Blocky – a DNS proxy and ad-blocker for the local network (opens in new tab)

(0xerr0r.github.io)

249 pointskaathewise1y ago107 comments

107 comments

cj1y ago

> Uses random upstream resolvers from the configuration - increases your privacy through the distribution of your DNS traffic over multiple provider

The whole project is really interesting but this line caught my eye.

For spreading DNS providers, would randomly routing to different ones be more or less private than rotating providers every X minutes? It feels like so many sites request so many different resources that if you make DNS resolution distributed across providers, you might be exposing your "trail" to multiple companies at the same time, compared to an alternative approach of switching every X minutes so that any individual company only sees a snapshot of your queries in time rather than your whole journey.

ignoramous1y ago

rethinkdns dev here

> For spreading DNS providers, would randomly routing to different ones be more or less private than rotating providers every X minutes.

Less private for the simple fact that now you'd have to rely on multiple upstream resolvers to respect your privacy. Stick to one; ideally the one with better privacy guarantees like the Mozilla endpoints to Cloudflare DNS.

Or, use anonymizing protocols like Oblivious DNS over HTTP and DNSCrypt v3.

dngray1y ago

100% agree. Not sure why you'd randomly play round robin with a bunch of DNS servers. What purpose is this feature even for?

If privacy is what you're intending however, DNS is only one part of that and there are other ways in which things can leak https://www.privacyguides.org/en/advanced/dns-overview/

Generally I just recommend to people to use their internal VPN provider's DNS servers and call it a day, or of course Tor.

1 more reply

aesh2Xa11y ago

> the Mozilla endpoints to Cloudflare DNS

Oh, I did not know that Mozilla had an endpoint on Cloudflare's 1.1.1.1 service, but there it is!

https://github.com/mozilla/gecko-dev/blob/c09764753ea40725eb...

https://mozilla.cloudflare-dns.com/dns-query

Does Mozilla publish their terms somewhere? I'm curious how their endpoint is any different.

Scion90661y ago

First thing I thought about was the reasoning behind why Tor uses Entry Guards (a limited set of relays chosen by your client to use as the first entry point rather than a random one each time). I'd imagine the same arguments apply for why you don't want to randomize which servers your DNS queries go to. If you're making hundreds or thousands of queries, as people tend to do while using the same set of sites over time, then eventually all servers will end up with the names of all the sites you visit, as opposed to just choosing one server and only that server having the names. So yeah, that definitely seems like the opposite of a privacy feature.

More info on why Tor chooses just a few entry nodes here: https://support.torproject.org/about/entry-guards/

DyslexicAtheist1y ago

not novel but a standard feature in dnscrypt-proxy

Havoc1y ago

> Uses random upstream resolvers from the configuration - increases your privacy through the distribution of your DNS traffic over multiple provider

Is that the consensus? I thought this would just increase the amount of parties that have insight. eg if today it sends my CNN news reading to cloudflare and tomorrow it sends it to 9999 resolver then that seems worse than sending both to cloudflare.

efitz1y ago

Why would I use Blocky vs. Pi-Hole? It seems like a nice project but pi-hole is really mature; I'd love to see a feature comparison or a brag sheet showing what it's better at.

adr1an1y ago

It's a bit faster, yet it lacks a web UI. I prefer it, because I use it directly on the PC/ Laptop via Docker and I like text files more than binding web UIs to ports..

kornhole1y ago

If you have a PFSense or OPNSense firewall/router, PFblockerNG also does a great job https://docs.netgate.com/pfsense/en/latest/packages/pfblocke.... PFSense comes with a DNS Resolver with option to forward to these other resolvers. It has also too many other features to list especially useful to a homelab.

fossdd1y ago

I had used Pi-hole and blocky. Pi-hole is nice for the non-expert who just wants to block ads, with a neat web interface. But with blocky, instead of a web interface you can fully configure blocky in a single nice-documented extensive YAML file. Metrics are retrieved per Prometheus and can be visually shown in something like Gragfana. It has A LOT of features and is faster. :)

vladslav1y ago

It looks like it's much easy to setup DoH with blocky. Blocky's DoT doesn't work for me but it's a pain to setup with Pi-hole and it's impossible to make DoH work in Pi-hole.

leipert1y ago

For me single binary and single config file is a big one. Much easier to deploy and share configs for example. I have a PiHole running but I kind of dread setting up a second one for redundancy.

