Ad blocking on ASUS routers.
Blocking ads can be done in several ways :
- either by using local solutions on each computer / device (at the browser or system level), for example :
- either by setting up an ads blocking system at the local network level
- any computer with dnsmasq rules, …
- a dedicated PiHole installation.
- either by setting up an ads blocking system at the router level.
All solutions are fine and possible, and some may be more suited to some situations (with only one device to protect, the local solution is enough, and so on).
Amongst these solutions, PiHole is a very interesting project allowing to remove ads everywhere in your local network, but still requires an additional device to always be on (a raspberry computer for example, or a linux server running pihole as a docker container).
So, provided you have the needed hardware, the best and cleaner solution is probably nowadays to use an ads blocking system configured at the router level. This will allow to protect the whole network, in the same way whatever the connected devices are.
Moreover, this can really easily be done through the “AB-Solution” that is running on ASUS routers with the Asus Merlin firmware.
Here I’m using the ASUS RT-AC88U router.
Asus Merlin firmware
Asus Merlin firmware is a custom firmware based on the official one made by ASUS but with several improvments.
Goal is to stay as close as possible to the original firmware, and to have as a priority the stability of the firmware, then the performances, then the features.
It’s really easy to deploy, and works flawlessly.
AB-Solution is an automated way to configure the DNS rules based on several community-driven blacklists. The installation / configuration is automated, as is the update of the rules (each week, or any other desired frequency).
- AB-Solution github
- AB-Solution requirements : have SSH access, JFS enabled and an USB drive plugged on the router. Under
- AB-Solution install guide
- log on the router
ssh email@example.com(same login than the web console of the router)
- execute the provided command and follow the interactive menu
curl -O ab-solution.info/releases/latest/ab-solution.sh && sh ab-solution.sh
- log on the router
I would recommend :
- to stay at “level 3” of blacklists to be applied (
shooter40sw's), otherwise some (commercial) websites may be blocked
- to manually add a few whitelist if needed (aliexpress website for example)
- to NOT activate PixelServ, as i had a lot of HTTPS website wrongly blocked once activated
Additional relevant details.
Upstream DNS servers.
It’s still possible to use dedicated upstream DNS servers like 184.108.40.206 (cloudflare) or 220.127.116.11 (google), see F.A.Q. : How to use an upstream DNS Server like 18.104.22.168 from Google. Basically :
- have LAN DNS servers set to blank
- don’t connect to DNS Servers automatically + configure WAN DNS servers
Example of logs outputs
If/once logs are activated (and dumped to USB).
In order to ease the installation of related products, one can install the
curl -Os https://raw.githubusercontent.com/decoderman/amtm/master/amtm && sh amtm
Allowing to easily install :
Relevant discussions from the SNBForums :
- “amtm - the SNBForum Asuswrt-Merlin Terminal Menu” : https://www.snbforums.com/threads/amtm-the-snbforum-asuswrt-merlin-terminal-menu-v1-2.42415/
- “pixelserv - A Better One-pixel Webserver for Adblock” : https://www.snbforums.com/threads/pixelserv-a-better-one-pixel-webserver-for-adblock.26114/
- “Skynet - Asus Firewall Addition (Dynamic Malware/Country/Manual IP Blocking)” : https://www.snbforums.com/threads/skynet-asus-firewall-addition-dynamic-malware-country-manual-ip-blocking.16798/