Adblock on your router

A lot of people already use Adblockers in their desktop browser, but what if you're using your phone, tablet or an alternative browser? Getting rid of annoying ads is simple: Block them with your router.

The idea is simple: when the DNS server on your router receives queries, we'll sort out queries that ask for the A Resource Records of ad servers and return 127.0.0.1 instead of the ad server's IP address.

There are loads of scripts out there to accomplish something like that. IMHO, some are too complex (like changing the FORWARD chain in iptables), some do stuff I don't like (e.g. manipulating stuff in /etc/) and some even pose a security threat, because they download config files and use them without checking their content.

This is why I wrote such a script myself. What It does:

• download a list of ad servers in dnsmasq config file format from yoyo.org
• check if the file only contains address statements that assign the IP address 127.0.0.1 to some domain name (with grep)
• save the file as /tmp/dnsmasq.d/adblock.conf
• restart dnsmasq

You need at least OpenWRT revision 39312 to use it.

Enough talk, let's get going: Simply SSH to your router, download this script:

# mkdir -p /opt/bin
# curl "https://gist.githubusercontent.com/Holzhaus/ed4ac1675a57f11c3057/raw/6a2b59ce046ad6da5f9eac48db925f0afb292a00/adblockupdater.sh" > /opt/bin/adblockupdater.sh
# chmod +x /opt/bin/adblockupdater.sh
# /opt/bin/adblockupdater.sh

To update the server list on a regular basis, add the line 0 0 */1 * * /opt/bin/adblockupdater.sh to your crontab by typing crontab -e.

Congrats, you now have adblock on your router!

Note: If you can't download the script, because you're getting curl: (51) Cert verify failed: BADCERT_NOT_TRUSTED, you're probably missing CA certificates. Run:

# opkg update
# opkg install ca-certificates

Also check if export SSL_CERT_DIR=/etc/ssl/certs is in your /etc/profile and add it, if neccessary. Run source /etc/profile and retry.