Making magic with the network stack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

105 lines
6.5 KiB

  1. Ad Blocking with NetGuard
  2. -------------------------
  3. Instructions (you need to follow **all** the steps):
  4. 1. Download/install the latest NetGuard version [from GitHub](https://github.com/M66B/NetGuard/releases) (ad blocking is not possible with the Play store version because Google does not allow ad blocking apps in the Play store)
  5. 1. Enable the setting *'Filter traffic'* in the advanced options (three dot menu > Settings > Advanced options > Filter traffic; default is disabled except always enabled in Android 5.0 and earlier)
  6. 1. Enable the setting *'Block domain names'* in the advanced options (three dot menu > Settings > Advanced options > Block domain names; default is enabled)
  7. 1. Import or download [a hosts file](https://en.wikipedia.org/wiki/Hosts_(file)) using the NetGuard backup settings (three dot menu > Settings > Backup > Download hosts file)
  8. 1. Disable browser compression (in Chrome: three dot menu > Settings > Lite mode > Off)
  9. 1. Wait at least 10 minutes to let the Android DNS cache time out (clear via Chrome: [chrome://net-internals/#dns](chrome://net-internals/#dns))
  10. 1. Test to see if ad blocking works by opening [this page](http://www.netguard.me/test)
  11. 1. Enjoy ad blocking, but don't forget to support application developers and website authors in other ways
  12. <br />
  13. Troubleshooting:
  14. Because of routing bugs, some devices/Android versions require:
  15. * the advanced option *Manage system applications* to be enabled and/or
  16. * the network option *Subnet routing* to be disabled and/or
  17. * two (not just one) DNS server addresses to be set in the advanced options, for example 8.8.8.8 and 8.8.4.4 or more privacy friendly [these](https://dns.watch/)
  18. * disabling of private DNS
  19. <br />
  20. Note that:
  21. * applications, like web browsers, may cache data, so you may need to clear caches
  22. * applications, browsers mostly, that have a *"data saver"*-like feature that proxies requests through their servers (eg. Opera w/ Turbo, Opera Max, Puffin, Chrome w/ data saver, UC Browser, Yandex w/ Turbo, Apus Browser, KK Browser, Onavo Extend, Maxthon) will not have ads blocked as NetGuard cannot see those domain requests
  23. * applications, browsers mostly, can have a private DNS feature (Chrome: three-dots menu, Settings, Privacy, Use secure DNS, turn off) **
  24. * applications, including browser, can be system apps, which require managing system apps in the advanced settings to be enabled
  25. * the Android always-on VPN setting *Block connections without VPN* will result in stop sending domain names to the VPN after some time
  26. * YouTube ads are not domain-based, and thus cannot be blocked with NetGuard
  27. * NetGuard ignores the IP addresses in the hosts file, because it does not route blocked domains to localhost
  28. * When NetGuard imports the hosts file, it automatically discards any duplicates entries, so duplicate entries are not a problem and have no performance impact after the file is imported
  29. * you can check the number of hosts (domains) imported by pulling the NetGuard notification down using two fingers if your version of Android supports that functionality
  30. * wildcards are not supported due to performance and battery usage reasons
  31. * it is not possible to edit the hosts file (change/add/delete domain names) with NetGuard
  32. * you can disable ad blocking by disabling the setting *'Block domain names'* in the advanced options
  33. * you cannot exclude a single app from ad blocking because Android resolves domain names on behalf of all apps
  34. * **ad blocking is provided as-is**, see also [here](https://forum.xda-developers.com/showpost.php?p=71805655&postcount=4668)
  35. * **ad blocking is not available when NetGuard was installed from the Google Play store!** (disable automatic updates of NetGuard in the Play store application)
  36. ** Some browsers (and also apps) now use DNS over TLS (DoT) or DNS over
  37. HTTPS (DoH). If one of the two protocols is active in the browser,
  38. NetGuard cannot "see" the outgoing DNS requests (due to encryption).
  39. They still flow through NetGuard, but are not treated as DNS requests,
  40. but as normal connections (via port 853 or 443). It is therefore not
  41. sufficient to disable Private DNS within Android, but you must also
  42. check the settings for DoT and DoH (especially for browsers).
  43. <br />
  44. The NetGuard version from GitHub:
  45. * is signed with the same signature as the version from the Google Play store, so any purchases will be restored (this will not happen with for example the F-Droid version)
  46. * will automatically notify you if there are updates available via GitHub (this can be switched off in NetGuard's settings)
  47. <br />
  48. Which hosts (ad servers) will be blocked depends on the hosts file being used.
  49. NetGuard downloads the [StevenBlack hosts file](https://github.com/StevenBlack/hosts) by default.
  50. <br />
  51. Automation:
  52. You can automatically download a hosts file by sending this service intent with your favorite automation tool, like Tasker:
  53. `eu.faircode.netguard.DOWNLOAD_HOSTS_FILE`
  54. For example using [adb](https://developer.android.com/studio/command-line/adb.html) from the command line:
  55. `adb shell am startservice -a eu.faircode.netguard.DOWNLOAD_HOSTS_FILE`
  56. <br />
  57. Apart from using a hosts file, you can block most in-app ads by blocking this address in the access list of Google Play services:
  58. *googleads.g.doubleclick.net/443*
  59. You'll need to enable filtering and (temporarily) logging for this (you can do this by using the *Configure* button; check both options)
  60. and you'll need to wait until the address appears (you can speed this up by opening some apps with in-app ads).
  61. Note that ads are likely being cached, so this may not take effect immediately.
  62. <br />
  63. An alternate way to block advertisements is by using special DNS servers, like these:
  64. * [AdGuard DNS](https://adguard.com/en/adguard-dns/overview.html) - Free
  65. * [Alternate DNS](https://alternate-dns.com/) - 14 day free trial
  66. * [NoAd](https://noad.zone/) - Not working as of 2017 June 03
  67. Be sure to read the privacy policies of these services as they might log your DNS requests.
  68. You can set DNS server addresses for all connection types in NetGuard's *Advanced options*.
  69. Note that when you set two DNS server addresses, the default (operating system/network provider) DNS servers will not be used anymore.
  70. Feel free to let me know about other servers or request to add them in alphabetic order by doing a pull request.
  71. <br />
  72. **Please do not mention this feature in Google Play store comments, since Google does not allow ad blocking applications in the Google Play store.**