Does anything have a simple method or script for blocking Ads in the router??
I wanted to use the easy list
https://easylist-downloads.adblockplus.org/easylist.txt
block everything and autoupdate it.
Re: Layer 7 Adblock?
i think its better to use webproxy and block in access list.
Something like this.
/ip proxy access
add action=deny dst-host=*.google-analytics.* redirect-to=0.0.0.0
add action=deny dst-host=*.amazonaws.com redirect-to=0.0.0.0
add action=deny dst-host=ads.* redirect-to=0.0.0.0
add action=deny dst-host=*.mobfox.* redirect-to=0.0.0.0
add action=deny dst-host=*.cloudfront.* redirect-to=0.0.0.0
add action=deny dst-host=*.doubleclick.* redirect-to=0.0.0.0
add action=deny dst-host=*.scorecardresearch.com redirect-to=0.0.0.0
add action=deny dst-host=*.scorecardresearch.*
add action=deny dst-host=*.googlesyndication.* redirect-to=0.0.0.0
add action=deny dst-host=*.googletagmanager.* redirect-to=0.0.0.0
add action=deny dst-host=fusion.* redirect-to=0.0.0.0
add action=deny dst-host=*.research-int.se redirect-to=0.0.0.0
add action=deny dst-host=*.tailsweep* redirect-to=0.0.0.0
add action=deny dst-host=*.googletagservices.* redirect-to=0.0.0.0
add action=deny dst-host=*.adnxs* redirect-to=0.0.0.0
add action=deny dst-host=adv.* redirect-to=0.0.0.0
add action=deny dst-host=*.adform* redirect-to=0.0.0.0
I have a bigger list but this is an example, and there is no way to autoupdate it.
I think this dosent use as much cpu like when u use layer 7 protocol.
Martin
Something like this.
/ip proxy access
add action=deny dst-host=*.google-analytics.* redirect-to=0.0.0.0
add action=deny dst-host=*.amazonaws.com redirect-to=0.0.0.0
add action=deny dst-host=ads.* redirect-to=0.0.0.0
add action=deny dst-host=*.mobfox.* redirect-to=0.0.0.0
add action=deny dst-host=*.cloudfront.* redirect-to=0.0.0.0
add action=deny dst-host=*.doubleclick.* redirect-to=0.0.0.0
add action=deny dst-host=*.scorecardresearch.com redirect-to=0.0.0.0
add action=deny dst-host=*.scorecardresearch.*
add action=deny dst-host=*.googlesyndication.* redirect-to=0.0.0.0
add action=deny dst-host=*.googletagmanager.* redirect-to=0.0.0.0
add action=deny dst-host=fusion.* redirect-to=0.0.0.0
add action=deny dst-host=*.research-int.se redirect-to=0.0.0.0
add action=deny dst-host=*.tailsweep* redirect-to=0.0.0.0
add action=deny dst-host=*.googletagservices.* redirect-to=0.0.0.0
add action=deny dst-host=*.adnxs* redirect-to=0.0.0.0
add action=deny dst-host=adv.* redirect-to=0.0.0.0
add action=deny dst-host=*.adform* redirect-to=0.0.0.0
I have a bigger list but this is an example, and there is no way to autoupdate it.
I think this dosent use as much cpu like when u use layer 7 protocol.
Martin
Re: Layer 7 Adblock?
i think its better to use webproxy and block in access list.
Something like this.
/ip proxy access
add action=deny dst-host=*.google-analytics.* redirect-to=0.0.0.0
add action=deny dst-host=*.amazonaws.com redirect-to=0.0.0.0
add action=deny dst-host=ads.* redirect-to=0.0.0.0
add action=deny dst-host=*.mobfox.* redirect-to=0.0.0.0
add action=deny dst-host=*.cloudfront.* redirect-to=0.0.0.0
add action=deny dst-host=*.doubleclick.* redirect-to=0.0.0.0
add action=deny dst-host=*.scorecardresearch.com redirect-to=0.0.0.0
add action=deny dst-host=*.scorecardresearch.*
add action=deny dst-host=*.googlesyndication.* redirect-to=0.0.0.0
add action=deny dst-host=*.googletagmanager.* redirect-to=0.0.0.0
add action=deny dst-host=fusion.* redirect-to=0.0.0.0
add action=deny dst-host=*.research-int.se redirect-to=0.0.0.0
add action=deny dst-host=*.tailsweep* redirect-to=0.0.0.0
add action=deny dst-host=*.googletagservices.* redirect-to=0.0.0.0
add action=deny dst-host=*.adnxs* redirect-to=0.0.0.0
add action=deny dst-host=adv.* redirect-to=0.0.0.0
add action=deny dst-host=*.adform* redirect-to=0.0.0.0
I have a bigger list but this is an example, and there is no way to autoupdate it.
