27

Help!!!!

Finally with help of @fuck2code and some Googling I managed to configure my hosts file to block most of ad trackers, porn and everything around.

We also got single file to toggle the hosts file when required.

Now I am trying to do the same on my WiFi router but not sure how to do it.

Google does not have relevant results.

Any network or sysadmins here who can help me?

I am using Netgear Genie.

Comments
  • 4
    @condor @linux @linuxxx you are the people I can think of on top of my head.
  • 15
    Hostile is a bad idea. Install pihole that dynamicaly gets new ad servers and shit
  • 3
    @Linux how do I do that and what's the difference?
  • 12
    You can host your own DNS server. Use unbound or pdns.

    I have written articles on how to set it up.

    https://djfordz.com/2017/02/...

    They have changed dnscrypt a lot in last version so I need to rewrite that part. But just follow settinf up for unbound and then you can just use that as your DNS server. Block anything you want with a file that redirects ad urls to 127.0.0.1
  • 4
    @Floydian
    What OS do you use?
    Or do you have a Raspberry at home?
  • 5
    You can also use a cron and pull a list from here

    #

    # For more information about this list, see: https://pgl.yoyo.org/adservers/

    # ----

    # last updated: Sun, 04 Feb 2018 20:50:56 GMT

    # entries: 2583

    # format: unbound (unbound -- for use with the Unbound DNS server)

    # credits: Peter Lowe - pgl@yoyo.org - https://pgl.yoyo.org/ - https://twitter.com/pgl

    # this URL: http://pgl.yoyo.org/adservers/...

    # other formats: https://pgl.yoyo.org/adservers/...

    # policy: https://pgl.yoyo.org/adservers/...
  • 8
    why block porn tho 😏
  • 7
    Use pihole
    Period
    You just need a rpi

    https://pi-hole.net
  • 1
    @Linux On laptop I have Windows.

    Don't know what my Netgear router uses.

    No, I don't have Raspberry.
  • 2
    @dev-nope I find it meaningless.
  • 2
    @Bitwise @linux @cozyplanes You people are so amazing. Thanks in advance :)
  • 4
    Just realized my ad sever list have been updated since Feb now I have to figure out why my timer isn't working 😂😂
  • 2
    @Bitwise I went through your article. I found it bit complex to understand and configure as I am not a dev but a tester :P
  • 3
    Unfortunately I cannot hello for Windows. I can only recommend setting up unbound on Linux server somewhere and using that to set your DNS info to in your router and PC's

    A rasp pi would be perfect for this or as everyone says using pihole guess it does all this for you.

    Try to pick up a rasp pi. They are actually fun to play with anyways.
  • 5
    I wouldn't go with a Raspberry Pi as it's only got a 100Mbps Ethernet link, and pretty terrible performance. It'd be too close to my internet download speed for me to consider putting it in series with my Fritz!Box 7490 combo router.

    I'd go with a personal VPN server where you can configure BIND. DigitalOcean has a good tutorial on how to set up OpenVPN server on Ubuntu 16.04 Server. Next, you can configure BIND on it to be a customized DNS relay to e.g. 1.1.1.1 (Cloudflare DNS).

    https://digitalocean.com/community/...
    https://digitalocean.com/community/...

    Or you could probably get away with just BIND, but hey, while you're at it, why not make it a VPN server as well 😁 that way your DNS server can be made truly private (as you can hide it in the VPN network using the firewall) and you can rest assured that your ISP can't snoop on your internet traffic anymore either.
  • 7
    @Condor
    Why would you not go for a Raspberry DNS server?
  • 4
    @Condor

    That is good advice, but as always it depends on price he can afford, running a droplet is a monthly bill.
  • 5
    @Condor

    Also a dns server won't be inline and won't affect dl/ul speed it just routes the dns query to that server instead of the internet.
  • 3
    @Linux because my downlink is already ~50Mbps, and as the Raspberry Pi has only a single 100Mbps link that would most certainly have to do some fiddling around with virtual interfaces and shove traffic through it both ways. In other words it would only be able to reroute up to 50Mbps, which is too close to my actual internet speed to not be considered a bottleneck.

