SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Wireless Networking > ASUS Wireless > Asuswrt-Merlin

Reply
 
Thread Tools Search this Thread Display Modes
  #21  
Old 07-17-2013, 11:00 AM
krabs krabs is offline
Member
 
Join Date: Apr 2013
Location: Limburg Belgium
Posts: 66
Thanks: 18
Thanked 15 Times in 13 Posts
krabs is just starting out
Default

For the one who are interested.
You can also forward privoxy to polipo a fast webcaching proxy.
Polipo is also available in the entware repo.
Add this rule to privoxy's config file
Code:
forward / proxyIP(polipo):proxyPort(polipo)
Here's mine polipo config

Code:
#setUser = "polipo" # *                                          
daemonise = true                                                      
pidFile = "/opt/var/run/polipo/polipo.pid"                          
proxyAddress = "192.168.1.1"                                        
proxyPort = 8123                                                      
proxyName = "localhost"                                             
dnsNameServer = "127.0.0.1"                                             
allowedClients = 127.0.0.1, 192.168.1.0/28                            
allowedPorts = 1-65535                                               
localDocumentRoot = "" # Disable local webserver                                         
disableLocalInterface = true # Disable the local configuration pages
diskCacheRoot = "/tmp/mnt/data/polipo-cache/"                  
dnsQueryIPv6 = no                                                    
chunkHighMark = 8388608                                                
objectHighMark = 3072                                              
censoredHeaders = from, accept-language  
censorReferer = maybe                                           
#logFile = "/opt/var/log/polipo.log"                                 
logSyslog = true                                                     
logFacility = "daemon"           
logLevel = 0x4
#logLevel = 0xFF
* If you want to run polipo as different user use this patch here: http://www.mail-archive.com/polipo-u.../msg00478.html
which will create the setUser config variable and compile using the openwrt buildroot http://code.google.com/p/wl500g-repo/wiki/Compiling
or download it here http://www.sendspace.com/file/3ljx8l
Reply With Quote
  #22  
Old 08-26-2013, 11:15 PM
raxv25 raxv25 is offline
New Member
 
Join Date: Aug 2013
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
raxv25 is just starting out
Default

I don't mean to necro a thread, but I made it here looking how to put Adblock on my N66U router and I am amazed at what you guys are writing here. I also don't mean to run a tangent either, but is this all in Linux. I'm seeing mention of ipchains so I assume it is. I took and did some small level programming of Cisco routers, mainly distribution level, but I have to admit, this makes that look like child's play. Where did you all get started with picking this up?
Reply With Quote
  #23  
Old 10-12-2013, 11:17 PM
mromero mromero is offline
New Member
 
Join Date: Nov 2012
Posts: 28
Thanks: 5
Thanked 5 Times in 3 Posts
mromero is just starting out
Default

Quote:
Originally Posted by ryzhov_al View Post
This is HOW-TO for using Adblock Plus filters on router with <SNIP>
5. Choose iOS/Android/PC device where filtering needed.
Please, go to router's web interface, "LAN > DHCP Server" page, and select "Enable Manual Assignment" button.
Add your device to "Manually Assigned IP around the DHCP list". Better to do it while device is connected to router: you may select it's MAC from drop-down list and assign an IP address for it, for example "192.168.0.101". Don't forget to push "Apply" button (I did)
6. Add web traffic interception rule to iptables.

where 192.168.0.101 is an IP address from step above.

Reboot router and check web surfing on chosen device.

If you want to change AdBlock subscriptions, please remove old ones first:

then repeat step #4 only.
I am trying to follow this and wonder if there an alternative step to make ALL traffic through the router go transparently to PRIVOXY/ADBLOCK?

Last edited by mromero; 10-12-2013 at 11:34 PM.
Reply With Quote
  #24  
Old 10-19-2013, 04:19 AM
Noremacyug Noremacyug is offline
Member
 
Join Date: Sep 2013
Posts: 50
Thanks: 11
Thanked 0 Times in 0 Posts
Noremacyug is just starting out
Default

Quote:
Originally Posted by mromero View Post
I am trying to follow this and wonder if there an alternative step to make ALL traffic through the router go transparently to PRIVOXY/ADBLOCK?
literally three post back from yours boss.


Quote:
Originally Posted by krabs View Post
You must load the right extension
This will work

Code:
iptables -t nat -A PREROUTING -m iprange --src-range 10.0.1.130-10.0.1.139 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
It's the same like using --dport without the tcp extension (-m tcp).
That also don't work
just wanted to say thanks for this. as well as to the op for this thread. works beautifully on all my devices!!!

