Hi Guys is there a smart way to block these Advertising Networks?
Greetings Neo
I'm using this as a proxy filter list: http://pgl.yoyo.org/adservers/serverlist.php?hostformat=&showintro=1&startdate%5Bday%5D=&startdate%5Bmonth%5D=&startdate%5Byear%5D=&mimetype=plaintext
But a bit too often, pages don't work at all or load very very slowly.
thank you for your recommendation will try this.
Since it has squid inside we can do it precisely here.
1. goto services --> proxy server
2. look for Remote Access Control List tab
3. add new Remote Blacklist
4. put file name (any you like, I used adserver.txt)
5. put the URL http://bit.ly/squidadserver (it short url link to Yoyo Adserver project which the most up-to-date and committed to update daily) The link use the SQUID distdom_regex which this Opnsense Proxy server fully understand ;))
6. Save changes
7. Test by goto any website with ads, you will see the Ads will be blocked and show the Squid error page instead. --> I have no time to do update my Squid error page to Blank Page, if some one can do and upload the instruction to update code would be very good.
8. Since Yoyo do daily update you can set the Schedule with Cron to do 24 hours update the Adserver list. So now to get upto date.
Hope you like as i do :)
My screen shot
(https://dl.dropboxusercontent.com/u/46729331/proxyadserverblock.jpg)
(https://dl.dropboxusercontent.com/u/46729331/2015-11-02_13-08-36.jpg)
thanks anas
anas for dummies do i need to enable my proxy and set it up on every client?
It depends on what you want to do. You can selectively set up clients to use the proxy explicitly (Firefox even has a per-Browser config), or you want to use the transparent proxy to proxy *all* clients without making them aware of the firewall setup.
All Traffic what's going through the opnsense.
But it will need a high amount of resources right?
That's the downside, unless you want to tweak the redirect rule to only include certain hosts or subnets. You can do that with an alias for example. :)
You can post the specification of your hardware and number of user sessions on the internet (estimate will do), then I can let you know whether it's enough to handle it or not.
Or, just try it yourself rightaway ;) I would rather go for transparent Proxy, that you could control ads on network.
@ your user will see the Squid error page on block ads instead.. I think your user prefers watching Ads rather than Squid error page LOL....
Actually the best way to block Ads is using DNS domain override. But it just has no one develop ACL list base on files/URL as it has done on proxy server. Otherwise, we all never need to worry about hardware resources and Squid error page. ;)
Hopefully, OPNSENSE team would consider it. ;D