The brotherhood of pi-hole


#21

I built (and sold) little boxes that were a bit like this five years ago - called it the Anonobox. Used Tor and privoxy for ad-blocking plus block lists.

It was built with Ubuntu server and ran on a video player box (mele brand). You just plugged an Ethernet cable into the box, then hooked into it via WiFi. It was short range (low power WiFi and no antenna) and wasn’t super fast (because Tor), but worked well for what it was meant for.

I sold a few but never caught on - maybe because nobody wanted such a thing, or perhaps I’m just not very good at marketing.

In the future, I look forward to a version/flavor of linux (cubes maybe?) with the Safe Network built-in.


#22

I often set my dns servers there then use chattr +i to make the file immutable … that prevents the OS from messing with it.


#23

On a single machine you can add one or more of the freely available block lists to the hosts file yourself?

Or maybe use something like this:

  hostsman

As it already knows about things. For a network:

  Web Filter for Your Network

If you decided to pay for it, a Personal (Self Support) license per device comes as reasonable as it gets.

Same software also as ‘Virtual Appliance’:

  Runs in VMware vSphere / ESXi, Hyper-V or Azure/AWS Cloud

No mention of a version for Raspberry Pi yet.

Discussion? Taken from Reddit comments, your answer:

[ ] Frankly, if you have an adblocker, you are a shoplifter;

[ ] I would like to point out that ad revenue usually comes
    from clicks on ads, not viewing ads;

[ ] I have no legal or moral obligation to view the information
    someone gives to me on their terms. I can skip pages in books
    and magazines, I can change channels when ads show up on TV,
    and I can filter ads out of my browser. None of these things
    are remotely akin to shoplifting.

[x] Correct

#24

Good idea.

It comes down to consent these days, an advert in a paper… won’t leave a cookie in my brain, won’t track my personal digital foot print, and won’t slow down my reading or page turning much.

Having an autoplay video, on a not in focus browser tab was THE FINAL STRAW. Advertisers are not allowed to damage my personal electronics or degrade it’s performance, collect my personal data… give away the surprise gifts I am buying in the household… ugh… it’s ugly. Some websites, you can’t actually read the content that advertisers should be relying on being decent so that their adverts are a success.

I have been pushed a bit too far over the edge, and apply an overkill strategy, don’t even want fair ads anymore.

If I accidentally surf to websites without add protections, I am horrified by my experience.


#25

Isn’t that the amount of queries? Also, could these blocked queries be retried by the clients because they are blocked? And, my experience is that SPA (Single Page Applications) like YouTube generate enormous amounts of blocked requests every single time I change the page.


#26

Yea. I’m assuming each query prevents loading of pictures, sound and video… especialy autoplay videos and sound.

Im not sure about the retry, but I think the clients are fooled in to thinking their request was a success but with nothing returned.


#27

Yip, the web is horrendous without an ad block!


#28

The idea is that this is all done at the network level so that you don’t need to modify each individual machine. The approach of having backup DNS servers is true, except you configure it on your router instead of each device.


#29

Yes, and the DNS servers are communicated with DHCP. But then you have to be able to configure that on your router. Not everybody can do that …
Edit: although the DHCP server doesn’t have to be the router.


#30

PiHole works by just putting the box somewhere on your network and pointing your routers DNS lookup to that IP address.

While you’re waiting to set that up, you can do the same trick, but point your routers DNS to AdGuard, or OpenDNS. I use AdGuard, since it doesn’t require me to set up an account and is free for non-commercial use. May set up a PiHole for added privacy, but AdGuard works well for me, for now.

Adguard
https://adguard.com/en/adguard-dns/overview.html#instruction

OpenDNS
https://signup.opendns.com/homefree/


#31

My ISP modem/router is hard set to give the ISP’s DNS out when you DHCP off of it. So the devices use the ISP DNS rather than the router box. So in my case I’d need to set the DNS on each machine or better use DHCP from another router/device.

Except that the program/browser waits for an answer. So unless you put a web-server of some sort on your box too then the programs/browsers will wait&retry to get the page since there will be no response.