himurae1y ago

https://youtu.be/UjqZPLL0UvM

Blocky is better because it uses less resources ,only a single yml onfig file and dns queries are faster as it's stateless

password43211y ago

Or AdGuard Home https://news.ycombinator.com/item?id=39276687

Or NextDNS to let someone else handle it.

poisonborz1y ago

My problem with network-level adblockers, also PiHole is that they break a lot of services (yeah it's mostly sloppy or malicious intent from service provider but still). On a browser you can quickly disable uBlock for that site, it is much more tedious for these services - also because it's not even clear that the filtering is causing the problem, also because it maybe someone else on the network experiencing the problem.

theideaofcoffee1y ago

I have a handful of different wifi SSIDs set up on my network at home to help with this, some route their DNS queries through a pihole instance and others (say, without the “AB” for ‘adblock’ suffix on their ssid names), don’t. Each ssid is their own vlan and each has their own dhcp listening that doles out the pihole instance address on the Adblock-enabled nets.

It’s easy enough to just connect to a different ssid if I see anything breaking, but it’s rare enough that I keep it connected to the pihole/adblock network at all times. Works super well.

jakjak1231y ago

That is a great idea. What do you use to run multiple wifis with separate vlan?

2 more replies

cyberpunk1y ago

I’ve been using https://oisd.nl/ on my network for some time (just cronned into an unbound config file) and nothing breaks.

If you report a website breaking to the maintainer, he removes the offending block.

Works well, I can recommend it.

And it reminds my to send them a little money in thanks.

UberFly1y ago

This looks really good. Thanks for suggesting it.

ai_what1y ago

I have a silly "trick" for this. In Firefox you can add a SOCKS5 proxy and click "Proxy DNS with SOCKS5 proxy". This bypasses the system DNS.

So for example, if you make a container with this, then you can just quickly open the URL that's blocked in the other container and it will bypass the network-level DNS adblock.

There are other ways to do it without a container, I'm sure, maybe with an add-on/toggle or something.

My VPN provider gives free SOCKS5 access to a few servers, so it didn't cost me anything more.

belthesar1y ago

That's a clever trick. It's also pretty trivial to set up a SOCKS5 proxy with Shadowsocks if it's desirable to keep that DNS resolution local.

ranger_danger1y ago

How are you using a different proxy per container tab? I've tried FoxyProxy but it leaked DNS requests through the local network resolver even with SOCKS5 proxies.

1 more reply

illnewsthat1y ago

I created a bit.ly link that points to http://yourpiholehost/admin/api.php?disable=300&auth=api_key

Bookmark it for myself and other people in the house and then turn it off for five mins whenever there is an issue.

ceejayoz1y ago

Would be fun to hook this up to one of those IoT Amazon buttons.

2 more replies

thangngoc891y ago

What annoyed me the most is actually clicking on ads from Google Search. Sometime I searched a product and I couldn't clicked on the first result because they are advertisements.

Spare_account1y ago

Every time threads like this come up I am reminded that Google has ads. I don't see them, presumably because of uBlock Origin.

I'm typing this response not to smugly boast, but because it's a lead in to the question that your comment raised within me:

Are you using Pihole to block ads at a network level, but not also using a browser extension to block them at the client?

4 more replies

ceejayoz1y ago

Honestly, I love this aspect of my Pihole. Stops Google stealing those pennies from the businesses who were already gonna be the #1 result anyways.

1 more reply

qwertimus1y ago

I've had the most luck with OISD as the blocklist; others have the exact problems you describe (in fact all other blocklists I've tested have had frequent issues). Since changing, I've had maybe 2 sites that didn't play nice with the filtering. These issues are not inherent to network-level blockers, but the configuration of those blockers.

efitz1y ago

PiHole has an API that can be used to enable and disable the ad blocker.

I have a bunch of home automation set up, and through the use of HomeBridge and a plug-in I have a button in my Apple Home app on my iPhone to enable or disable the ad blocker. Since it's exposed as a smart home thing, you could hook it up to a voice assistant like Siri or Alexa.

I built an integration once for an Elgato StreamDeck.

You can also download apps that do the same thing; I have one called "Pi-Hole Remote" that works great.

Yes, ad blocker blockers are annoying, but they are trivially worked around.

culopatin1y ago

I’ll definitely implement this as soon as I have the pihole pc back up. My girlfriend will be very happy

martin_a1y ago

Is that your experience? Honest question, because only yesterday, after several years with PiHole and uBlock Origin, I found that a Shopify shop wasn't working for me. But that's probably the only issue I encountered after all those years...

dorianh1y ago

Unfortunately yes, there are features on big websites which just don't work.