I think this dosent use as much cpu like when u use layer 7 protocol.
Martin
Hi, thks for the example. It is possible to have the full list?
Best regards,
Re: Layer 7 Adblock?
Here you go attached file with about 175 lines.
The way i got this 175 lines i have tested about 94000 lines and these were the ones getting hit in deny rule.
My router is a RB1100ahx2 and has no problen handling these 175 lines but when i tested with about 30000 the router processor worked hard.
At work i have a RB951G-2HnD and that RB has no problem running proxy and the 175 lines.
The way i got this 175 lines i have tested about 94000 lines and these were the ones getting hit in deny rule.
My router is a RB1100ahx2 and has no problen handling these 175 lines but when i tested with about 30000 the router processor worked hard.
At work i have a RB951G-2HnD and that RB has no problem running proxy and the 175 lines.
You do not have the required permissions to view the files attached to this post.
Layer 7 Adblock?
Hi,
Thank you very much. I test it tomorow
Regards
Thank you very much. I test it tomorow
Regards
Re: Layer 7 Adblock?
sounds interesting....
# Internet cleans annoying ads (Mikrotik ads blocker)
# hosts file has the format:
127.0.0.1 localhost
127.0.0.1 domain-a.tld
127.0.0.1 domain-b.tld
# The MikroTik script format, using static DNS routes:
/ip dns static
add address=127.0.0.1 name=localhost
add address=127.0.0.1 name=domain-a.tld
add address=127.0.0.1 name=domain-b.tld
For the current list of the first and second convert we execute simple commands in a shell on, for example, the desktop (the hit):
# Download the lists and add them softly under the names ./hosts_list.1, ./hosts_list.2etc.
$ src=('http://pgl.yoyo.org/adservers/serverlis ... =plaintext' 'https://adaway.org/hosts.txt'); i=0; for file in ${src[*]}; do i=$((i+1)); wget --no-check-certificate -O "./hosts_list.$i" "$file"; done;
#Check everything starting with '127.0.0.1', delete comments, leaving only domain names, remove duplicates, delete blank lines, and distinguish each domain as an order for the import:
$ in="./hosts_list.*" && out="./adblock_dns.rsc" && host='127.0.0.1'; echo "/ip dns static" > $out && grep '127.0.0.1 ' $in | grep -v '^#' | cut -d' ' -f 2 | sort -u | grep . | sed "s/^/add address=$host name=/" >> $out && rm -f $in; wc -l $out;
Import into MikroTik
To import the file, they cling to the router via FTP, fill it adblock_dns.rsc, then cling to SSH or open a terminal, they perform:
# Make a backup (resulting backup is best kept in your car):
/ system backup save
# If you have a table there are no important routes, we can hit all the records:
/ ip dns static remove [/ ip dns static find]
# Import the downloaded file:
/ import adblock_dns.rsc
# Clean up after yourself:
/ file remove adblock_dns.rsc
automation
One of the simplest automation options - script for Bache, which supports the crown date to adblock_dns.rsc public disposition on, for example, ftp. Its foundation has already been described above, it is still only to decorate at its discretion (requires a different team).
Another option - is to use MetaRouter actually or about MikroTik-e, in which the same OpenWRT (eliminates the need for a different computer, this option is not painted in detail for lack of a good MikroTik and under the arms).
