Easy way to set up ad blocking on an Asus router running Asuswrt-Merlin. It adds the lists found in this GitHub repository to dnsmasq so that domains known to deliver ads (or malware, phishing, spam, etc.) resolve to 0.0.0.0.
It assumes that the router is also the DNS server for the LAN, which is done by setting ‘Advertise router’s IP in addition to user-specified DNS’ under LAN -> DHCP Settings to ‘Yes’. Leaving DNS Server 1 and 2 empty will broadcast only the router’s IP for name resolution.
SSH access can be enabled under Administration -> System. Should be set to LAN only. If it really has to be exposed to WAN, at least change the port.
Also, JFFS must be enabled. Still under Administration -> System, set Enable JFFS custom scripts and configs to ‘Yes’.
With JFFS enabled, create
/jffs/scripts/block-ads.sh, which will add a few custom lines to the dnsmasq config.
#!/bin/sh # Careful, this will overwrite any existing custom dnsmasq config echo 'conf-file=/jffs/configs/dnsmasq-domains' > /jffs/configs/dnsmasq.conf.add echo 'addn-hosts=/jffs/configs/dnsmasq-hostnames' >> /jffs/configs/dnsmasq.conf.add wget -q -O /jffs/configs/dnsmasq-domains https://raw.githubusercontent.com/notracking/hosts-blocklists/master/domains.txt wget -q -O /jffs/configs/dnsmasq-hostnames https://raw.githubusercontent.com/notracking/hosts-blocklists/master/hostnames.txt service reload_dnsmasq
Make it executable:
chmod +x /jffs/scripts/block-ads.sh. Run it. It takes a few seconds. Dnsmasq might take a couple minutes to restart for some reason. Reload seems to be faster.
JFFS is flash memory, frequent writes might wear it out. This will set up a cron entry to update the lists on the first of every month. Should be conservative enough.
#!/bin/sh # This script gets called after all other system services # have been started at boot time # Install cron job to update ad block in dnsmasq monthly cru a adblock_update "1 1 1 * * /jffs/scripts/block-ads.sh"
Make it executable:
chmod +x /jffs/scripts/services-start. The script is executed on boot. Reboot the router, or just run the script.
I had to set this up because Youtube was getting obnoxious. I really doubt that serving ads to one year olds sells a lot of products. It did tend to upset mine though, when I needed her to be distracted for a while.
Unfortunately it seems like (some?) Youtube ads are served from the same servers as the actual videos, so this method won’t work all the time. Doesn’t seem like all the ads are served this way though, so at least it helps a bit. For now.