(edit) - after more testing, i've found that the firewall-start script seems to somehow break some of the buttons. for instance, the apply button on the port forward page no longer works. if i remove the script and then reboot, all is back to normal. any ideas on what i could do to fix this?

Last edited by Noremacyug; 10-19-2013 at 11:44 PM.
Reply With Quote
  #25  
Old 10-31-2013, 06:25 PM
gregnukem gregnukem is offline
New Member
 
Join Date: Sep 2012
Posts: 7
Thanks: 3
Thanked 0 Times in 0 Posts
gregnukem is just starting out
Default

I know Entware is newer and better. Yet I want to ask: can Privoxy be setup in a similar manner as described by Mr. Ryzhov - but in an Optware environment?
Reply With Quote
  #26  
Old 11-22-2013, 09:50 PM
hankydysplasia hankydysplasia is offline
New Member
 
Join Date: Mar 2013
Posts: 6
Thanks: 1
Thanked 0 Times in 0 Posts
hankydysplasia is just starting out
Thumbs up

And a necro "thank you" to ryzhov_al and krabs who got everything up and going for me. It's marvelous - I assign all mobile phones and tablets in the house to a small range and everything is working beautifully.

This is great.
Reply With Quote
  #27  
Old 01-12-2014, 06:06 PM
bilboSNB bilboSNB is offline
Member
 
Join Date: Oct 2011
Posts: 59
Thanks: 15
Thanked 1 Time in 1 Post
bilboSNB is just starting out
Default

Would it possible to set privoxy not to do ad blocking but to only do this:http://sourceforge.net/tracker/?func...group_id=11118

Ie safesearch, but for all devices?
Reply With Quote
  #28  
Old 01-19-2014, 12:24 AM
mrvoidman mrvoidman is offline
New Member
 
Join Date: Jan 2014
Posts: 4
Thanks: 1
Thanked 1 Time in 1 Post
mrvoidman is just starting out
Default Lots of: Resource temporarily unavailable

I applied these settings to my router (rt-n66u w/merlin3.0.0.4.374.35_4) but after 10 minutes of browsing I start getting incomplete web pages. Looking at the privoxy log I see hundreds of these:

2014-01-18 23:57:53.998 2aab0310 Error: Unable to take any additional connections: Resource temporarily unavailable


netstat shows hundreds of ESTABLISHED and TIME_WAIT connections. Sample:
tcp 0 0 router.asus.com:51558 router.asus.com:8123 ESTABLISHED
tcp 0 0 router.asus.com:51535 router.asus.com:8123 ESTABLISHED
tcp 0 0 router.asus.com:squid 192.168.0.201:58258 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.0.186:62354 TIME_WAIT
tcp 0 0 router.asus.com:51474 router.asus.com:8123 TIME_WAIT
tcp 0 0 router.asus.com:squid 192.168.0.201:58182 TIME_WAIT


Open connections:
$ cat /proc/sys/fs/file-nr
504 0 22684


Here is my privoxy config:
confdir /opt/etc/privoxy
logdir /opt/var/log
filterfile default.filter
logfile privoxy
actionsfile match-all.action
actionsfile default.action
actionsfile easyprivacy.script.action
actionsfile malwaredomains_full.script.action
actionsfile user.action
filterfile easyprivacy.script.filter
filterfile malwaredomains_full.script.filter
filterfile user.filter
listen-address 0.0.0.0:3128
toggle 1
enable-remote-toggle 1
enable-remote-http-toggle 0
enable-edit-actions 1
enforce-blocks 0
buffer-limit 4096
forwarded-connect-retries 4
accept-intercepted-requests 1
allow-cgi-request-crunching 0
split-large-forms 0
#keep-alive-timeout 300
#socket-timeout 300
#permit-access 192.168.1.0/24
debug 1 # show each GET/POST/CONNECT request
debug 4096 # Startup banner and warnings
debug 8192 # Errors - *we highly recommended enabling this*
keep-alive-timeout 30 #300
socket-timeout 30 #300
connection-sharing 0 #1
max-client-connections 100
enable-edit-actions 0


And CPU usage of Privoxy rarely goes over 50%

I tried using polipo but it didn't make a difference. I also tried changing "max-client-connections" but numbers above or below 100 seem to make the situation worse.