The second script (in Mikrotik) takes (adblock_dns.rsc), and makes a backup, and if the file has been successfully downloaded and the backup has managed to preserve its imports previously (attention) hit all available paths :
:local hostScriptUrl "ftp://user:login@ftp_host:21/adblock_dns.rsc";
:local scriptName "adblock_dns.rsc";
:local backupFileName "before_stopad";
:local logPrefix "[StopAD]";
do {
/tool fetch mode=ftp url=$hostScriptUrl dst-path=("./".$scriptName);
:if ([:len [/file find name=$scriptName]] > 0) do={
/system backup save name=$backupFileName;
:delay 1s;
:if ([:len [/file find name=($backupFileName.".backup")]] > 0) do={
/ip dns static remove [/ip dns static find];
/import file-name=$scriptName;
/file remove $scriptName;
:log info "$logPrefix AD block script imported, backup file (\"$backupFileName.backup\") created";
} else={
:log warning "$logPrefix Backup file not created, importing AD block script stopped";
}
} else={
:log warning "$logPrefix Backup file not downloaded, script stopped";
}
} on-error={
:log warning "$logPrefix AD block script download FAILED";
};
For more information go here: https://blog.kplus.pro/mikrotik/adblock-with-dns.html
# Internet cleans annoying ads (Mikrotik ads blocker)
# hosts file has the format:
127.0.0.1 localhost
127.0.0.1 domain-a.tld
127.0.0.1 domain-b.tld
# The MikroTik script format, using static DNS routes:
/ip dns static
add address=127.0.0.1 name=localhost
add address=127.0.0.1 name=domain-a.tld
add address=127.0.0.1 name=domain-b.tld
For the current list of the first and second convert we execute simple commands in a shell on, for example, the desktop (the hit):
# Download the lists and add them softly under the names ./hosts_list.1, ./hosts_list.2etc.
$ src=('http://pgl.yoyo.org/adservers/serverlis ... =plaintext' 'https://adaway.org/hosts.txt'); i=0; for file in ${src[*]}; do i=$((i+1)); wget --no-check-certificate -O "./hosts_list.$i" "$file"; done;
#Check everything starting with '127.0.0.1', delete comments, leaving only domain names, remove duplicates, delete blank lines, and distinguish each domain as an order for the import:
$ in="./hosts_list.*" && out="./adblock_dns.rsc" && host='127.0.0.1'; echo "/ip dns static" > $out && grep '127.0.0.1 ' $in | grep -v '^#' | cut -d' ' -f 2 | sort -u | grep . | sed "s/^/add address=$host name=/" >> $out && rm -f $in; wc -l $out;
Import into MikroTik
To import the file, they cling to the router via FTP, fill it adblock_dns.rsc, then cling to SSH or open a terminal, they perform:
# Make a backup (resulting backup is best kept in your car):
/ system backup save
# If you have a table there are no important routes, we can hit all the records:
/ ip dns static remove [/ ip dns static find]
# Import the downloaded file:
/ import adblock_dns.rsc
# Clean up after yourself:
/ file remove adblock_dns.rsc
automation
One of the simplest automation options - script for Bache, which supports the crown date to adblock_dns.rsc public disposition on, for example, ftp. Its foundation has already been described above, it is still only to decorate at its discretion (requires a different team).
Another option - is to use MetaRouter actually or about MikroTik-e, in which the same OpenWRT (eliminates the need for a different computer, this option is not painted in detail for lack of a good MikroTik and under the arms).
The second script (in Mikrotik) takes (adblock_dns.rsc), and makes a backup, and if the file has been successfully downloaded and the backup has managed to preserve its imports previously (attention) hit all available paths :
:local hostScriptUrl "ftp://user:login@ftp_host:21/adblock_dns.rsc";
:local scriptName "adblock_dns.rsc";
:local backupFileName "before_stopad";
:local logPrefix "[StopAD]";
do {
/tool fetch mode=ftp url=$hostScriptUrl dst-path=("./".$scriptName);
:if ([:len [/file find name=$scriptName]] > 0) do={
/system backup save name=$backupFileName;
:delay 1s;
:if ([:len [/file find name=($backupFileName.".backup")]] > 0) do={
/ip dns static remove [/ip dns static find];
/import file-name=$scriptName;
/file remove $scriptName;
:log info "$logPrefix AD block script imported, backup file (\"$backupFileName.backup\") created";
} else={
:log warning "$logPrefix Backup file not created, importing AD block script stopped";
}
} else={
:log warning "$logPrefix Backup file not downloaded, script stopped";
}
} on-error={
:log warning "$logPrefix AD block script download FAILED";
};
For more information go here: https://blog.kplus.pro/mikrotik/adblock-with-dns.html
Who is online
Users browsing this forum: Amazon [Bot], derolf and 35 guests