Now every time, I have an issue with any website, my first instinct is to turn off pi-hole. Most of the time, pi-hole is not the even the issue, but sometimes it is. It's annoying to browse the internet while constantly thinking "Maybe there is an issue on my side".

1 more reply

jokethrowaway1y ago

Not parent but yes, that's exactly why I stopped using PiHole

Dalewyn1y ago

I've come across a few borking issues, including online banking because card rewards are counted as advertising in the list(s) I use.

Such problems are few and far between, though, and it wasn't that hard to figure out what to whitelist (granted I'm a computer nerd, not everyone is).

davitocan1y ago

Home Depot search breaks for me when using Blocky, and is the only consistent issue I observe.

1 more reply

nirav721y ago

I use both Pihole and ublock. While ublock is fine for desktop browser , pihole is useful for mobile devices, as well as blocking access for devices and apps that tend to be chatty with data it sends out. For example - I unfortunately bought a few Eufy security cams long before it was found that Eufy was sending user data out to its AWS instance. It was easy to block that access via AWS in Pihole. Of course, it doesn't always work. I've found some devices absolutely need to call home before they'll function.

squaresmile1y ago

I use a quick setting to quickly switch between ad blocking dns and normal dns for bad websites or captive portal.

https://f-droid.org/en/packages/com.jpwolfso.privdnsqt/

avel1y ago

Pretty cool. If you have adguard home and google assistant, you have access to a switch that can enable/disable adguard home protection. So with the homeassistant app you can add that as a quick tile as well. The only caveat is that this will disable it across all devices.

avel1y ago

It's not that tedious.

In adguard home you have a switch on/off in the web UI. You can also expose that switch to homeassistant.

And there are some other good ideas in this thread as well for android and ios.

zzyzxd1y ago

After disabling it on the UI, your device may still cache the DNS records for a few minutes. There's no immediate feedback on whether disabling adblocking changed anything. It is extremely tedious especially for non-technical users, and adds "tech-support" burden to their technical friend/family who set it up in the first place.

apexalpha1y ago

Yes, I ran into these issues when I installed PiHole in my family home.

Most issues were with Google Ads inside Google Search. Often these are relevant and actually what you're looking for. But they don't work.

I tried rewriting the "this is blocked" page that PiHole would serve so it included a button to temporarily disable blocking for said url but it turned out to be harder than I thought.

pnw1y ago

Pi-hole Remote for iOS has a disable for X minutes feature which is invaluable when you do run into one of these sites. I use it maybe once a week.

https://apps.apple.com/nl/app/pi-hole-remote/id1515445551?l=...

lencastre1y ago

Pi-Hole Remote (iOS app) is your friend

nirav721y ago

Yep. There are also browser extensions that will allow pausing pihole blocking temporarily.

or simply these URLs:

Disable URL : http://<pihole ip address or hostname>/admin/api.php?disable&auth=[your pihole password]

Enable URL : http://<pihole ip address or hostname>/admin/api.php?enable&auth=[your pihole password]

Disable for [X] Seconds: http://<pihole ip address or hostname>/admin/api.php?disable=[X]&auth=[your pihole password]

derpymcderpface1y ago

Yeah, this is always my hurdle implementing house wide. I can toggle it on and off when I have the stubborn link but my girlfriend just gets utterly annoyed. I just manually point some of my devices at my local server and leave it at that. Guess I should look into aws free tier and set it up there as well or just say screw it and use dns.adguard.com again.

girishso1y ago

Can't block Youtube shorts with these DNS adblockers, I know I can use browser extensions on a computer (and I do), but I really want to block shorts on iOS/Android apps. Tried the squid https proxy rabbit hole, but could not get it to work with mobile devices.

Any hints?

MehdiHK1y ago

I use revanced for this on Android. Pretty cool, adblocker, sponsor block, customization like removing shorts. It patches YouTube APK, so you retain same UX, no need to use a new app.

Edit: forgot to add link - https://revanced.app/

Be aware of the fake ones.

that_guy_iain1y ago

Just don't go to the shorts section? Or are you talking about the ads in the shorts section?

moe_sc1y ago

The shorts section on mobile is kinda inbetween all other videos. If you don't pay attention you can end up on one quite easily...

