Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

adblock: update 1.4.7

Browse source 
Apply adblock update 1.4.5-1.4.7

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

Original commit messages:

adblock: update 1.4.5
* change the default hphosts list source to ad and tracking servers
only, the overall list includes to many false positives
* new optional config parm 'adb_hotplugif' to restrict hotplug support
to a certain wan interface or to disable it at all
* documentation update
* cosmetics

adblock: update 1.4.6
* added a 'window.close()' to adblock landing page to automatically
close any pop-ups that might get loaded with a blocked ad
* simplified dnsmasq check in ap mode

adblock: update 1.4.7
* add a query function to search the active blocklists for a specific
domain (/etc/init.d/adblock query <DOMAIN>)
* fix bug in ap mode/uhttpd port detection
* check general firewall and dnsmasq package dependencies and remove
redundant checks in ap mode
This commit is contained in:
Dirk Brenken 2016-08-28 17:34:30 +03:00 committed by Hannu Nyman
parent 190d5698c6
commit 124ac892c6
8 changed files with 57 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
net/adblock/Makefile
View file

@ -7,7 +7,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=adblock
PKG_VERSION:=1.4.4
PKG_VERSION:=1.4.7
PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0+
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>

21
net/adblock/files/README.md
View file

@ -16,7 +16,7 @@ A lot of people already use adblocker plugins within their desktop browsers, but
* [feodotracker](https://feodotracker.abuse.ch)
* => daily updates, approx. 0-10 entries
* [hphosts](https://hosts-file.net)
* => monthly updates, approx. 390.000 entries
* => monthly updates, approx. 50.000 entries
* [malwaredomains](http://malwaredomains.com)
* => daily updates, approx. 16.000 entries
* [malwaredomainlist](http://www.malwaredomainlist.com)
@ -48,7 +48,7 @@ A lot of people already use adblocker plugins within their desktop browsers, but
* [zeus tracker](https://zeustracker.abuse.ch)
* => daily updates, approx. 440 entries
* zero-conf like automatic installation & setup, usually no manual changes needed (i.e. ip address, network devices etc.)
* supports a wide range of router modes (incl. AP mode), as long as the firewall and the DNS server are enabled & in use
* supports a wide range of router modes (incl. AP mode), as long as firewall and dnsmasq are installed and in use
* full IPv4 and IPv6 support
* each blocklist source will be updated and processed separately
* timestamp check to download and process only updated adblock list sources
@ -61,7 +61,7 @@ A lot of people already use adblocker plugins within their desktop browsers, but
* use two dynamic uhttpd instances as adblock pixel server, separated for ads delivered on port 80 and on port 443
* use dynamic iptables chains/rulesets for adblock related redirects/rejects
* init system support (start/stop/restart/reload/toggle/stats/cfgup)
* hotplug support, the adblock start will be triggered by wan 'ifup' event
* hotplug support, the adblock start will be triggered by wan 'ifup' event, this can be restricted to a certain wan interface or disabled at all (see config options below)
* toggle to quickly switch adblock 'on' or 'off'
* optional: automatic adblock list backup/restore, backups will be (de-)compressed on the fly (disabled by default)
* optional: add new adblock sources via uci config (see example below)
@ -101,11 +101,13 @@ A lot of people already use adblocker plugins within their desktop browsers, but
* **white-/blacklist:** add domain white- or blacklist entries to always-allow or -deny certain (sub) domains, by default both lists are located in _/etc/adblock_. Please add one domain per line - ip addresses, wildcards & regex are _not_ allowed (see example below)
* **backup/restore:** enable the backup/restore feature, to restore automatically the latest compressed backup of your adblock lists in case of any processing error (i.e. a single blocklist source is down). Please use an (external) solid partition and _not_ your volatile router temp directory for this
* **list updates:** for a scheduled call of the adblock service add an appropriate crontab entry (see example below)
* **hotplug fine tuning:** to restrict hotplug support to a certain wan interface or to disable it at all, you can set 'adb\_hotplugif' to an existing interface like 'wan' or to a non-existing 'dummy' interface
* **new list sources:** you could add new blocklist sources on your own via uci config, all you need is a source url and an awk one-liner (see example below)
* **AP mode:** in 'AP mode' adblock uses automatically the local router ip as nullip address. To make sure that your LuCI interface will be still accessible, you have to change the local uhttpd instance to ports <> 80/443 (see example below)
* **AP mode:** in 'AP mode' adblock uses automatically the local router ip as nullip address. To make sure that your LuCI interface will be still accessible, you have to change the local uhttpd instance to ports <> 80/443 (see example below), also make sure that firewall and dnsmasq are installed and running
* **restricted mode:** to disable flash writes with adblock status information to the adblock config file (used by LuCI frontend), please set 'adb\_restricted' to '1'
* **adblock toggle:** to quickly switch adblocking 'on' or 'off', simply use _/etc/init.d/adblock toggle_
* **adblock statistics:** to update only the adblock statistics (without updating the block lists as well), please run _/etc/init.d/adblock stats_
* **adblock query <DOMAIN>:** to query the active blocklists for a specific domain, please run _/etc/init.d/adblock query <DOMAIN>_
* **configuration update:** to update an outdated adblock config file with the current default version, please run _/etc/init.d/adblock cfgup_, make your individual changes and start the adblock service again
* **debugging:** for script debugging please set the 'adb\_debug' variable in the header of _/etc/init.d/adblock_ to '1'
* **disable active dns probing in windows:** to prevent a possible yellow exclamation mark on your internet connection icon (which wrongly means connected, but no internet), please change the following registry key/value from "1" to "0" _HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet\EnableActiveProbing_
@ -122,6 +124,7 @@ A lot of people already use adblocker plugins within their desktop browsers, but
* adb\_forcedns => redirect all local DNS queries to the local dnsmasq resolver (default: '1', enabled / always disabled in 'AP mode')
* adb\_fetchttl => set the timeout for list downloads (default: '5' seconds)
* adb\_restricted => disable updates of the adblock config file (no flash writes) during runtime (default: '0', disabled)
* adb\_hotplugif => restrict hotplug support to a certain wan interface or disable it at all (default: '', disabled)
## Examples
@ -177,16 +180,6 @@ config uhttpd 'main'
list listen_https '0.0.0.0:445'
</code></pre>
**example grep for blocked (sub-)domains in adblock source files:**
<pre><code>
grep "google-analytics.com" "/tmp/dnsmasq.d/adb_list"*
This will output all matches with corresponding source files:
/tmp/dnsmasq.d/adb_list.winhelp:address=/ssl.google-analytics.com/198.18.0.1
/tmp/dnsmasq.d/adb_list.winhelp:address=/www.google-analytics.com/198.18.0.1
/tmp/dnsmasq.d/adb_list.yoyo:address=/google-analytics.com/198.18.0.1
</code></pre>
**example to find blocked domains on certain sites for whitelisting:**
<pre><code>
1. the easy way ...

