Jump to content

Recommended Posts

Posted

Let's start with the 'why': No AdBlock for the target system(s)?

Posted

My point is that ad blocking on the router is probably not the correct place to do it. For small network setups you're much better off with ad blocking on the client. For larger setups I would argue for a dedicated caching proxy server and at least initially try to make do with ad blocking on the client. Keep an eye on the proxy logs and have a chat with those who seem to hit the ads a bit more often than what you consider acceptable (since with the router solution it's much harder to get stats about that out).

Only when ad blocking on the client simply isn't feasible (obnoxious users, people who are never available or so far up the pay scale they refuse to listen to you on principle - yes, all these people MUST DIE but in the mean time...) would I suggest putting this stuff into the proxy and when people complain about stuff breaking (which I'm sure they will) point to the dicks who are too ignorant to use an ad blocker on their local system, forcing you to this situation.

Posted (edited)

there are iptable tutorials for this.

Using iptables on tthe router send the traffic to a machine running a proxy. Then with this proxy you can configure more iptable rules to block or redirect a up to date list of known ads by ip... you could even catch the users with a redirect to beef or something

Edited by i8igmac
Posted

My point is that ad blocking on the router is probably not the correct place to do it. For small network setups you're much better off with ad blocking on the client. For larger setups I would argue for a dedicated caching proxy server and at least initially try to make do with ad blocking on the client. Keep an eye on the proxy logs and have a chat with those who seem to hit the ads a bit more often than what you consider acceptable (since with the router solution it's much harder to get stats about that out).

Only when ad blocking on the client simply isn't feasible (obnoxious users, people who are never available or so far up the pay scale they refuse to listen to you on principle - yes, all these people MUST DIE but in the mean time...) would I suggest putting this stuff into the proxy and when people complain about stuff breaking (which I'm sure they will) point to the dicks who are too ignorant to use an ad blocker on their local system, forcing you to this situation.

The feelings mutual mate i asked on the forum to hear others opinions initially i thought maybe just get the ad-trap ( http://www.getadtrap.com/ ) cause i got quite an elaborate setup instead of getting ad-block on each device just stop it at the door. i did have have at the look dd-wrt tutorials, and noted the potential problems i could run in going that route, then i also thought hey why not go open source an had a look on the google machine an saw pfsense and alix system board that be good to learn more about firewalls. thanks i8igmac, cooper and barry99705.

Posted

If you have an old pc sitting around, pfsense should work on it. My home firewall is a 4 year old Hp desktop. Wicked overkill, but hey, it was free. Just need to add a couple or at least one more pci network card in it, and you have a bsd firewall! We use core i3 dell boxes for client site bds firewalls. We order them without windows and add an extra card when they come in.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...