And then it's back to doom scrolling

animuchan1y ago

Shorts plague the search. Short clips are always completely irrelevant to anything I can possibly be looking for, while not entirely insane, anyway.

imhoguy1y ago

NewPipe for Android has no shorts

UberFly1y ago

Came to say this. NewPipe is great. Superior to the default android YouTube app in many ways.

kiicia1y ago

I stopped using yt app on iOS and instead use browser (safari) with addons

userbinator1y ago

Tried the squid https proxy rabbit hole, but could not get it to work with mobile devices.

You'll need to generate your own CA and root certs to install if you're setting up a MITM proxy.

girishso1y ago

I did create a self signed root cert, it works as expected when accessing net from my Mac. But mobile devices refuse to work, zero network requests succeed. I did trust the root cert on both mac and mobile. ¯\_(ツ)_/¯

1 more reply

tremarley1y ago

There are YouTube clones for iOS & Android that have Adblock, Shorts Block & Sponsor Blocks

shadowpho1y ago

Which ones for iOS?

1 more reply

vwkd1y ago

Sideload a tweaked YouTube IPA, like YTLitePlus.

a_subsystem1y ago

I use Orion on ios.

_ache_1y ago

It's a DNS proxy, like pi-hole, but it seems a lot more powerful than Pi-hole that is basically just a configured dnsmasq server to be user-friendly.

https://docs.pi-hole.net/

thangngoc891y ago

Usually pi-hole is installed together with Unbound [1] for the function of Blocky.

[1] https://docs.pi-hole.net/guides/dns/unbound

culopatin1y ago

What makes it a lot more powerful? Running pihole just because I know it better than others

mrbluecoat1y ago

> Blocking of ... response IP addresses (against IP lists)

So blocky can block IP addresses? If so it's more powerful than traditional DNS blockers like Pi-Hole and AdGuard Home.

> Logging of DNS queries per day / per client in CSV format or MySQL/MariaDB/PostgreSQL database

May want to include a time series database, like InfluxDB

For those needing layer 7 control, https://github.com/andybalholm/redwood is a nice Go option.

belthesar1y ago

> May want to include a time series database, like InfluxDB

Seems to have native support for Prometheus, so that seems to be the TSDB to use for the project. That said, if you're at the point where your record density takes advantage of the benefits of a time series DB vs a well indexed RDBMS, I'd also imagine that you're beyond the scope of this little service.

intuxikated1y ago

why would I use this over something like Adguard Home?

figmert1y ago

One thing I like about AdGuard Home is that it supports normal AdGuard's block list, similar to the ones used in browsers. Of course, it ignores the items that it is unable to block (e.g. cosmetic, or third-party etc), but it is nice being able to take the lists I use in uBlock Origin, and just feeding it into AdGuard Home.

zikduruqe1y ago

Also AdGuardhome will use optimistic caching, which is great.

https://github.com/AdguardTeam/AdGuardHome/discussions/4002#...

jedisct11y ago

Or dnscrypt-proxy, especially if you care about not disclosing your IP address to resolvers.

different_base1y ago

I run dnscrypt-proxy on my OpenWrt Router. It's like Syncthing. Install and forget, like how softwares should work in general.

himurae1y ago

https://youtu.be/UjqZPLL0UvM

_ache_1y ago

Very interesting project too !

https://adguard.com/adguard-home.html

beaugunderson1y ago

super useful for being able to use cloudflare dns but still resolve the archive.* domains using a different resolver (because archive.* blocks cloudflare for ideological reasons):

    conditional:
      mapping:
        archive.is: 8.8.8.8
        archive.today: 8.8.8.8
        archive.md: 8.8.8.8
        archive.ph: 8.8.8.8

silverwind1y ago

here's the same in dnsmasq:

    server=/archive.today/8.8.8.8
    server=/archive.ph/8.8.8.8
    server=/archive.is/8.8.8.8
    server=/archive.li/8.8.8.8
    server=/archive.vn/8.8.8.8
    server=/archive.fo/8.8.8.8
    server=/archive.md/8.8.8.8
    server=/archive.to/8.8.8.8

breiti1y ago

Which is what pi-hole uses if anyone is curious.

teamspirit1y ago

Is that why? I’ve been having this problem intermittently for years now and never understood it. Wow.

Cody-991y ago

The CEO/cofounder of cloudflare has written about this issue here on HN https://news.ycombinator.com/item?id=19828702

mikl1y ago

The amount of effort that goes into blocking ads and tracking really says a lot about how messed up the web is these days.

