshield.org/feeds/suspiciousdomains_Low.txt'
option adb_src_rset '$1 ~/^([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($1)}'
option adb_src_desc 'generic blocklist, daily updates, approx. 4.500 entries'

config source 'easylist'
option enabled '0'
option adb_src 'https://easylist-downloads.adblockplus.org/easylist.txt'
option adb_src_rset '{FS="[|^]"} $0 ~/^||([A-Za-z0-9_-]+.){1,}[A-Za-z]+^$/{print tolower($3)}'
option adb_src_desc 'easylist, weekly updates'

config source 'fanboy'
option enabled '0'
option adb_src 'https://easylist-downloads.adblockplus.org/fanboy-annoyance.txt'
option adb_src_rset '{FS="[|^]"} $0 ~/^||([A-Za-z0-9_-]+.){1,}[A-Za-z]+^$/{print tolower($3)}'
option adb_src_desc 'blocks in-page pop-ups, social media and related widgets, and other annoyances'

config source 'feodo'
option enabled '0'
option adb_src 'https://feodotracker.abuse.ch/blocklist/?download=domainblocklist'
option adb_src_rset '$1 ~/^([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($1)}'
option adb_src_desc 'focus on feodo botnet, daily updates, approx. 0-10 entries'

config source 'hphosts'
option enabled '0'
option adb_src 'https://hosts-file.net/ad_servers.txt'
option adb_src_rset '$0 ~/^127.0.0.1[ \t]+([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($2)}'
option adb_src_desc 'broad blocklist, monthly updates, approx. 50.000 entries'

config source 'malware'
option enabled '0'
option adb_src 'https://mirror.cedia.org.ec/malwaredomains/justdomains'
option adb_src_rset '$1 ~/^([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($1)}'
option adb_src_desc 'broad blocklist, daily updates, approx. 16.000 entries'

config source 'malwarelist'
option enabled '0'
option adb_src 'http://www.malwaredomainlist.com/hostslist/hosts.txt'
option adb_src_rset '$0 ~/^127.0.0.1[ \t]+([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($2)}'
option adb_src_desc 'focus on malware, daily updates, approx. 1.500 entries'

config source 'openphish'
option enabled '0'
option adb_src 'https://openphish.com/feed.txt'
option adb_src_rset '{FS="/"} $3 ~/^([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($3)}'
option adb_src_desc 'focus on phishing, numerous updates on the same day, approx. 1.800 entries'

config source 'ransomware'
option enabled '0'
option adb_src 'https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt'
option adb_src_rset '$1 ~/^([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($1)}'
option adb_src_desc 'focus on ransomware, numerous updates on the same day, approx. 130 entries'

config source 'reg_cn'
option enabled '0'
option adb_src 'https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt'
option adb_src_rset '{FS="[|^]"} $0 ~/^||([A-Za-z0-9_-]+.){1,}[A-Za-z]+^$/{print tolower($3)}'
option adb_src_desc 'focus on chinese ads, daily updates, approx. 1.600 entries'

config source 'reg_id'
option enabled '1'
option adb_src 'https://raw.githubusercontent.com/ABPindo/indonesianadblockrules/master/subscriptions/abpindo.txt'
option adb_src_rset '{FS="[|^]"} $0 ~/^||([A-Za-z0-9_-]+.){1,}[A-Za-z]+^$/{print tolower($3)}'
option adb_src_desc 'focus on indonesian ads, weekly updates, approx. 130 entries'

config source 'reg_nl'
option enabled '0'
option adb_src 'https://easylist-downloads.adblockplus.org/easylistdutch+easylist.txt'
option adb_src_rset '{FS="[|^]"} $0 ~/^||([A-Za-z0-9_-]+.){1,}[A-Za-z]+^$/{print tolower($3)}'
option adb_src_desc 'focus on dutch ads plus generic easylist additions, weekly updates, approx. 1300 entries'

config source 'reg_pl'
option enabled '0'
option adb_src 'http://adblocklist.org/adblock-pxf-polish.txt'
option adb_src_rset '{FS="[|^]"} $0 ~/^||([A-Za-z0-9_-]+.){1,}[A-Za-z]+^$/{print tolower($3)}'
option adb_src_desc 'focus on polish ads, daily updates, approx. 50 entries'

config source 'reg_ro'
option enabled '0'
option adb_src 'https://easylist-downloads.adblockplus.org/rolist+easylist.txt'
option adb_src_rset '{FS="[|^]"} $0 ~/^||([A-Za-z0-9_-]+.){1,}[A-Za-z]+^$/{print tolower($3)}'
option adb_src_desc 'focus on romanian ads plus generic easylist additions, weekly updates, approx. 600 entries'

