[HN Gopher] Ad blocking with Raspberry Pi and Pi-hole ___________________________________________________________________ Ad blocking with Raspberry Pi and Pi-hole Author : christian_fei Score : 41 points Date : 2020-05-04 20:53 UTC (2 hours ago) (HTM) web link (cri.dev) (TXT) w3m dump (cri.dev) | bberrry wrote: | I wish it were more effective in removing Youtube ads on my kids' | iPads, but I understand it's a tall order. At least it gets rid | of ads in most other apps. | BuckRogers wrote: | Try Microsoft Edge. Its built in ad blocker works for me with | Youtube on my iPhone. | | I block ads at the application layer, DNS based ad blocking | doesn't really do it anymore and can create another | troubleshooting surface to consider when it breaks something. | netsharc wrote: | If you had said Android I would've suggested NewPipe: | https://newpipe.schabi.org/ | christian_fei wrote: | could be the right fit: | https://github.com/kboghdady/youTube_ads_4_pi-hole | bberrry wrote: | Thank you! I'll give it a try | kd913 wrote: | Please do note that Android appears to be quite weird in regards | to accepting network set DNS. | | My observations so far have been that Android tends to ignore any | DNS set by either the network via DHCP or statically set. Android | instead probes the gateway for 8.8.8.8, and happily uses that | instead. | | The only way I have been able to solve this has been to setup a | VPN (I prefer wireguard) on the pihole. Android seems to accept | this. | | The above in combination with say a DDNS hostname means that I | now have a permanent adblocked VPN on my android phone which | isn't too bad. | greencar wrote: | > Use it for ad-blocking in your home network and to finally | browse the web, watch videos etc. without annoying ads. | | It doesn't really do this as well as a browser adblocker, YouTube | ads for example can't effectively be blocked with pihole | schwartzworld wrote: | it's not really fair to compare it to an in-browser adblocker | that way, especially since using them isn't mutually exclusive. | PiHole blocks ads whether you are in a browser or not, an | instant benefit for everybody on your WiFi network. | BLKNSLVR wrote: | In fact, one of the best things about Pi-hole network wide | blocking is the removal of those 5 to 10 second otherwise | unskippable ads in apps. | 416chad wrote: | Exactly this. Ads in places like news apps disappear, a big | plus for pihole. | christian_fei wrote: | there seems to be a solution: | https://github.com/kboghdady/youTube_ads_4_pi-hole | strenholme wrote: | I actually have been doing some work with MaraDNS to have the | ability to have a pi-hole sized blacklist. The main source of pi- | hole's blacklist is this Git repo: | | https://github.com/StevenBlack/hosts | | That is about 60,000 hosts, so I added MaraDNS support to have up | to 500,000 blacklisted names. Since it's a speed-optimized (not | size-optimized) cache, each element takes about a kilobyte of | memory, so a blacklist this size takes about 60 megabytes of | memory for MaraDNS to store (on a modern Core i7 7600U processor, | it only takes about two seconds to load all 60,000 elements in to | memory), but it's very rapid to use. | | The script to take that blacklist and convert it in to a MaraDNS | compatible format is here: | | https://github.com/samboy/MaraDNS/blob/master/deadwood-githu... | | There are ways to make the memory footprint of the blacklist | smaller, but this was a quick and simple way to implement a | medium sized blacklist. Finding ways to have, say, 10 million | blacklist elements with a small memory footprint is left as an | exercise for the reader. | | My current project is to make a proper Docker container for | MaraDNS. | CoolGuySteve wrote: | What is the optimization gained by having 1KB cache slots when | the cacheline size on Intel and ARM is typically 64 bytes? | Havoc wrote: | There are dockerised versions as well if you happen to have a | docker stack somewhere in your home | christian_fei wrote: | i like the pi-hole installer a lot, since it's a damn one- | liner. i was amazed by its simplicity | dastx wrote: | Another alternative is AdGuard Home. They've come a long way | since they announced it. I switched to AdGuard Home some 6 months | ago and it has been great. | lordnacho wrote: | I'm looking for a way to combine the adblocking with a VPN | switcher that takes eg NordVPN and routes all my home traffic | through a variety of tunnels (they provide a load of openVPN | files). Is there a ready-made way to do this? The idea is for | anyone in the house to be protected by both the adblock and the | VPN. | aesh2Xa1 wrote: | I'm not aware of an "out of the box" solution, but maybe paying | for NordVPN or similar will do this for you. | | VPNs typically tunnel your packets thru an encrypted connection | to a gateway somewhere else on the internet. | | Ad blockers point your DNS to a resolver that blacklists ad | domains. You can use a VPN and still set your DNS to whatever | you'd like. What works best for you will depend on your threat | model (or just privacy concern, as that other term sounds | loaded). | doctoboggan wrote: | Does anyone have any good suggestions for blacklists? I've only | been using the default and am wondering if I should add some more | items to the list. | christian_fei wrote: | some blacklists i found: | | - https://discourse.pi-hole.net/t/update-the-best-blocking- | lis... | | - https://github.com/chadmayfield/my-pihole-blocklists | brenden2 wrote: | I use pi-hole, and it's great, but for browsers you still need | something like uBlock Origin installed to properly block ads. The | thing I like about pi-hole is it also blocks a long list of | trackers that are bundled by various mobile SDKs. There's no way | to block those with iOS or Android, except at the network level. | ananonymoususer wrote: | Pi-Hole is a great project, and it's not limited to running on a | Raspberry Pi either. I've got it running as a (x86-64 Ubuntu) VM | in the same hypervisor that hosts my firewall. It's lightweight, | super responsive, and provides great statistics on what it is | doing. | jedberg wrote: | Is anyone successfully using PiHole with non-technical users? | | My main concern with putting PiHole on my home network is that | for example my mother in law might not understand that she can't | get to some web page because it's being ad-blocked, nor would she | be able to go to the web admin page and temporarily unblock it. | | Even as a technical person sometimes it takes a while to figure | out that a page isn't working because of adblock or pi-hole. | | How do people deal with this? | css wrote: | I have an iOS shortcut that hits the disable endpoint, so they | have a button on their phone they tap that will disable it for | 30 minutes at a time. | christian_fei wrote: | what an automation! | jedberg wrote: | Clever! | | They would still have to know that the site isn't working | because of blocking, but I suppose developing the habit of | "website doesn't work, press the magic button and try again" | isn't so bad. | | If I do PiHole just for myself I think I'll add this button. | Thanks! | LynxInLA wrote: | Any chance you can share that shortcut? I currently have a | bookmark that my roommate can hit, but a shortcut would be | better. | css wrote: | I use a modified version of this with hard coded times so | there is no user input: https://routinehub.co/shortcut/2904 | marrone12 wrote: | Yep, it's for this reason I had to turn off the pi-hole. Random | sites that my wife or friends would use wouldn't work, | especially log-ins or authentications for various sites, and | there's no easy to surface bypass ability. So now I just rely | on browser based blocking. | Sohcahtoa82 wrote: | For my home desktop browser, I just use uBlock Origin to block | ads. | | But for my phone, I set up a PiHole running on an EC2 instance | and VPN into it from my phone. Blocks ads in everything, not just | my web browser. The VPN is configured to only tunnel DNS lookups, | not traffic, so the EC2 bandwidth bill is minimal. | christian_fei wrote: | interesting approach ___________________________________________________________________ (page generated 2020-05-04 23:00 UTC)