DD-WRT with integrated Tracker and Adblocking using Privoxy

I have just integrated another feature. Here comes a proxy server with default rules for adblocking and tracking mechanisms like Google Analytics, Facebook Ilike Button…

This does not mean you cannot use Facebook or Google anymore, this just blocks tracking through 3rd party sites.

NOTE: You may have seen scripts that download host lists onto your router in order to redirect hostnames from well known adblocking servers to your routers ip . While this is an effective method to avoid certain ads it is the biggest security hole for your router. You have no control over the external host list, in case it was manipulated you are going to be redirected like a fool, to prepared servers that are just waiting to load you with malware etc.

Thus if you have never heard of privoxy you should start your browser and direct it to http://www.privoxy.org/.

proxy.png

Click to enlarge

The image shows the configuration page which allows to enable privoxy. In standard mode it will just act as a normal proxy that filters ads and other annoying content. In this mode you have to setup each clients browser to use the proxy: <routersip>:<port> e.g. 192.168.1.1 : 8118

In transparent mode all http traffic will be intercepted by the proxy, and every client will connect through the proxy, this is useful if you want to enforce the rules you defined. Lets say for example you want to filter out adult content and don’t want your kids to bypass your filter. The Custom Configuration is needed if you want to place your filter rules on a removable writeable media so you can create your own set of rules. To do this you would just use the standard config located under /tmp/privoxy.conf copy and paste the content and replace the paths to the actionfiles.

Note: In transparent mode the access to the dd-wrt page goes through the proxy, if the proxy dies for whatever reason you cannot reach the routers webif. In this case you can logon to through a shell and disable transparent mode with the command:

nvram set privoxy_transp_enable=0

nvram commit

Then restart the router. This will stop the firewall rule that enforces transparent mode.

Download Broadcom Build (8MB Units 47xx: Netgear WNR3500L, Asus RT-N16, Linksys WRT610N V1/V2):

Kong-Mod-USB-FTP-SAMBA3-OPENVPN

Activate Windows XP/2003 Error 32777

If you run into Error 32777 when trying to activate a fresh install of Windows XP or 2003 Server. Then you need to do the following.

  1. Manually download and install the SP for your OS
  2. Manually download and install the latest Internet Explorer for your OS
  3. Now go to Windows Update, if you installed the SP and latest IE you should be able to get the latest Updates through Windows Update page.
  4. Activation is now possible.

Windows Mediaplayer 11 Windows 7 DLNA Server finden

Sollte der Mediaplayer unter Windows 7 keine DLNA Server finden sollte man prüfen ob der Dienst UPnP Gerätesost und SSDP Suche gestartet sind.

Kong mod update build 15758

See myopenrouter announcement for a new set of my dd-wrt mods:

Myopenrouter

Kond Mod Status Update

I’m currently testing a new feature: filtering ads directly on the router

The next release will have privoxy onboard + default rules that block most ads before they reach your client computers.

This usually increases surfing speed and enhances security since ad servers are often used to send malware to browsers.

With custom rules one will be able to filter adult, gaming … sites. A transparent mode can be activated, which makes sure clients cannot bypass the filter.

 

DD-WRT Samba Custom Configuration – Kong Mod

Here is a little tutorial on how to create a custom configuration for samba. I assume you already have my dd-wrt mod installed. Once you enable Samba under Services->NAS you will see this Form:

smbcustom.png

Click to enlarge

Now to create a custom configuration you can just use the smb.conf which is created once you setup samba with public share. This file is located under /tmp/smb.conf. In the following example I added two users with special shares and changed the location of the public share. In addition to that it is neccessary to create the appropriate directorys on your usb drive ( in this example /jffs/boss, /jffs/cat, /jffs/public) :

 

[global]
server string = Kong
workgroup = Secure
interfaces = br*
bind interfaces only = Yes
map to guest = Bad User
smb passwd file = /var/samba/smbpasswd
private dir = /var/samba
passdb backend = smbpasswd
log file = /var/smbd.log
max log size = 1000
printing = none
load printers = No
usershare allow guests = Yes
socket options = TCP_NODELAY IPTOS_LOWDELAY

[Boss]
comment = Boss share
path = /jffs/boss
read only = No
guest ok = No
valid users = Boss
force user = root

[Cat]
comment = Cat share
path = /jffs/cat
read only = No
guest ok = No
valid users = Cat
force user = root

[Public]
comment = Public Share
path = /jffs/public
read only = No
guest ok = Yes
force user = root

Unless you know what you are doing you should keep the default options in global section, but you probably want to change some values like your server string and workgroup . Once you copied your config into the Custom Configuration textbox press Apply Settings. After that you can access your new shares.

Update 5th May 11: Latest builds require the option force user = root since they don’t mount partitions using option user

Update 3rd June 11: Kong builds >= 17140 have a new samba gui, there you can create multiple shares + users without the need of a custom config.

USB drive not recognized – WNR3500L

If you have trouble getting your usb drive to work with the wnr3500l you may want to test these steps:

  • usb port is deactivated – activate it by pressing poweroff button, wait 10s, poweron again by pressing the powerbutton
  • if you use a usb hub, make sure it has it’s own power source
  • if nothing helps, do a 30/30/30 reset

Update: DD-WRT Kong Mod build 15000

Here comes another release of my dd-wrt mod, now based on dd-wrt build 15000.

New:

-attempt to cleanly umount usb devices on reboot

Fixed:

-correctly create second samba user when using custom configuration

-fix black on black bug in nas section under safari/konqueror(using webkit)

Downloads:

Kong-Mod-USB-FTP-SAMBA3-DLNA

Kong-Mod-USB-FTP-SAMBA3-OPENVPN

DD-WRT with included samba3 + minidlna + speed optimization

I have updated my dd-wrt mod (build 14584) with included samba3 and minidlna. This build is thoroughly tested on a WNR3500L, but should work on all Broadcom 47xx Units with 8MB flash ( I have reports that it is working fine on Asus RT-N16, Linksys WRT610N V2 ).

Changes compared to my last build.

New features:

  • minidlna (DLNA Server)
  • O2 optimization for better performance
  • network performance fix (checkout benchmarks make sure you read the whole thread, to see the difference between standard dd-wrt and kong mod. Thanks  to bosa for testing!)

Fixes:

  • fix large file support for samba and busybox console utils
  • fix permissions with ext3 partitions and samba
  • fix DNS rebinding security issue http://blogs.forbes.com/firewall/2010/07/13/millions-of-home-routers-vulnerable-to-web-hack

Removed:

 

  • nfs modules, they along with nfs utils will come in a seperate version

Known Issues:

  • proftpd bug , reports wrong filesizes for files >4GB

 


P.S. For additional info , known issues etc. checkout: Myopenrouter

DD-WRT with included samba3 + speed optimization

I have updated my dd-wrt mod (build 14584) with included samba3. This build has bin tested on a WNR3500L, but should work on all Broadcom 47xx Units with 8MB flash (Asus RT-N16, Linksys WRT610N V2…).

Extra features compared to dd-wrt usb_std_ftp:

  • samba3 filesharing support with gui
  • ntfs-3g support with automount
  • inotify support needed for minidlna optware package
  • nfs modules
  • compile optimizations for faster operation Network performance comparison: Benchmarks


P.S. For additional info , known issues etc. checkout: Myopenrouter