How to block Google Adsense?

Jim · April 12, 2017, 2:13pm

NethServer Version: 6.9
Module: web filter

Hello,

I have a little but irritating problem with the web filter module.
I’m using the web filter module essentially to filter publicities, propagandas for a better comfort.
But since a time ( I can’t defend when or what’s occur) some banners gone through the filter.

I would like to correct this…
As you can see in this pict, there’s a banner that com from googleads.g.doubleclick.net that normally is shoutouts be blocked.
I had already try to change the blacklist, without success.

Can you help me to understand and correct this little problem?

m.traeumner · April 13, 2017, 7:29am

Please have a look at your access.log for the urls which are opened additional to the site you want to open.
Try to block them with global blacklist.

Jim · April 13, 2017, 5:55pm

Thanks for the answer,

And you give me the right direction, the right tips:

When I tried to put “googleads.g.doubleclick.net” in the global blacklist with Safari on the Mac… MacOs transform the “googleads” in “google ads” with a space
when I insert the same syntax in the blacklist with Safari on the ipad…it’s work.

Thank you again…

Jim · May 23, 2017, 11:40am

Hi again

I’m still having issue with Google Adsense…

Actually, I’m using the Shalla blacklist and this custom blacklist:

These ads are displaying without apparent links, so I don’t know what to block…
Did you have any suggestion, please?

Edit: looking with the web inspector, I find more domains to block…
But I’m afraid that I will be able to use a javascript blocker to avoid self-hosting ads

m.traeumner · May 23, 2017, 12:47pm

Nothing at messages.log? Can you give me some more information please:

The full google domain with your search entry
Which domains you found with web inspector

Jim · May 23, 2017, 1:03pm

I add theses two ones:

stats.g.doubleclick.net
googletagservices.com

m.traeumner · May 24, 2017, 9:43am

Sorry for the mistake, it has to bee access.log (/var/log/squid/access.log/)

My access.log shows both adresses.

Jim · May 24, 2017, 12:22pm

Oh yes, one more time, really good suggestion Michael…

Thank you very much…

What do you think of this:

1495626099.519 26 192.168.144.100 TCP_MISS/403 2093 GET http://beacon.krxd.net/pixel.gif? - HIER_DIRECT/192.168.144.70 text/html
1495626099.608 169 192.168.144.100 TCP_MISS/200 640 GET http://beacon.krxd.net/optout_check? - HIER_DIRECT/23.23.110.118 text/javascript
1495626100.166 170 192.168.144.100 TCP_MISS/200 640 GET http://beacon.krxd.net/optout_check? - HIER_DIRECT/23.23.110.118 text/javascript

There’s already a strange thing…
look this pic:

The purple banner, the VIVO ads is a adclick.g.douclick.net stuff ( as you can see at the bottom of the pic.
This domain is in the blacklist

I have this with the Mac and with the ipad, so I think it isn’t a malware

Edit: @dev_team are joker allowed? i.e *.doubleclick.net…

I think the problem can be in another level:
in the squid log, we can see all that is requested by the client…
But what about stuff, or ads, push by the visited server?
is the black list is treated by shorewall from the wan to lan?

Jim · May 24, 2017, 6:58pm

All websites with this problem have a script “adsbygoogle.js”

Jim · May 25, 2017, 12:29pm

Hi,

I made a firewall object, a host with the “adclick.g.doubleclick.net” ip address ( today is the “adclick.g.doubleclick.net” the problem…)

Take a look at this pic:

At the to the “G1 portal, the Globo site news”, with the banner adclick
at the bottom right the ping
at the bottom, the firewall rule…

I made a firewall rule to drop all from adclick to “any”

And I still have the adclick banner,
the ping continue to have reply…

Edit: and yes, it’s really difficult to make a proof of concept cause of adclick.g.doucle.net is not only a unique address, but a “grap” of address.

I still thinking the adsgooglescricpt is here to dribble the proxy…
@filippo_carletti, the shorewall master, what do you think?

Jim · May 29, 2017, 2:08pm

Hi,

Sorry to continue this monologue but I would like to resolve this issue ( for me this is an issue)

There’s thing I would like to investigate, and I need some information:
Apparently, the blacklist is for squidguard only, this blacklist isn’t treated at the shorewall level.
It seem that a script can inject a banner throughout the proxy!

@dev_team, can you confirm this point?

My next question is: How can I have the exact squid configuration?

I would like to test Nethserver with Privoxy, to chain Squid/squidgard and Privoxy…
I want a good privacy and anti tracking feature on my network level…

Edit: What do you think to use fail2ban and the blacklist to do the job?

stephdl · May 29, 2017, 4:06pm

fail2ban is useless for this usage

Jim · May 29, 2017, 6:21pm

looking on the doc https://www.fail2ban.org/wiki/index.php/Features

there exactly this: Uses Netfilter/Iptables by default but can also use TCP Wrapper (/etc/hosts.deny) and many other firewalls/actions.

In this case o TCP wrapper can be the squid black list, isn’t it?
Or I’m totally wrong?

stephdl · May 29, 2017, 7:49pm

fail2ban read logs, doing regex on it and blocking an IP for a determined time, to a full access or only on certain ports. It is not a DPI, nor a squidguard like software.

I can be wrong but it is not the purpose of fail2ban

Jim · May 29, 2017, 9:47pm

No, no… you must be right, you have more experience with fail2ban than me.

Certainly the proxy chain Squid+privoxy is a better way to go…

I’m a little surprise with too few answers about this subjet…
To save bandwith and better filtering are good things for a Firewall distribution…

stephdl · May 31, 2017, 2:19am

Look at yourself by google

how to block google adsense

You will find your question here…by the way actually the simplest way is an adblock like on each computer.

Jim · June 1, 2017, 1:20pm

Yes, I’d install an adblocker in all my client…

But ( yes, with me there’s alway a “but”… I alway want more, improve things ) I want to do this adblocking at my entry network level…

I really think it could be a good, a great feature for Netserver to do fine adblocking task.
And, to justify more yet, Untangle, Pfsense, ClearOS, dd-wrt are doing the adblock task… So, that Nethserver isn’t doing this very well is not a good thing.
It will be better with this feature… and embedded feature will be better yet

Is someone want to help me to improve Nethserver this way?

m.traeumner · June 2, 2017, 7:23am

Sorry for late response, I had to much work last weeks.

Is doucclick or doubleclick in your blacklist?

I think if you have doubleclick.net in domain blacklist not url it blocks every doubleclick.net adress.

Jim · June 2, 2017, 11:36am

In my blacklist I have lot of domain in double-click.net

@dev_team:
I will suggest one more idea than can be a good improvement for Nethserver…
For those who want to block something, without using the proxy cache and/or the proxy filter, or in complementation:

To import the blacklist no only for the squidguard, but for the host list too ( any list yoyo.org , university Toulouse…)
This way with or without squid guard… Netserver will have the possibility to filter.
One more function for NethServer!!!

What do you think about this?

filippo_carletti · June 3, 2017, 9:42am

Do you think this could help?