Newbier Posted July 28, 2014 Posted July 28, 2014 I need advice on how to configure ad-blocking at a router level with dd-wrt firmware. Quote
cooper Posted July 28, 2014 Posted July 28, 2014 Let's start with the 'why': No AdBlock for the target system(s)? Quote
barry99705 Posted July 28, 2014 Posted July 28, 2014 (edited) Let's start with the 'why': No AdBlock for the target system(s)? I set it up on a pfsense box and also added a few thousand knows porn sites. On a home router I think it won't work as well, not enough memory to hold the tables. Yea, memory issues could happen. http://www.dd-wrt.com/wiki/index.php/Ad_blocking Edited July 28, 2014 by barry99705 Quote
cooper Posted July 28, 2014 Posted July 28, 2014 My point is that ad blocking on the router is probably not the correct place to do it. For small network setups you're much better off with ad blocking on the client. For larger setups I would argue for a dedicated caching proxy server and at least initially try to make do with ad blocking on the client. Keep an eye on the proxy logs and have a chat with those who seem to hit the ads a bit more often than what you consider acceptable (since with the router solution it's much harder to get stats about that out). Only when ad blocking on the client simply isn't feasible (obnoxious users, people who are never available or so far up the pay scale they refuse to listen to you on principle - yes, all these people MUST DIE but in the mean time...) would I suggest putting this stuff into the proxy and when people complain about stuff breaking (which I'm sure they will) point to the dicks who are too ignorant to use an ad blocker on their local system, forcing you to this situation. Quote
i8igmac Posted July 28, 2014 Posted July 28, 2014 (edited) there are iptable tutorials for this. Using iptables on tthe router send the traffic to a machine running a proxy. Then with this proxy you can configure more iptable rules to block or redirect a up to date list of known ads by ip... you could even catch the users with a redirect to beef or something Edited July 28, 2014 by i8igmac Quote
Newbier Posted July 29, 2014 Author Posted July 29, 2014 My point is that ad blocking on the router is probably not the correct place to do it. For small network setups you're much better off with ad blocking on the client. For larger setups I would argue for a dedicated caching proxy server and at least initially try to make do with ad blocking on the client. Keep an eye on the proxy logs and have a chat with those who seem to hit the ads a bit more often than what you consider acceptable (since with the router solution it's much harder to get stats about that out). Only when ad blocking on the client simply isn't feasible (obnoxious users, people who are never available or so far up the pay scale they refuse to listen to you on principle - yes, all these people MUST DIE but in the mean time...) would I suggest putting this stuff into the proxy and when people complain about stuff breaking (which I'm sure they will) point to the dicks who are too ignorant to use an ad blocker on their local system, forcing you to this situation. The feelings mutual mate i asked on the forum to hear others opinions initially i thought maybe just get the ad-trap ( http://www.getadtrap.com/ ) cause i got quite an elaborate setup instead of getting ad-block on each device just stop it at the door. i did have have at the look dd-wrt tutorials, and noted the potential problems i could run in going that route, then i also thought hey why not go open source an had a look on the google machine an saw pfsense and alix system board that be good to learn more about firewalls. thanks i8igmac, cooper and barry99705. Quote
barry99705 Posted July 30, 2014 Posted July 30, 2014 If you have an old pc sitting around, pfsense should work on it. My home firewall is a 4 year old Hp desktop. Wicked overkill, but hey, it was free. Just need to add a couple or at least one more pci network card in it, and you have a bsd firewall! We use core i3 dell boxes for client site bds firewalls. We order them without windows and add an extra card when they come in. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.