MrksHfmn1y ago

i have stopped using local dns resolvers. too many pitfalls, dns leaks or the dns resolver is down and the devices can't resolve the addresses.

I have simply set https://dnsforge.de in my router.

ahmetozer1y ago

What is benefits when it is compared to dnsmasq and hostblock list ?

epstein1y ago

No for windows?

himurae1y ago

Blocky is best adblocker its lightweight unlike adguard just a simple yml file its dns queries are faster than adguard imo i run it as a container on VYOS (best router software imo)

j / k navigate · click thread line to collapse

107 comments

cj1y ago

> Uses random upstream resolvers from the configuration - increases your privacy through the distribution of your DNS traffic over multiple provider

The whole project is really interesting but this line caught my eye.

ignoramous1y ago

rethinkdns dev here

> For spreading DNS providers, would randomly routing to different ones be more or less private than rotating providers every X minutes.

Or, use anonymizing protocols like Oblivious DNS over HTTP and DNSCrypt v3.

dngray1y ago

100% agree. Not sure why you'd randomly play round robin with a bunch of DNS servers. What purpose is this feature even for?

If privacy is what you're intending however, DNS is only one part of that and there are other ways in which things can leak https://www.privacyguides.org/en/advanced/dns-overview/

Generally I just recommend to people to use their internal VPN provider's DNS servers and call it a day, or of course Tor.

1 more reply

aesh2Xa11y ago

> the Mozilla endpoints to Cloudflare DNS

Oh, I did not know that Mozilla had an endpoint on Cloudflare's 1.1.1.1 service, but there it is!

https://github.com/mozilla/gecko-dev/blob/c09764753ea40725eb...

https://mozilla.cloudflare-dns.com/dns-query

Does Mozilla publish their terms somewhere? I'm curious how their endpoint is any different.

Scion90661y ago

More info on why Tor chooses just a few entry nodes here: https://support.torproject.org/about/entry-guards/

DyslexicAtheist1y ago

not novel but a standard feature in dnscrypt-proxy

Havoc1y ago

> Uses random upstream resolvers from the configuration - increases your privacy through the distribution of your DNS traffic over multiple provider

efitz1y ago

Why would I use Blocky vs. Pi-Hole? It seems like a nice project but pi-hole is really mature; I'd love to see a feature comparison or a brag sheet showing what it's better at.

adr1an1y ago

It's a bit faster, yet it lacks a web UI. I prefer it, because I use it directly on the PC/ Laptop via Docker and I like text files more than binding web UIs to ports..

kornhole1y ago

fossdd1y ago

vladslav1y ago

It looks like it's much easy to setup DoH with blocky. Blocky's DoT doesn't work for me but it's a pain to setup with Pi-hole and it's impossible to make DoH work in Pi-hole.

leipert1y ago

For me single binary and single config file is a big one. Much easier to deploy and share configs for example. I have a PiHole running but I kind of dread setting up a second one for redundancy.

himurae1y ago

https://youtu.be/UjqZPLL0UvM

Blocky is better because it uses less resources ,only a single yml onfig file and dns queries are faster as it's stateless

password43211y ago

Or AdGuard Home https://news.ycombinator.com/item?id=39276687

Or NextDNS to let someone else handle it.

poisonborz1y ago

theideaofcoffee1y ago

It’s easy enough to just connect to a different ssid if I see anything breaking, but it’s rare enough that I keep it connected to the pihole/adblock network at all times. Works super well.

jakjak1231y ago

That is a great idea. What do you use to run multiple wifis with separate vlan?

2 more replies

cyberpunk1y ago

I’ve been using https://oisd.nl/ on my network for some time (just cronned into an unbound config file) and nothing breaks.

If you report a website breaking to the maintainer, he removes the offending block.

Works well, I can recommend it.

And it reminds my to send them a little money in thanks.

UberFly1y ago

This looks really good. Thanks for suggesting it.

ai_what1y ago

I have a silly "trick" for this. In Firefox you can add a SOCKS5 proxy and click "Proxy DNS with SOCKS5 proxy". This bypasses the system DNS.

So for example, if you make a container with this, then you can just quickly open the URL that's blocked in the other container and it will bypass the network-level DNS adblock.

There are other ways to do it without a container, I'm sure, maybe with an add-on/toggle or something.

My VPN provider gives free SOCKS5 access to a few servers, so it didn't cost me anything more.

belthesar1y ago

That's a clever trick. It's also pretty trivial to set up a SOCKS5 proxy with Shadowsocks if it's desirable to keep that DNS resolution local.

ranger_danger1y ago

How are you using a different proxy per container tab? I've tried FoxyProxy but it leaked DNS requests through the local network resolver even with SOCKS5 proxies.

1 more reply

illnewsthat1y ago

I created a bit.ly link that points to http://yourpiholehost/admin/api.php?disable=300&auth=api_key

Bookmark it for myself and other people in the house and then turn it off for five mins whenever there is an issue.

ceejayoz1y ago

Would be fun to hook this up to one of those IoT Amazon buttons.

2 more replies

thangngoc891y ago

What annoyed me the most is actually clicking on ads from Google Search. Sometime I searched a product and I couldn't clicked on the first result because they are advertisements.

Spare_account1y ago

Every time threads like this come up I am reminded that Google has ads. I don't see them, presumably because of uBlock Origin.

I'm typing this response not to smugly boast, but because it's a lead in to the question that your comment raised within me:

Are you using Pihole to block ads at a network level, but not also using a browser extension to block them at the client?

4 more replies

ceejayoz1y ago

Honestly, I love this aspect of my Pihole. Stops Google stealing those pennies from the businesses who were already gonna be the #1 result anyways.

1 more reply

qwertimus1y ago

efitz1y ago

PiHole has an API that can be used to enable and disable the ad blocker.

I built an integration once for an Elgato StreamDeck.

You can also download apps that do the same thing; I have one called "Pi-Hole Remote" that works great.

Yes, ad blocker blockers are annoying, but they are trivially worked around.

culopatin1y ago

I’ll definitely implement this as soon as I have the pihole pc back up. My girlfriend will be very happy

martin_a1y ago

dorianh1y ago

Unfortunately yes, there are features on big websites which just don't work.

1 more reply

jokethrowaway1y ago

Not parent but yes, that's exactly why I stopped using PiHole

Dalewyn1y ago

I've come across a few borking issues, including online banking because card rewards are counted as advertising in the list(s) I use.

Such problems are few and far between, though, and it wasn't that hard to figure out what to whitelist (granted I'm a computer nerd, not everyone is).

davitocan1y ago

Home Depot search breaks for me when using Blocky, and is the only consistent issue I observe.

1 more reply

nirav721y ago

squaresmile1y ago

I use a quick setting to quickly switch between ad blocking dns and normal dns for bad websites or captive portal.

https://f-droid.org/en/packages/com.jpwolfso.privdnsqt/

avel1y ago

It's not that tedious.

In adguard home you have a switch on/off in the web UI. You can also expose that switch to homeassistant.

And there are some other good ideas in this thread as well for android and ios.

zzyzxd1y ago

apexalpha1y ago

Yes, I ran into these issues when I installed PiHole in my family home.

Most issues were with Google Ads inside Google Search. Often these are relevant and actually what you're looking for. But they don't work.

I tried rewriting the "this is blocked" page that PiHole would serve so it included a button to temporarily disable blocking for said url but it turned out to be harder than I thought.

pnw1y ago

Pi-hole Remote for iOS has a disable for X minutes feature which is invaluable when you do run into one of these sites. I use it maybe once a week.

https://apps.apple.com/nl/app/pi-hole-remote/id1515445551?l=...

lencastre1y ago

Pi-Hole Remote (iOS app) is your friend

nirav721y ago

Yep. There are also browser extensions that will allow pausing pihole blocking temporarily.

or simply these URLs:

Disable URL : http://<pihole ip address or hostname>/admin/api.php?disable&auth=[your pihole password]

Enable URL : http://<pihole ip address or hostname>/admin/api.php?enable&auth=[your pihole password]

Disable for [X] Seconds: http://<pihole ip address or hostname>/admin/api.php?disable=[X]&auth=[your pihole password]

derpymcderpface1y ago

girishso1y ago

Any hints?

MehdiHK1y ago

I use revanced for this on Android. Pretty cool, adblocker, sponsor block, customization like removing shorts. It patches YouTube APK, so you retain same UX, no need to use a new app.

Edit: forgot to add link - https://revanced.app/

Be aware of the fake ones.

that_guy_iain1y ago

Just don't go to the shorts section? Or are you talking about the ads in the shorts section?

moe_sc1y ago

The shorts section on mobile is kinda inbetween all other videos. If you don't pay attention you can end up on one quite easily...

And then it's back to doom scrolling

animuchan1y ago

Shorts plague the search. Short clips are always completely irrelevant to anything I can possibly be looking for, while not entirely insane, anyway.

imhoguy1y ago

NewPipe for Android has no shorts

UberFly1y ago

Came to say this. NewPipe is great. Superior to the default android YouTube app in many ways.

kiicia1y ago

I stopped using yt app on iOS and instead use browser (safari) with addons

userbinator1y ago

Tried the squid https proxy rabbit hole, but could not get it to work with mobile devices.

You'll need to generate your own CA and root certs to install if you're setting up a MITM proxy.

girishso1y ago

1 more reply

tremarley1y ago

There are YouTube clones for iOS & Android that have Adblock, Shorts Block & Sponsor Blocks

shadowpho1y ago

Which ones for iOS?

1 more reply

vwkd1y ago

Sideload a tweaked YouTube IPA, like YTLitePlus.

a_subsystem1y ago

I use Orion on ios.

_ache_1y ago

It's a DNS proxy, like pi-hole, but it seems a lot more powerful than Pi-hole that is basically just a configured dnsmasq server to be user-friendly.

https://docs.pi-hole.net/

thangngoc891y ago

Usually pi-hole is installed together with Unbound [1] for the function of Blocky.

[1] https://docs.pi-hole.net/guides/dns/unbound

culopatin1y ago

What makes it a lot more powerful? Running pihole just because I know it better than others

mrbluecoat1y ago

> Blocking of ... response IP addresses (against IP lists)

So blocky can block IP addresses? If so it's more powerful than traditional DNS blockers like Pi-Hole and AdGuard Home.

> Logging of DNS queries per day / per client in CSV format or MySQL/MariaDB/PostgreSQL database

May want to include a time series database, like InfluxDB

For those needing layer 7 control, https://github.com/andybalholm/redwood is a nice Go option.

belthesar1y ago

> May want to include a time series database, like InfluxDB

intuxikated1y ago

why would I use this over something like Adguard Home?

figmert1y ago

zikduruqe1y ago

Also AdGuardhome will use optimistic caching, which is great.

https://github.com/AdguardTeam/AdGuardHome/discussions/4002#...

jedisct11y ago

Or dnscrypt-proxy, especially if you care about not disclosing your IP address to resolvers.

different_base1y ago

I run dnscrypt-proxy on my OpenWrt Router. It's like Syncthing. Install and forget, like how softwares should work in general.

himurae1y ago

https://youtu.be/UjqZPLL0UvM

_ache_1y ago

Very interesting project too !

https://adguard.com/adguard-home.html

beaugunderson1y ago

super useful for being able to use cloudflare dns but still resolve the archive.* domains using a different resolver (because archive.* blocks cloudflare for ideological reasons):

    conditional:
      mapping:
        archive.is: 8.8.8.8
        archive.today: 8.8.8.8
        archive.md: 8.8.8.8
        archive.ph: 8.8.8.8

silverwind1y ago

here's the same in dnsmasq:

    server=/archive.today/8.8.8.8
    server=/archive.ph/8.8.8.8
    server=/archive.is/8.8.8.8
    server=/archive.li/8.8.8.8
    server=/archive.vn/8.8.8.8
    server=/archive.fo/8.8.8.8
    server=/archive.md/8.8.8.8
    server=/archive.to/8.8.8.8

breiti1y ago

Which is what pi-hole uses if anyone is curious.

teamspirit1y ago

Is that why? I’ve been having this problem intermittently for years now and never understood it. Wow.

Cody-991y ago

The CEO/cofounder of cloudflare has written about this issue here on HN https://news.ycombinator.com/item?id=19828702

mikl1y ago

The amount of effort that goes into blocking ads and tracking really says a lot about how messed up the web is these days.

MrksHfmn1y ago

i have stopped using local dns resolvers. too many pitfalls, dns leaks or the dns resolver is down and the devices can't resolve the addresses.

I have simply set https://dnsforge.de in my router.

ahmetozer1y ago

What is benefits when it is compared to dnsmasq and hostblock list ?

epstein1y ago

No for windows?

himurae1y ago

Blocky is best adblocker its lightweight unlike adguard just a simple yml file its dns queries are faster than adguard imo i run it as a container on VYOS (best router software imo)

j / k navigate · click thread line to collapse