config source 'reg_ru'
option enabled '1'
option adb_src 'https://easylist-downloads.adblockplus.org/ruadlist+easylist.txt'
option adb_src_rset '{FS="[|^]"} $0 ~/^||([A-Za-z0-9_-]+.){1,}[A-Za-z]+^$/{print tolower($3)}'
option adb_src_desc 'focus on russian ads plus generic easylist additions, weekly updates, approx. 2.000 entries'

config source 'securemecca'
option enabled '0'
option adb_src 'http://securemecca.com/Downloads/hosts.txt'
option adb_src_rset '$0 ~/^127.0.0.1[ \t]+([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($2)}'
option adb_src_desc 'broad blocklist, infrequent updates, approx. 25.000 entries'

config source 'shalla'
option enabled '0'
option adb_src 'http://www.shallalist.de/Downloads/shallalist.tar.gz'
option adb_src_rset '{FS="/"} $1 ~/^([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($1)}'
option adb_src_desc 'broad blocklist subdivided in different categories, daily updates, approx. 32.000 entries'
list adb_src_cat 'adv'
list adb_src_cat 'costtraps'
list adb_src_cat 'spyware'
list adb_src_cat 'tracker'
list adb_src_cat 'warez'

config source 'spam404'
option enabled '0'
option adb_src 'https://raw.githubusercontent.com/Dawsey21/Lists/master/main-blacklist.txt'
option adb_src_rset '$1 ~/^([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($1)}'
option adb_src_desc 'generic blocklist, infrequent updates, approx. 5.000 entries'

config source 'sysctl'
option enabled '0'
option adb_src 'http://sysctl.org/cameleon/hosts'
option adb_src_rset '$0 ~/^127.0.0.1[ \t]+([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($2)}'
option adb_src_desc 'broad blocklist, weekly updates, approx. 21.000 entries'

config source 'whocares'
option enabled '0'
option adb_src 'http://someonewhocares.org/hosts/hosts'
option adb_src_rset '$0 ~/^127.0.0.1[ \t]+([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($2)}'
option adb_src_desc 'broad blocklist, weekly updates, approx. 12.000 entries'

config source 'winspy'
option enabled '0'
option adb_src 'https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt'
option adb_src_rset '$0 ~/^0.0.0.0[ \t]+([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($2)}'
option adb_src_desc 'focus on windows spy & telemetry, infrequent updates, approx. 140 entries'

config source 'winhelp'
option enabled '0'
option adb_src 'http://winhelp2002.mvps.org/hosts.txt'
option adb_src_rset '$0 ~/^0.0.0.0[ \t]+([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($2)}'
option adb_src_desc 'broad blocklist, infrequent updates, approx. 15.000 entries'

config source 'youtube'
option enabled '1'
option adb_src 'https://raw.githubusercontent.com/kbinani/adblock-youtube-ads/master/signed.txt'
option adb_src_rset '{FS="[|^]"} $0 ~/^||([A-Za-z0-9_-]+.){1,}[A-Za-z]+^$/{print tolower($3)}'
option adb_src_desc 'Blocks ads on YouTube.'

config source 'yoyo'
option enabled '1'
option adb_src 'https://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=0&mimetype=plaintext'
option adb_src_rset '$1 ~/^([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($1)}'
option adb_src_desc 'focus on ad related domains, weekly updates, approx. 2.500 entries'

config source 'zeus'
option enabled '0'
option adb_src 'https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist'
option adb_src_rset '$1 ~/^([A-Za-z0-9_-]+.){1,}[A-Za-z]+/{print tolower($1)}'
option adb_src_desc 'focus on zeus botnet, daily updates, approx. 440 entries'

Meanwhile when I use the adblock extension on chromium it's perfectly fine no ads are showing. Here's the screenshot of my adblock configuration on chromium:
<img src="/uploads/default/original/2X/9/95bfa3b1f6832bdd32ddb91aa9b60cf74e5e9fe0.png" width="690" height="399">

This likely isn't something that can be blocked by blocking a domain at the router level; it's likely to be at a browser DOM level (i.e. injecting JavaScript to skip the YouTube ads).

So that means I still have to have adblock installed on my chromium, that's just unfortunate.

Is AdBlock compatible with DNSCrypt?
Im testing Adblock using this page: http://ads-blocker.com/testing/ and the ads are still there.
Log is just this:

Wed Aug 23 14:04:17 2017 user.notice adblock-[2.6.2] info : start adblock processing ...
Wed Aug 23 14:11:24 2017 user.notice adblock-[2.6.2] info : block lists with overall 129290 domains loaded successfully (LEDE Reboot 17.01.2 r3435-65eec8bd5f)

Probably your client don't use your local/router dns server ... ssh to your router and post the output of:

nslookup doubleclick.net