Can someone tell me what's wrong with this and what I might be able to do about it? Thanks!
Reply With Quote
  #29  
Old 03-12-2014, 07:01 PM
prp2 prp2 is offline
New Member
 
Join Date: Mar 2014
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
prp2 is just starting out
Default

Quote:
Originally Posted by mrvoidman View Post
I applied these settings to my router (rt-n66u w/merlin3.0.0.4.374.35_4) but after 10 minutes of browsing I start getting incomplete web pages. Looking at the privoxy log I see hundreds of these:

2014-01-18 23:57:53.998 2aab0310 Error: Unable to take any additional connections: Resource temporarily unavailable
Same here. Followed https://github.com/RMerl/asuswrt-mer...ing-to-devices on my Asus RT-N66R, running 3.0.0.4.374.40_0.

Used the default privoxy config, even tried increasing max connections to 1024, but I'm getting:

2014-03-12 16:56:20.608 2c45a690 Request: icons-ak.wxug.com/i/w/footer-member-color.png
2014-03-12 16:56:20.610 2ca5a690 Request: icons-ak.wxug.com/i/w/footer-photo-color.png
2014-03-12 16:56:20.616 2cc5a690 Request: icons-ak.wxug.com/webcamramdisk/j/g/jgauvin/1/citypage.jpg
2014-03-12 16:56:20.623 2f85a690 Request: icons-ak.wxug.com/i/w/footer-api-color.png
2014-03-12 16:56:20.639 2e65a690 Request: icons.wxug.com/i/wu/cmFooterBG.png
2014-03-12 16:56:20.658 2aab0310 Error: Unable to take any additional connections: Resource temporarily unavailable
2014-03-12 16:56:20.677 2aab0310 Error: Unable to take any additional connections: Resource temporarily unavailable
2014-03-12 16:56:23.519 2aab0310 Error: Unable to take any additional connections: Resource temporarily unavailable
2014-03-12 16:56:23.577 2aab0310 Error: Unable to take any additional connections: Resource temporarily unavailable
2014-03-12 16:56:24.317 2aab0310 Error: Unable to take any additional connections: Resource temporarily unavailable

etc. Please help! :-) Thanks in advance.
Reply With Quote
  #30  
Old 04-13-2014, 05:32 PM
thelonelycoder's Avatar
thelonelycoder thelonelycoder is online now
Very Senior Member
 
Join Date: Jan 2014
Location: Lucerne, Switzerland
Posts: 215
Thanks: 24
Thanked 35 Times in 25 Posts
thelonelycoder is just starting out
Default

I am in the process of setting this up to try how good it performs and use the advantages of targeted blocking instead of hosts blocking.

One other thing I would like to do is re-write urls to redirect my iPad from mobile to desktop sites. The iPad's in-App browser (not Safari or iCab, which I am using) has no way of changing the user-agent.

In the privoxy manual it says you can do redirects as follows:
Code:
# Redirect Google search requests to MSN 
{+redirect{s@^http://[^/]*/search\?q=([^&]*).*@http://search.msn.com/results.aspx?q=$1@}} 
.google.com/search
How would I write the rule if I wanted to rewrite m.domain.com to www.domain.com

__________________
ASUS RT-AC66U Proudly Powered by Asuswrt-Merlin 374.41
Reply With Quote
Reply

Tags
adblock, howto, privoxy, tutorial

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -4. The time now is 03:19 AM.

Top 10 Stats
Top Posters* Top Thanked
RMerlin  393
stevech  154
thelonelycode...  151
L&LD  125
azazel1024  119
KGB7  85
jim769  76
DrTeeth  69
Adamm  66
speedingcheet...  63
RMerlin  4480
stevech  275
ryzhov_al  199
TeHashX  194
RogerSC  166
L&LD  163
joegreat  105
jlake  101
PrivateJoker  93
sinshiva  88
Most Viewed Threads* Hottest Threads*
Old Asuswrt-Merli...  31342
Old ASUS...  21981
Old Asuswrt-Merli...  20136
Old Beta Version...  17439
Old 'Heartbleed'...  14085
Old Linksys...  9098
Old Potential...  7884
Old Asus-Merlin...  6967
Old Groundhog...  6378
Old Linksys...  5271
Old Asuswrt-Merli...  218
Old Asuswrt-Merli...  158
Old Linksys...  142
Old ASUS...  124
Old Beta Version...  112
Old Potential...  98
Old Linksys...  76
Old Groundhog...  49
Old Asus router...  43
Old USB drive...  38



Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.