I used to do this a decade or so ago when my bank decided to hand over my browsing info (a ton of info) to a 3rd party stats and refused to remove the tracking (even when logged in) so I added the IP address to the hosts file. Well it slowed down the page loads because there was no response when asking that other site for the 1x1 pixel tracking crap. Now I add the site to adblock

Mind you I have not tried pi-hole (yet)

Gotta to love these armchair lawyers and the nonsensical options.

Then the American companies would have sued all the people using adblockers. It would have netted them much more than the advert revenue.

But anybody who knows anything can see that option as plainly wrong.

And in Australia, any unsolicited material delivered to or given to me is mine to do with as I wish. Deliveries in Australia are typically signed for before they give it to you. So for any adverts attempted to be delivered to me, I can do as I wish which includes not accepting it or asking for it. So we even have strict legal backing to block any adverts.

This is only partly true. In years past the revenue only came from the advert being displayed. Its only in more recent times that the revenue has shifted to clicks. And now verified clicks (ie actual advert site visited)

What can you say. Except that this statement assumes the advert has appeared on your screen already, then conflates the argument to filtering it out.

So a fail on this option.

The true option is that

Many sites survive from advert revenue and they miss out on that if you block adverts
You have no legal requirement to download/access anything that the webpage tries to access including adverts, malware, good-content, illegal-content. You can legally tell your browser not to access any/all content the text file (web-page) retrieved has links for.
In fact the advertisers are taking from you. They are stealing your bandwidth, unless you gave them specific/general permission to do so.
The advertisers are illegally (in some localities) using surveillance on children (under 13)


#32

My ISP also wants to rent you a combination Modem/Router. Aside from the fact that I hate paying them rent for equipment I can buy, I also did not like letting my ISP inside my home network. I purchased a compatible modem on Amazon, and have my own completely separate router set up behind it, so there is a clear separation between my home network and my ISP.


#33

Unfortunately for Cable I could not opt for my own, they locked my account to their HFC modem/router. When I had ADSL I always used my own modem/router. And now that I can get NBN I will be required to use NBN equipment (modem since its HFC again) for the connection, but I should be able to use my own router as the only router, but I have to confirm that.


#34

My Pi arrived today - can’t wait to play with it after work :wink:


#35

Welcome aboard. :slight_smile:

Cant wait to see your stats page.


#36

Set it up yesterday, working pretty well so far :slight_smile:

Unfortunately my router doesn’t allow changing DNS settings, so I have to manually configure each device to use the pi-hole as the DNS server :confused:


#37

Beautiful!

Looking good. :slight_smile: How does an advert free experience across all devices feel?

I had to call my ISP to enable an option of attaching my own router.
Once you get the DNS issue sorted, take a loot at https://openvpn.net/

I have openVPN clients installed on my phones, computers.
I have a seperate raspberry pi running openVPN server on my network, I don’t
want to mess with my pi-hole. :slight_smile:

Here are the benefits so far of VPNing in to my home network.

  1. Advert Protection Anywhere I am, on my phone and on my laptops.
  2. I no longer need to go to invite.maidsafe.net to change my IP address.
    I just used the awsome safe mobile authenticator on my mobile phone, away from the
    home network and instant access, no complaints.

:slight_smile:


#38

I may end up changing ISP anyway, but if not then I will get my own router.

When I searched for this issue my ISP was a common name that came up :confused:

Super cool idea, have you noticed any slowdown in browsing when you’re away from home?


#39

No difference compared to the equivalent network I am connected to at the time, 3G, 4G, Other WiFi.
One issue, check your upload and download restrictions on your ISP, if you are routing a large download through your home network that could be slower than downloading the file without openVPN.
I have noticed sometimes if I am switching from 3G to Wifi networks and back the openVPN client might get confused - i just flip the connection swith to off then on and its back to normal.

Probably best to use one of the more powerful raspberry pi’s as your vpn server, or any linux machine you may have laying around.

edit: There is also some speed up due to not having adverts taxing your experience.

edit: You will also need a dynamic dns service to track your ip. My router lets me login to the
following, https://www.noip.com I use their free dns service, which means
I need to confirm once a month that I want to keep it. Thinking to paying for the monthly service.


#40

nice, there is even a docker container image for pi-hole, so it’s easy(-ier) to run it on an old desktop pc or something. and i could try to run it on my turris omnia :smiley: