How to remove ads from web pages and Android apps.






Install necessary packages:

opkg install dnsmasq-full iptables ndmq

Create a netfilter hook /opt/etc/ndm/netfilter.d/010-intercept-dns.sh:


[ "$table" != "nat" ] && exit 0

lan_ip=$(ndmq -p 'show interface Bridge0' -P address)

iptables -t nat -I PREROUTING -p udp -m udp --dport 53 -j DNAT --to-destination $lan_ip:65053
iptables -t nat -I PREROUTING -p tcp -m tcp --dport 53 -j DNAT --to-destination $lan_ip:65053

Make it executable:

chmod +x /opt/etc/ndm/netfilter.d/010-intercept-dns.sh

Add the following lines to the /opt/etc/dnsmasq.conf:


Download your favorite blacklist to /opt/etc/hosts. For example:

wget -O /opt/etc/hosts http://winhelp2002.mvps.org/hosts.txt

Done! Reboot your router for the changes to take effect.


  1. Make sure you have not configured custom DNS servers in the Internet Connection properties.

  2. Flush your operating system DNS cache (in Windows — ipconfig /flushdns)

  3. Close and open your web browser.



The iptables rules redirect all DNS requests to the dnsmasq. The dnsmasq uses /opt/etc/hosts as an exception list. Yandex.DNS anti-ad servers are used for the unlisted hostnames. You can replace Yandex.DNS with Norton ConnectSafe or AdGuard public servers.

41 минуту назад, ikebanat сказал:

ndmq package is not available

1. You can install packages libndm and ndmq from archive (for mipsel - http://bin.entware.net/mipselsf-k3.4/keenetic/archive/). But it's deprecated.

2. You can install package jq and use RCI interface. Something like 

wget -qO - | jq -r '.address'


