Posted: Sun Apr 30, 2017 8:31 Post subject: Whitelist in Adblocking. Does it work?
Hi guys,
I'm running "Firmware: DD-WRT v3.0-r31520M kongac (03/02/17)" on a R8000 router and using Privoxy with transparent mode. While set in that way, I'm having a particular issue with the Arlo Security Cameras, in where I can't watch a live stream, as it just times out and never connected. If I disable Privoxy, it just works again. This behavior is reproducible over and over, so it's clearly Privoxy the problem.
My idea was to add the address that Arlo uses to the whitelist section in the "Adblocking" tab. Since Arlo/Netgear uses the Amazon Servers Farm, I've checked:
.compute.amazonaws.com
.*compute.amazonaws.com <- Just in case the regex syntax was like this
And... none if this worked. Trying to view the livestreams time out and if I disable Privoxy they work just fine.
I don't want to to disable the transparent mode, as I want it to filter all the traffic in the network and not having to configure the proxy in every application/device
Would somebody please confirm me if I'm missing something here, if the syntax is fine (which line is the correct one; I think .compute.amazonaws.com should have worked), if the whitelist thing actually do anything and what else can I do to find out if there's something else that is being blocked and so, whitelist it?
Thanks in advance for any help or comments you can provide.
Posted: Tue May 02, 2017 14:03 Post subject: Re: Whitelist in Adblocking. Does it work?
Timmy1024 wrote:
And... none if this worked. Trying to view the livestreams time out and if I disable Privoxy they work just fine.
I don't want to to disable the transparent mode, as I want it to filter all the traffic in the network and not having to configure the proxy in every application/device
Would somebody please confirm me if I'm missing something here, if the syntax is fine (which line is the correct one; I think .compute.amazonaws.com should have worked), if the whitelist thing actually do anything and what else can I do to find out if there's something else that is being blocked and so, whitelist it?
I don't use this function, but try searching for "whitelist AND ad OR adbloc*"...there are many results that hopefully will help. _________________ #NAT/SFE/CTF: limited speed w/ DD#Repeater issues#DD-WRT info: FAQ, Builds, Types, Modes, Changes, Demo#
OPNsense x64 5050e ITX|DD: DIR-810L, 2*EA6900@1GHz, R6300v1, RT-N66U@663, WNDR4000@533, E1500@353,
WRT54G{Lv1.1,Sv6}@250|FreshTomato: F7D8302@532|OpenWRT: F9K1119v1, RT-ACRH13, R6220, WNDR3700v4
Transparent Mode adds a firewall rule to forward port 80 traffic to port 8118. This probably wreaks havoc on your webcam feed despite URL whitelisting. Rather than whitelisting destination URLs, consider excluding the source IPs of your webcams. I use Exclude IP with Transparent Mode to exclude several of my LAN devices from Privoxy. The secret for me was to put my excluded LAN devices in a subnet! Bonus: firewalls love subnets.
Subnet 192.168.1.0/26 - 64 static addresses for my VoIP, UPS, etc (and DD-WRT UI)
Subnet 192.168.1.64/26 - forwarded to Privoxy
Subnet 192.168.1.128/26 - forwarded to Privoxy
Subnet 192.168.1.192/26 - forwarded to Privoxy
On the Services->Services tab I assigned static addresses of 192.168.1.2 - 192.168.1.62 to my VoIP adapter and a few LAN devices (you'll do this for your webcams). This builds a 192.168.1.0/26 subnet to exclude from Privoxy.
On the Setup->Basic tab, I set dynamic address allocation for my LAN starting at 192.168.1.64 and allocating 64 addresses (191 addresses would also work) - this builds a /26 subnet(s) that will go to Privoxy.
Services->Adblocking has Privoxy enabled, Transparent Mode enabled, and Exclude IP of 192.168.1.0/26 . This excludes my LAN devices with a static address in the 192.168.1.0/26 subnet from Privoxy. _________________ [Broadcom] Asus rt-ac66u r35531 ('66 should only be factory reset through the DD UI)
Fix RT-AC66U "wl1 [2.4 GHz TurboQAM]". DD-WRT failsafe UI @ http|https://169.254.255.1/
