I have replicated a similar DNS-level adblocking software on my raspberry pi using stock dnsmasq for DNS-filtering. The part that I am interested in currently is the custom block page. I have tried configuring lighttpd using:
server.error-handler-404
to specify my custom 404 error page. This works correctly on a browser on my raspberry pi, but does not redirect 404s correctly for any of its connected clients. Can anyone point me in the right direction for how I am supposed to get this working for the client devices?
Thanks!
pihole-FTL notes that doubleclick.net is on it's block list, and so returns the address of the Pi-hole (e.g 192.168.0.1 )
Client makes a http request for the content on 192.168.0.1/ad.gif
lighttpd cannot serve ad.gif and so returns the a 404 result along with the block page ( index.php / custom.php )
index.php has some stuff written into it which essentially will change how it displays depending on the requested content:
ad.jpg will return a small placeholder graphic like this
ad.js will return a small dummy javascript line to display in the console like this
Directly accessing the domain, or ad.html (for example) will return a full block page, which includes some information such as which blocklist the domain is found on, and the ability to add it to the whitelist if the user so desires. As shown in this gif
Note the "Not Secure" in the last gif, because it is a http request, as opposed to a https request. If it were a https request, then no page/placeholder will be returned. For this reason the block page is basically useless these days (Hence it is no longer the default blocking mode provided)
(Had to go hunting through my Reddit post history for this one, I wrote it 2 years ago !)
No, not really. It would require setting up your own certificate authority, generating certificates to be used in Man-In-The-Middle attacks and then trying to get those certs on to each client. Not that hard with browswers on computers or phones but near impossible on anything like a smart device.