1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

The best Network-wide AD Blocking for ASUS/NETGEAR/Linksys/ETC Routers!

Discussion in 'Tomato Firmware' started by Testing, Dec 29, 2017.

  1. Testing

    Testing Network Newbie Member

    I just wanted to show you the best way to Network-wide AD Blocking and this works much better than Tomato Adblock, AB-Solution and LEDE Adblock.

    You need to install Pi-hole in "Raspbian Lite" or "DietPi" OS and then connect the Raspberry Pi 3 to a LAN port of the Router and change the DNS in the Router for the IP that you use to access to the Pi-hole web interface.

    01. Buy a Raspberry Pi 3
    Buy a Kit Complete or buy the Parts separately

    Kit #1
    (Complete)

    Kit #2
    (Parts)
    1. Kit: CanaKit Raspberry Pi 3 "Basic Kit"
    2. MicroSD: Samsung EVO Select 32GB or Sandisk Ultra A1 64GB
    3. Card Reader: Transcend or Anker (Do buy it if you already have one that reads "SDXC and SDHC")
    4. Case: Unistorm Aluminum (Black/Grey) or BIQU Aluminum (Black) and (Grey)
    Optional
    • 320 Grit Sandpaper (Sanded the case down the 3 contacts to the chips to remove the black/gray paint of Unistorm or BIQU case)
    • ARCTIC Thermal Pad 1mm (The Unistorm or BIQU case does not come with "Thermal Paste or Pads", you have to buy if you do not have)

    The Best Case

    02. OS and Programs (Download)
    OS
    DietPi vs Raspbian Lite - Direct comparisons against features and optimizations.


    Programs

    1. Scan the Network
    - Advanced IP Scanner

    2. Memory Card Formatter

    - SD Memory Card Formatter
    - FAT32 Format (For any SD card larger than 32GB)

    3. Burn images to SD cards

    - Etcher (Use this first, if do not boot the OS use the others)
    - Win32 Disk Imager
    - USB Image Tool

    4. SSH Client

    - PuTTY

    5. Bonjour support (You'll need to reboot Windows after installation)
    - iTunes installer

    Download the iTunes installer but don’t run it. Using an archive utility like 7-Zip or WinRAR, you’ll discover there’s a separate Bonjour installer inside. Just extract and run that one piece, and you’re done!

    03. Tutorials

    Raspbian + Pi-hole
    1. Raspberry Pi Pi-Hole setup plus Router setup guide

    2. Make Raspberry Pi a Network Ad-Blocker || Pi-Hole

    3. Pi-Hole - Complete guide to whole-home ad blocking!

    DietPi + Pi-hole (DietPi has SSH enable)

    04. Basic Commands
    Raspbian + Pi-hole
    Code:
    Raspbian OS
    ===========
    username: pi
    password: raspberry
    
    clear     # Clear Console Screen
    
    sudo raspi-config
    
    sudo apt-get update
    sudo apt-get upgrade
    sudo apt-get dist-upgrade
    sudo apt-get clean
    sudo reboot
    
    
    
    Pi-hole
    =======
    curl -sSL https://install.pi-hole.net | bash     # Install Pi-hole
    
    pihole     # The pihole command lets you control, configure, and update your Pi-hole.
    
    pihole -a -p    # Set Admin Console password
    pihole -a -p yourpassword     # Set Admin Console password
    pihole -a -c     # Set Celsius as preferred temperature unit
    
    pihole -r     # Reconfigure or Repair Pi-hole subsystems
    pihole -f     # Flush the Pi-hole log
    
    pihole -w     # Whitelist domain(s) - Example: 'pihole -w site.com', or 'pihole -w site1.com site2.com'
    pihole -b     # Blacklist domain(s) - Example: 'pihole -b site.com', or 'pihole -b site1.com site2.com'
    
    pihole -g     # Update the list of ad-serving domains
    
    pihole -up     # Updating Pi-hole

    DietPi + Pi-hole
    Code:
    DietPi OS
    =========
    username: root
    password: dietpi
    
    dietpi-launcher     # Select and Run any of the DietPi programs, all from one place.
    