43
net/adblock/files/adblock-helper.sh
View file

@ -6,6 +6,7 @@
#
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
adb_hotplugif=""
adb_lanif="lan"
adb_nullport="65534"
adb_nullportssl="65535"
@ -168,22 +169,12 @@ f_envcheck()
then
adb_nullipv4="${adb_ipv4}"
adb_nullipv6="${adb_ipv6}"
if [ -n "$(${adb_uci} -q get uhttpd.main.listen_http | grep -Fo "80")" ] ||
[ -n "$(${adb_uci} -q get uhttpd.main.listen_https | grep -Fo "443")" ]
if [ -n "$(${adb_uci} -q get uhttpd.main.listen_http | grep -o ":80$")" ] ||
[ -n "$(${adb_uci} -q get uhttpd.main.listen_https | grep -o ":443$")" ]
then
rc=-1
f_log "AP mode detected, please set local LuCI instance to ports <> 80/443"
f_exit
elif [ -z "$(pgrep -f "dnsmasq")" ]
then
rc=-1
f_log "please enable the local dnsmasq instance to use adblock"
f_exit
elif [ ! -f "/var/run/fw3.state" ]
then
rc=-1
f_log "please enable the local firewall to use adblock"
f_exit
else
apmode_ok="true"
fi
@ -203,23 +194,25 @@ f_envcheck()
# check general package dependencies
#
f_depend "busybox"
f_depend "uci"
f_depend "uhttpd"
f_depend "iptables"
f_depend "kmod-ipt-nat"
f_depend "busybox -"
f_depend "uci -"
f_depend "uhttpd -"
f_depend "iptables -"
f_depend "kmod-ipt-nat -"
f_depend "firewall -"
f_depend "dnsmasq*"
# check ipv6 related package dependencies
#
if [ -n "${adb_wanif6}" ]
then
f_depend "ip6tables" "true"
f_depend "ip6tables -" "true"
if [ "${package_ok}" = "false" ]
then
f_log "package 'ip6tables' not found, IPv6 support will be disabled"
unset adb_wanif6
else
f_depend "kmod-ipt-nat6" "true"
f_depend "kmod-ipt-nat6 -" "true"
if [ "${package_ok}" = "false" ]
then
f_log "package 'kmod-ipt-nat6' not found, IPv6 support will be disabled"
@ -230,13 +223,13 @@ f_envcheck()
# check uclient-fetch/wget dependencies
#
f_depend "uclient-fetch" "true"
f_depend "uclient-fetch -" "true"
if [ "${package_ok}" = "true" ]
then
f_depend "libustream-polarssl" "true"
f_depend "libustream-polarssl -" "true"
if [ "${package_ok}" = "false" ]
then
f_depend "libustream-\(mbedtls\|openssl\|cyassl\)" "true"
f_depend "libustream-\(mbedtls\|openssl\|cyassl\) -" "true"
if [ "${package_ok}" = "true" ]
then
adb_fetch="$(which uclient-fetch)"
@ -247,7 +240,7 @@ f_envcheck()
fi
if [ -z "${adb_fetch}" ]
then
f_depend "wget" "true"
f_depend "wget -" "true"
if [ "${package_ok}" = "true" ]
then
adb_fetch="$(which wget)"
@ -262,7 +255,7 @@ f_envcheck()
# check ca-certificate package and set fetch parm accordingly
#
f_depend "ca-certificates" "true"
f_depend "ca-certificates -" "true"
if [ "${package_ok}" = "false" ]
then
fetch_parm="${fetch_parm} --no-check-certificate"
@ -451,7 +444,7 @@ f_depend()
local check_only="${2}"
package_ok="true"
check="$(printf "${pkg_list}" | grep "^${package} -")"
check="$(printf "${pkg_list}" | grep "^${package}")"
if [ "${check_only}" = "true" ] && [ -z "${check}" ]
then
package_ok="false"

8
net/adblock/files/adblock-update.sh
View file

@ -10,8 +10,8 @@
#
adb_pid="${$}"
adb_pidfile="/var/run/adblock.pid"
adb_scriptver="1.4.4"
adb_mincfgver="2.3"
adb_scriptver="1.4.7"
adb_mincfgver="2.4"
adb_scriptdir="${0%/*}"
if [ -r "${adb_pidfile}" ]
then
@ -97,7 +97,7 @@ do
then
if [ "${src_name}" = "blacklist" ]
then
tmp_domains="$(cat "${url}" | strings -n 1)"
tmp_domains="$(strings -n 1 "${url}")"
elif [ "${src_name}" = "shalla" ]
then
shalla_archive="${adb_tmpdir}/shallalist.tar.gz"
@ -117,7 +117,7 @@ do
break
fi
done
tmp_domains="$(cat "${shalla_file}" | strings -n 1)"
tmp_domains="$(strings -n 1 "${shalla_file}")"
rm -rf "${adb_tmpdir}/BL"
rm -f "${shalla_archive}"
rm -f "${shalla_file}"

6
net/adblock/files/adblock.conf
View file

@ -3,7 +3,7 @@
config adblock 'global'
option adb_enabled '1'
option adb_cfgver '2.3'
option adb_cfgver '2.4'
option adb_whitelist '/etc/adblock/adblock.whitelist'
option adb_whitelist_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\"^\"\$1\"\\\|[.]\"\$1)}'
option adb_forcedns '1'
@ -44,9 +44,9 @@ config source 'feodo'
config source 'hphosts'
option enabled '0'
option adb_src 'https://hosts-file.net/download/hosts.txt'
option adb_src 'https://hosts-file.net/ad_servers.txt'
option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
option adb_src_desc 'broad blocklist against ad-, tracking- and other malicious hosts, monthly updates, approx. 390.000 entries'
option adb_src_desc 'broad blocklist against ad- and tracking hosts, monthly updates, approx. 50.000 entries'
config source 'malware'
option enabled '0'

7
net/adblock/files/adblock.hotplug
View file

@ -15,6 +15,9 @@ f_envload
if [ "${INTERFACE}" = "${adb_wanif4}" ] || [ "${INTERFACE}" = "${adb_wanif6}" ]
then
/etc/init.d/adblock start
f_log "adblock service started due to '${ACTION}' of '${INTERFACE}' interface"
if [ -z "${adb_hotplugif}" ] || [ "${INTERFACE}" = "${adb_hotplugif}" ]
then
/etc/init.d/adblock start
f_log "adblock service started due to '${ACTION}' of '${INTERFACE}' interface"
fi
fi

17
net/adblock/files/adblock.init
View file

@ -2,10 +2,11 @@
#
START=99
EXTRA_COMMANDS="toggle stats cfgup"
EXTRA_COMMANDS="toggle stats cfgup query"
EXTRA_HELP=" toggle Toggle adblock 'on' or 'off'
stats Update adblock statistics
cfgup Update adblock configuration file"
cfgup Update adblock configuration file
query <DOMAIN> Query active blocklists for specific domain"
adb_debug=0
adb_pid="${$}"
@ -127,3 +128,15 @@ cfgup()
fi
return 0
}
query()
{
if [ -z "${1}" ]
then
f_log "no domain query input, please submit a specific search domain"
else
f_log "results for search domain '${1}':"
grep "${1}" "/tmp/dnsmasq.d/adb_list"*
fi
return 0
}

5
net/adblock/files/www/adblock/index.html
View file

@ -1,5 +1,8 @@
<html>
<body>
<head>
<script>window.close();</script>
</head>
<body>
<img src="data:image/gif;base64,R0lGODlhAQABAAAAACwAAAAAAQABAAA=" alt=""></img>
</body>
</html>