New blog post up ➱ https://sij.law/vpn-vitals-scripts/

So, on a lark, I got the cheapest EU cloud instance I could find, and I set up #AdGuard and enabled #DNSoverHTTPS.

Then I loaded the #DoH profile into my mobile devices and now I have ad blocking, encrypted DNS no matter where I am.

This is a huge quality of life improvement, one fewer vector for #ads to attack my mental health.

Una semana usando #AdGuard en lugar de #uBlock Origin y no noto que funcione peor, es más, noto todo más fluido y sin cuelgues en Youtube.

I was talking to my kids last night a bit about why I put #AdGuard on the network. They were complaining about having to go off wifi to watch ads in their games.

Me: But the trackers!
Them: wat

Does anyone have a good video aimed at young people about why you should care about online #privacy?

The Great #Blocklists to prevent all #Mozilla spying and data collecting efforts on their users.
#Adguard #Zen #SwitchHosts #Hosty #Opensnitch #personelDNSfilter #Netguard #Adaway @ublockorigin #mozillaBlocker #telemetry #tracking #privacy

https://github.com/privacyfilters/Mozilla-Blocker

Which is better for blocking not just ads, but also undesirable sites?

I'd like to block all #Meta disservices like #Facebook and #WhatsApp network-wide.

Pihole on Freebsd? noGo and it is limited compared to Blocky
So a bit of searching did the trick:

I setup Blocky Grafana Prometheus node-exporter and more on a Freebsd jail to block ads / get insight into my network (and peers).

I used these guides and they helped me a lot: thanks to the authors!

Monitoring setup:
https://mostly-bsd.github.io/post/monitoring/
Blocky
https://riesinger.dev/posts/ha-dns-adblocking-with-blocky/
Dashboard for Blocky (and postgres):
https://grafana.com/grafana/dashboards/17996-blocky-postgres/

dummy screenshots ;)

Once again having problems with #Quad9 #DNS in my #AdGuard Home DNS server (slow & unsuccessful queries). Disabling Quad9 now once and for all!

Secondo voi una zimaboard come reggerebbe un carico di lavoro con istanze di bitwarden immich nexcloud adguard Jellyfin e proxinginx ? #ZimaBoard #linux #ubuntu #bitwarden #immich #nextcloud #adguard #Jellyfin #proxinginx #mastoaiuto #boostme

uBlock Origin is a content blocker that supports the AdGuard URL Tracking filter, it may not be enabled by default.

The URL Tracking filter enhances privacy by removing tracking parameters from a URL.

Enable: Dashboard > Filter Lists > Privacy > AdGuard URL Tracking Protection (select checkbox) > Apply Changes

AdGuard post: https://adguard.com/en/blog/adguard-url-tracking-filter.html
URL: https://en.wikipedia.org/wiki/URL

Website: https://github.com/gorhill/uBlock

The old saying “A watched pot never boils”… this is how I feel right now reinstalling and upgrading a #RaspberryPI.

Something is wrong with archive.raspberrypi.org right now, slow as a wet weak to download anything. Had to get the image via Torrent, and apt-get is crawling. @Raspberry_Pi

And my god, #AdGuard Home is an arse to setup from your previous config. Seriously, this close to switching to #PiHole.

It's always DNS, right? If someone experiencing some strange issues with ubuntu, maybe this toot is for you.

tl;dr: switch from systemd-resolved to resolvconf.

I thought, the saying from the beginning was just something from the "old days". No DNS Problems in 2024 anymore, right? But Ubuntu taught me different.

Ubuntu is using systemd-resolved since 20.04 (if I'm correct). But I was shocked, when I was looking at my uptime kuma Container on a Ubuntu 22.04 LTS Host. It was constantly failing. Sometimes 3 services at the same time, sometimes just 1 service a day. One Check suddenly failed. 60 seconds later, the next check, switched back to green again. But all fails had the same error message: "getaddrinfo ENOTFOUND domain.com". Doesn't matter if they were internal domains or external. Sometimes some of them just failed.

I thought it could be an old Firewall Applience that were running at like 120% system utilization and were serving DHCP and (with this) internal DNS. But no. Not even high latencies from that Firewall. Then I thought it might be AdGuard (in a Docker Container). So I switched to PiHole. But the problems were still the same.

Then I turned on debug logs of systemd-resolved and found out that sometimes it was switching to the secondary DNS Server for whatever reason and just attaching the search domain to the following requests:

1. AAAA of demodomain.com
--> no answer (because only A were available)
2. A of demodomain.com
--> somehow failed, systemd-resolved switched to second DNS (debug log of systemd-resolved is hard to read, not sure why it somehow failed)
3. AAAA of demodomain.com.local
--> it just attached the searchdomain of the system to the domain which now resulting in errors from all following DNS Server

After another round of wrong requests it suddenly get back his head. But in the meantime, uptime kuma already failed.

The solution in my case: switch "back" to resolvconf package on Ubuntu. Which comes to at least one downside: it seems to not have an interface to netplan and/or networkmanager (which leads to manual creating and managing of resolv.conf, not via DHCP, bummer). But after I switched: Everything is working fine and without any problems since days.

"We" also have an open bug report since 3 years: https://github.com/systemd/systemd/issues/21123

It's not exactly the same issue, but I think the root cause is connected somehow: it seems to be a problem of IPv6.
But a) I need (or better: want) IPv6 in my case/that network and b) WTF? How can this be a good solution to turn off IPv6 (https://github.com/systemd/systemd/issues/21123#issuecomment-2028976737)? Not to mention that we still need a solution for Post-IPv4.

By the way: If you still experiencing DNS issues inside Docker Container, maybe Alpine could be another issue: https://martinheinz.dev/blog/92

@haruki_zaemon I haven’t fully converted to @protonmail but I do use their #VPN religiously with the #NetShield on, and that supposedly blocks a lot of email trackers. I also use #AdGuard on my home router, and #uBlockOrgin & #PrivacyBadger in #Firefox private mode. If they’re getting my info they’re gonna have to work for it.

Can I block the operation of an #Aternity browser extension by using a custom filter on #AdGuard on my router? Or perhaps using a @protonmail VPN config on my router?

I really don’t like my big bad business daddy digging into my personal health #data, communications, etc., & I don’t have admin rights on my PC to disable/remove it.