Last active
July 18, 2023 01:35
-
-
Save dreadedhamish/014741dc6ec6c376e5446f4b38ab06a3 to your computer and use it in GitHub Desktop.
DD-WRT startup adblock scripts based on https://pastebin.com/aySi7RhY
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
#DEBUG=; set -x # comment/uncomment to disable/enable debug mode | |
# name: ddwrt-blacklist-domains.sh | |
# version: 3.1.0, 03-feb-2022, by eibgrad | |
# purpose: blacklist specific domains in dnsmasq (dns) | |
# script type: startup (autostart) | |
# installation: | |
# 1. enable jffs2 (administration->jffs2) | |
# 2. enable syslogd (services->services->system log) | |
# 3. use shell (telnet/ssh) to execute one of the following commands: | |
# curl -kLs bit.ly/ddwrt-installer|tr -d '\r'|sh -s aySi7RhY startup | |
# or | |
# wget -qO - bit.ly/ddwrt-installer|tr -d '\r'|sh -s aySi7RhY startup | |
# 4. add the following to the "additional dnsmasq options" field on the | |
# services page: | |
# addn-hosts=/tmp/blacklisted_domains | |
# 5. (optional) modify options using vi editor: | |
# vi /jffs/etc/config/ddwrt-blacklist-domains.startup | |
# 6. (optional) enable cron (administration->management) and add the | |
# following job: | |
# 0 4 * * * root /jffs/etc/config/ddwrt-blacklist-domains.startup | |
# 7. reboot | |
( | |
# ------------------------------ BEGIN OPTIONS ------------------------------- # | |
# websites known to maintain a list of blacklisted domains | |
# note: exercise caution when using commented urls; these sites often | |
# contain *very* large lists of blacklisted domains, which may exceed | |
# the memory capacity of the router and/or dnsmasq, and *may* have a | |
# detrimental affect on dns performance | |
URL_LIST=' | |
# minimal advertisers list - 6500 lines | |
https://raw.githubusercontent.com/Kees1958/W3C_annual_most_used_survey_blocklist/b551821c5c7a37aff96f999fae50f28f53ecf824/EU_US_MV2_most_common_ad%2Btracking_networks | |
# https://pgl.yoyo.org/adservers/serverlist.php?hostformat=&showintro=1&mimetype=plaintext # Peter Lowe 7300 lines | |
# https://raw.githubusercontent.com/hagezi/dns-blocklists/main/hosts/light.txt # hagezi light | |
# https://raw.githubusercontent.com/lewisje/jansal/master/adblock/hosts # hosts 949 lines | |
# https://raw.githubusercontent.com/lewisje/jansal/master/adblock/hostsc # hostsc 362 lines | |
' | |
# exceptions: domains (and their sub-domains) NOT to be blacklisted | |
# note: matching only occurs on whole parts of the domain name, moving right | |
# to left; for example, adding somedomain.com to the whitelist would | |
# also match xyz.somedomain.com, but NOT match xyzsomedomain.com nor | |
# xyz.somedomain.com.us; wildcards (*) are NOT supported and will be | |
# removed | |
WHITELIST=' | |
localhost | |
' | |
# maximum time (in secs) alloted to any curl/wget operation | |
MAX_WAIT=60 | |
# ------------------------------- END OPTIONS -------------------------------- # | |
# ---------------------- DO NOT CHANGE BELOW THIS LINE ----------------------- # | |
# required for serialization when reentry is possible | |
LOCK="/tmp/$(basename $0).lock" | |
acquire_lock() { while ! mkdir $LOCK >/dev/null 2>&1; do sleep 10; done; } | |
release_lock() { rmdir $LOCK >/dev/null 2>&1; } | |
# default to curl, failover to wget (not guaranteed to support tls) | |
which curl &>/dev/null && \ | |
GET_URL="curl -sLk --connect-timeout $MAX_WAIT --max-time $MAX_WAIT" || \ | |
GET_URL="wget -T $MAX_WAIT -qO -" | |
# domains to be blacklisted | |
BLACKLIST='/tmp/blacklisted_domains'; > $BLACKLIST | |
# workfile | |
RAW_BLACKLIST="/tmp/tmp.$$.raw_blacklist" | |
# wait for wan availability | |
until ping -qc1 -W3 8.8.8.8 &>/dev/null; do sleep 10; done | |
# one instance at a time | |
acquire_lock | |
# catch premature exit and cleanup | |
trap 'release_lock; exit 1' SIGHUP SIGINT SIGTERM | |
for url in $URL_LIST; do | |
# skip comments and blank lines | |
echo $url | grep -Eq '^[[:space:]]*(#|$)' && continue | |
# retrieve url as raw blacklist | |
$GET_URL $url > $RAW_BLACKLIST || { echo "error: $url"; continue; } | |
# reformat as '0.0.0.0 domain-name' pairs | |
awk '/^0\.0\.0\.0|^127\.0\.0\.1/{print "0.0.0.0 " $2}' $RAW_BLACKLIST | \ | |
# remove malformed domain names | |
grep -E '^0\.0\.0\.0 [0-9A-z\.-]+$' >> $BLACKLIST | |
done | |
# cleanup | |
rm -f $RAW_BLACKLIST | |
# sort and remove duplicates | |
sort -uo $BLACKLIST $BLACKLIST | |
# remove domains and sub-domains that match whitelist | |
if [ "$(echo $WHITELIST)" ]; then | |
sed -ri "/$(echo $WHITELIST | \ | |
sed -r 's/\*//g;s/( |$)/$|/g;s/\|$//;s/\./\\./g;s/([^|]*)/[ .]\1/g')/d" \ | |
$BLACKLIST | |
fi | |
# wait for dnsmasq availability | |
until pidof dnsmasq &>/dev/null; do sleep 10; done | |
# force dnsmasq to recognize updated blacklist | |
killall -HUP dnsmasq | |
# report the results | |
echo "info: total blacklisted domains: $(wc -l < $BLACKLIST)" | |
# any concurrent instance(s) may now run | |
release_lock | |
exit 0 | |
) 2>&1 | logger $([ ${DEBUG+x} ] && echo '-p user.debug') \ | |
-t $(echo $(basename $0) | grep -Eo '^.{0,23}')[$$] & |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment