[resource] DNS based ads and tracking blockers | self-hosted | Public DNS | Open Source alternatives

1710052464795.png1710052575019.png

I am using on Asus AC-88U. Just look at the netflix logs. .45 is the primary pc. and .5 is LG TV. and for that specific reason I have added the LG List entry.
 
Just look at the netflix logs
netflix, and amazon (perticularly *firebat.prime-video, and *logs.netflix) always race to become "who is first" on blocklist at my end as well.
Not sure if your TV run on webOS or android, but blocking unwanted services would help a lot in terms of amazon/netflix data stealing.
for fireTV we have this - https://www.techdoctoruk.com/fire-tv-debloat-tool-fireos7-devices-only/ - see if you willing/can adapt this somehow.


Can someone kindly message dns settings which when added to router blocks ads on TV and Android mobile (connected via wifi )

Want to give a try first
replying here so that all can see.
one option is adguard public DNS, there are few more options just see and whats suits you best.

Although adguard, and all free adblock DNS providers are making it difficult for people to discover and use this methord and pushing people for paid products.
Setup instruction are hidden here - https://adguard-dns.io/en/public-dns.html

Routers​

Open your router preferences.

Go to DNS settings in the router admin page. Replace DNS addresses with the addresses of one of the servers below.

Default servers : AdGuard DNS will block ads and trackers.​
IPv4:​
94.140.14.14​
94.140.15.15​
IPv6:​
2a10:50c0::ad1:ff​
2a10:50c0::ad2:ff​
Family protection servers : AdGuard DNS will block ads, trackers, adult content, and enable Safe Search and Safe Mode, where possible.​
IPv4:​
94.140.14.15​
94.140.15.16​
IPv6:​
2a10:50c0::bad1:ff​
2a10:50c0::bad2:ff​

Save changes.
a quick video how to do this could be done -


PLEASE NOTE:
devices and browser comes with hardcoded DNS these days.
Almost, all android devices has 8.8.8.8 as hardcoded DNS embedded, Android phone hides this from user, as host file is not exposed to user.
But this, we can see in fireTV/AndroidTV where whatever DNS we add, it might show 8.8.8.8 as extra in it network setting.
In browser it is shoved under user's throat in the name of Private browsing / Safe browsing, etc.

It's important to block 8.8.8.8 & 8.8.4.4 in router before implementing any adblocking measures.
if using tplink see these:
1. https://www.cactusvpn.com/tutorials/how-to-block-google-dns-addresses-on-tp-link-router/
2. https://community.tp-link.com/en/home/forum/topic/107272
 
Last edited:
So one problem I encountered while running pi-hole from my pi zero years ago was that Google assistant stopped working completely. Has anyone found a work around to that?
 
@kuduku @babhishek
need help my pings to next dns servers are now horrible ranging between 80-90
can you guys post yours please so I can compare and then complain to airtel
anexia-del 38 ms (ultralow1)
vultr-bom 39 ms (anycast1)
do-blr 44 ms
anexia-maa 49 ms
ls-bom 50 ms
vultr-blr 52 ms
■ vultr-del 68 ms (ultralow2)
bangmod-bkk 91 ms
premiumrdp-bkk 100 ms
greencloud-han 109 ms
anexia-ewr 258 ms (anycast2)
isp 1


vultr-bom 38 ms (anycast1)
do-blr 41 ms
vultr-blr 47 ms
anexia-del 48 ms (ultralow2)
■ vultr-del 63 ms (ultralow1)
anexia-maa 71 ms
premiumrdp-bkk 100 ms
lightnode-han 121 ms
ls-bom 128 ms
anexia-lon 260 ms (anycast2)
bangmod-bkk error

isp2
 
Last edited:
So one problem I encountered while running pi-hole from my pi zero years ago was that Google assistant stopped working completely. Has anyone found a work around to that?

This is strange, as GA is part of core services and is not blocked in any reputed blocklist of my knowledge.
I'm sure you have checked it on mobile network and its should be working.
If so, are you using any google specific blocklist like no-google ( https://github.com/nickspaargaren/no-google) ?

Anyways here is the solution:
navigate to - http://pi.hole/admin/taillog.php & try using google assistant,
in the log trail you will see the blocked domain.
Add that domain to you white-list. it should be something like "xxx.googleusercontent.com". ( most probably its unique to your geo location)

Dont whitelist entire - googleusercontent.com - Although all major google services like mail, drive, google photos, maps, reviews, etc work on this dynamic sub-domain.
This is also the main domain for admob, the main source via google spy and steal its user data. so allow only pin-hole subdomains.
 
Last edited:
Hello everyone! I currently have AdGuard Home up and running on a proxmox VM, for testing purposes I’ve added the Adguard DNS only to my mobile and laptop, and it’s working as expected.

The uBlock Origin extension which I have been using for quite sometime now shows a score 100/100 on the D3ward Adblock test. However, with uBlock disabled and Adguard DNS enabled, the score is now 97/100 when tested on Edge & Safari, which I’m quite satisfied with, hence I’m contemplating using Adguard DNS on my router so that all devices on my network benefit from ad-blocking.

I’d like to get your opinion: Is it better to use Adguard individually on per device basis, or should I block ads for the entire network via the router? my other concern is, I have over 30 smart home devices connected to my network, will they continue to function normally if AdGuard is enabled on the router?"
 
Last edited:
I have OISD, steven black, ad guard DNS filter added to my next DNS ac on my router and all my smart devices work perfectly. had a problem with one and had to add it in allowlist.
 
hXXps://old.reddit.com/r/amazonecho/comments/1gepxhi/amazon_echo_turning_on_camera_and_repeating/
This is an older story maybe about a year old from my mom.
According to her she was changing in the living room where the Alexa used to be.
Randomly it opened the camera and repeated the phrase “Show me the other side” while she was changing.

I have no reason to not believe her. What’s the possibility’s of what could have happened?

with these devices in home, watching and listening you 24x7.. guess whats coming next :)
( bump and draw people attention. Privacy matters )
 
Why not just use hagezi?
For anyone using hagezi (either Multi Normal or Pro) have issues with the Swiggy app constantly crashing?

I've added @@||analytics.swiggy.com^$important as an exception to get around this issue, but was wondering if this is too broad a whitelist. If anyone has looked into this before, could you share how you've whitelisted swiggy?
 
The biggest mess that I have noticed while using mullvad or adguard dns is that olx app becomes crap... It acts as if I am on an mtnl dialup connection.. Sometimes just doesn't open listing's at all.

Of course the issue of vowifi not working is well known with these dns addresses
 
For anyone using hagezi (either Multi Normal or Pro) have issues with the Swiggy app constantly crashing?

I've added @@||analytics.swiggy.com^$important as an exception to get around this issue, but was wondering if this is too broad a whitelist. If anyone has looked into this before, could you share how you've whitelisted swiggy?
i use pro++, along with others lists.
no issues with swiggy web (i don't use any app of any such services - installing app in android mean you willingly sacrificing your privacy).

exception.. you mean in pi-hole regex whitelist, regex.? if so how you have reached that conclusion to whitelist ?
if pihole -- would suggest remove the regex, in terminal, do "pihole -t" ,
fire up you swiggy app, and see the pihole trails if its blocking anything.
NOTE: you may need to wait 5 minute for pihole to flush cache, or restartdns after removing the exception.
Thumb-rule, regex blocking is all fine, but whitelisting need to be pinpoint, may be wildcard if anyone feeling very brave.

Hagezi pro is somwwhat redundant, either step up or step down. check this out for details - hXXps://old.reddit.com/r/nextdns/comments/13vroxd/hagezis_lists_dns_blocking_analysis/



Extra information: oisd domain blocklists are the most useless list.
Its like wearing a transparent plastic underwear and running in market. you might get a feel thar you wearing something, but entire market sees you naked.
olx app becomes crap
use sandbox like island, for those type of spywares and use you mobile data.
 
Last edited:
Swiggy app constantly crashing?
Is it iPhone? Whenever i use adguard dns profile directly in iPhone, Airtel, Swiggy, BBDaily all crashing constantly.. It took very long time for me realize its due to adblocker. But no such issues in android for same adguard dns.

For now using only stevenblack list using pihole, no more crashes.
 
For anyone using hagezi (either Multi Normal or Pro) have issues with the Swiggy app constantly crashing?

I've added @@||analytics.swiggy.com^$important as an exception to get around this issue, but was wondering if this is too broad a whitelist. If anyone has looked into this before, could you share how you've whitelisted swiggy?
I have HAGEZI ultimate, used to have Swiggy crashes few months ago on iOS, but it was fixed in a recent app update.

Edit: Just confirmed analytics.swiggy.com is on my blocklist and yet the app works fine.


Screenshot 2024-11-08 at 6.50.22 PM.png
 
Last edited:
How can i use any of these adblock dns settings on my TP Link router stock firmware..

check this out this - ControlD, legacy server. https://github.com/hagezi/dns-blocklists?tab=readme-ov-file#dnsservices
and
https://avoidthehack.com/best-dns-privacy select anything which has domain filtering & may provide user user customization. like rethinkdns,

most simple one, go to you router, DHCP setting and use these DNS , from AdGuard (very basic adblock, dont expect much)
Default servers (will block ads and trackers.)
IPv4: 94.140.14.14 and 94.140.15.15

Family protection servers (will block ads, trackers, adult content, and enable Safe Search and Safe Mode, where possible.
IPv4: 94.140.14.15 and
94.140.15.16

better option mentioned above
 
Last edited:
how you have reached that conclusion to whitelist ?
I waited for the Swiggy app to crash and immediately went to the Adguard Query Log and unblocked the most recent entry. Screenshot for reference, its not the actual query. Once I did that , the rule I posted above showed up under the Custom filtering rules page...I just don't know if its too broad.
1731071943905.png

Hagezi pro is somwwhat redundant, either step up or step down. check this out for details - hXXps://old.reddit.com/r/nextdns/comments/13vroxd/hagezis_lists_dns_blocking_analysis/
I don't agree with the reddit OP's recommendation based on his testing methodology. Yes, the recommendation will work for his household and usage pattern, but cannot be made a blanket recommendation for anyone else. What is his location, what services does his household use, etc. Also, operating off of % of queries blocked will artificially diminish the impact of domains which are queried rarely when netflix and google are constantly flooding the DNS with queries. I want a tracker\ad\whatever blocked whether it accounts for 50% of my queries or 0.00001%.

Similarly, does he use some India-only streaming service which will have its own set of domains to be blocked? Does he use cheap Chinese smart home devices that have their own trackers? If he did, would that affect his findings? There are too many variables.

The best takeaway from that post would be to perform a test similar to him and come to your own conclusion as to what works for your household. I would recommend setting the measurement period to atleast span an entire week to account for both week and weekend browsing behavior (e.g. if I only turn on my TV during the weekend).
Is it iPhone? Whenever i use adguard dns profile directly in iPhone, Airtel, Swiggy, BBDaily all crashing constantly.. It took very long time for me realize its due to adblocker. But no such issues in android for same adguard dns.

For now using only stevenblack list using pihole, no more crashes.

This is on Android for me. Happened when I used the hagezi block list both on PiHole as well as Adguard. Also affected a guest who came home and tried to access swiggy on android. It used to resolve itself when switching to mobile data, which lead me to beleive the issue was PiHole\Adguard. Will check out stevenblack.
 
Back
Top