    dietpi-config     # Feature rich configuration tool for your device
    dietpi-software     # Install optimized and ready to run software
    dietpi-uninstall     # Allows you to uninstall DietPi software
    dietpi-backup     # Backup or restore your DietPi system
    dietpi-cleaner     # Remove unwanted "junk" from your DietPi system and free up filesystem space
    dietpi-logclear     # Keep ontop of your log files, features clearing and backup modes.
    
    dietpi-update     # Update your version of DietPi
    
    apt-get update
    apt-get upgrade
    apt-get dist-upgrade
    apt-get clean
    reboot
    
    
    
    Pi-hole
    =======
    pihole     # The pihole command lets you control, configure, and update your Pi-hole.
    
    pihole -a -p     # Set Admin Console password
    pihole -a -p yourpassword     # Set Admin Console password
    pihole -a -c     # Set Celsius as preferred temperature unit
    
    pihole -r     # Reconfigure or Repair Pi-hole subsystems
    pihole -f     # Flush the Pi-hole log
    
    pihole -w     # Whitelist domain(s) - Example: 'pihole -w site.com', or 'pihole -w site1.com site2.com'
    pihole -b     # Blacklist domain(s) - Example: 'pihole -b site.com', or 'pihole -b site1.com site2.com'
    
    pihole -g     # Update the list of ad-serving domains
    
    Updating Pi-hole
    ****************
    Pi-hole overwrites the "lighttpd.conf" during updates, so please backup your "lighttpd.conf" before updating:
    
    mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.bak     # Backup lighttpd.conf
    
    pihole -up     # Updating Pi-hole
    
    mv /etc/lighttpd/lighttpd.conf.bak /etc/lighttpd/lighttpd.conf     # Restore lighttpd.conf

    05. Add additional Block Lists
    1. Access to the Pi-hole web interface (http://ip/admin for Raspbian and http://ip/pihole for DietPi)
    2. Go to Settings and Click in Pi-Hole's Block Lists (Example: How do I add additional block lists to Pi-hole?)
    3. Click in Enter the URL and paste the all block list (or those that you want) from The Big Blocklist Collection and Save.
    4. Copy the Suspicious Lists, Advertising Lists, Tracking & Telemetry Lists and Malicious Lists.
    5. When you finish of copying, click in Save and Update


    When you finish, Test Ad-blocking Performance!
     
    Last edited: Jan 9, 2018
    Holy_Hunter and mmosoll like this.
  2. mmosoll

    mmosoll Networkin' Nut Member

    Thank you, very good contribution
     
  3. Xruptor

    Xruptor Serious Server Member

    thanks for posting this! Great guide!
     
  4. ravenise

    ravenise New Member Member

    Does look like the best adblocker ever made :) Maybe I am preaching to the choir here, but if you are looking for ease of use, & security, then do consider your technical skills, and the amount of work necessary to harden and secure a raspberry pi... search for article:

    Take These Steps to Secure Your Raspberry Pi Against Attackers


    Here is one small section of the aforementioned article: Raspberry Pi is an entry point to the rest of an internal network. An attacker can easily reach the file servers and try to install ransomware, obtain documents for blackmail, or manipulate the firewall and router settings to ensure persistent access in the future for later nefarious actions, either by attacking the web console of the router or performing uPNP manipulation to open up more ports to the Internet for attack.
     
    Last edited: Jan 18, 2018
  5. ravenise

    ravenise New Member Member

    If you could set up the Pi with Pihole, secure the PI and allow only SSH access only IF a hard switch activates SSH; I couldn't think of a more secure closed system.
     
  6. cloneman

    cloneman Addicted to LI Member

    Is there a way for non-technical users to whitelist a website without my intervention if they use a LAN based ad-blocker (instead of a browser plugin) ?
     

Share This Page