    Pi-Hole's design seems simple and accessible but I would rather run it on an x86 host with multiple GbE interfaces instead.
  • 5
    @Bitwise aha, I see 🤔 that's where I went wrong in my thought process. Forget what I said then. For DNS a 100Mbps link would most certainly suffice.
  • 3
    @Condor yeah, DNS work well even with 56k modem ;)
  • 5
    @Condor
    Pihole is a DNS server basically.
  • 1
    Can you post the hosts file somewhere?
  • 0
  • 0
    @Condor pi 3b+ offers gigabit
  • 0
    @inpothet I have 5 of those here... They only have a single 100Mbps Ethernet link.
  • 0
  • 2
    @Condor @Linux @Bitwise thanks fellas for all the help. But that's too technical for me to understand and execute 😥😥😥

    Can't I just place the hosts file somewhere in my router just like I do in Windows?
  • 5
    @Floydian
    Depends on the router and the DHCP settings on it. I strongly suggest that you get a Pi and install pi-hole on it.
  • 2
    @Floydian Well the problem is that all routers are different, and not many allow access to their host resolution files (if they even have it). Combo routers are all really just glorified black boxes. Pi-Hole should be easy enough to flash to an SD card, and boot a Raspberry Pi with. Do give it a try :)
  • 1
    @Linux @Condor sure. Thanks guys for the help.

    Much appreciated 😊
  • 2
    I went down the hosts file route once until I discovered that the thing hogging 100% CPU making boot time unresponsive was in fact the hosts file being processed for all those domains.

    Not a good idea.
  • 1
    @CaptainRant I faced the same issue on Windows.

    Found a solution that, you can turn off the DNS client from servcies and if it is disabled, tweak the registry.

    Works like a charm.
  • 2
    I’m a pfsense fan on Alix Boards, you might want to try it
  • 0
    @cabrasm what's that? Details please.
  • 2
    @Floydian pfsense is a soft firewall : https://www.pfsense.org/
    Alix board is a Swiss designed mini computer that works mainly as a hard firewall : https://www.pcengines.ch/alix.htm

    Don’t get tricked by poor graphics on second website, it’s a great piece of hardware IMO
  • 0
    @cabrasm thanks. I'll surely have a look.
  • 1
    @Floydian leaving the jokes aside...

    Don't you find it at least a bit educational/inspirational ?
  • 3
    I got a Raspberry Pi Zero with pihole as my DNS server, and some custom configs. Rougly ~35% of my DNS Traffic is blocked because of my filtering, and i can asure you, my 400mbit downloadspeed is not trottled/slowed because of the DNS querys.
    And a Raspberry Pi Zero is 5€ + SD card, and you can use it via the USB port on the Fritzbox, thats the way i do it
  • 3
    @iKameo

    I too have a pdns/unbound/dnscrypt server but mine isn't on a rasp pi, it is on my local. Which it does give me an idea to do this weekend. I have an extra pi laying around. I'll make that into a dedicated DNS server.
  • 2
    @Condor wierd are you sure it's the plus model because according to the specs.
    Gigabit Ethernet over USB 2.0 (maximum throughput 300 Mbps)
  • 2
    @inpothet oh yeah, but you have to buy a USB to Ethernet dongle for that - which by the way can get costly quite fast because such an adapter is a NIC just like your PCIe network card and requires similar hardware to be included within). Such a setup would be limited by USB 2.0 speeds by the way. Either way I was talking about the onboard Ethernet adapter, which can work at 10/100Mbps.

    Also, (this is just me nitpicking a bit) any Ethernet adapter has to have a throughput of equal to or over 1Gbps in order to be able to be called GbE. In other words, the Raspberry Pi Foundation seems to be overselling this thing at the moment.
  • 2
    @inpothet oh, on closer inspection it does seem like they've made a new model since I've bought mine. The ones that I have here are Raspberry Pi 3B.
    The B+ model with its 5GHz WiFi and improved clock speed is really interesting. From tests on my tablet to my Fritz!Box 7490 router (both of which support 5GHz WiFi) it looks like it can also get up to ~250Mbps. Meaning that it might make more sense to use that instead?
  • 0
Add Comment