Blog on WordPress, Open LiteSpeed, CyberPanel, Linux, FreePBX

An End to Intrusive Adverts: How to Reclaim Control of the Internet at Home and Away. AdGuard Home.

Reklamy w Internecie

Autor:

Andrzej Majewski

w

, , , , ,

The modern internet is a battlefield for our attention, and adverts have become the primary ammunition. This is felt particularly acutely on smartphones, where intrusive banners and pop-up windows can effectively discourage you from browsing content. However, there is an effective and comprehensive solution that allows you to create your own protective shield, not only on your home network but on any device, wherever you are.

The Problem: Digital Clutter and Loss of Privacy

Anyone who has tried to read an article on a smartphone is familiar with this scenario: the content is regularly interrupted by adverts that take up a significant portion of the screen, slow down the page’s loading time, and consume precious mobile data. While this problem is irritating on desktop computers, on smaller screens it becomes a serious barrier to accessing information.

Traditional browser plug-ins solve the problem only partially and on a single device. They don’t protect us in mobile apps, on Smart TVs, or on games consoles. What’s worse, ubiquitous tracking scripts collect data about our activity, creating detailed marketing profiles.

The Solution: Centralised Management with AdGuard Home

The answer is AdGuard Home—software that acts as a DNS server, filtering traffic at a network-wide level. By installing it on a home server, such as the popular TrueNAS, we gain a central point of control over all devices connected to our network.

image 125

Installation and configuration of AdGuard Home on TrueNAS are straightforward thanks to its Apps system. A key step during installation is to tick the “Host Network” option. This allows AdGuard Home to see the real IP addresses of the devices on your network, enabling precise monitoring and management of clients in the admin panel. Without this option, all queries would appear to originate from the server’s single IP address.

After installation, the crucial step is to direct DNS queries from all devices to the address of our AdGuard server. This can be achieved in several ways, but thanks to Tailscale, the process becomes incredibly simple.

Traditional Methods vs. The Tailscale Approach

In a conventional approach, to direct traffic to AdGuard Home, we would need to change the DNS addresses in our router’s settings. When this isn’t possible (which is often the case with equipment from an internet service provider), the alternative is to configure AdGuard Home as a DHCP server, which will automatically assign the correct DNS address to devices (this requires disabling the DHCP server on the router). The last resort is to change the DNS manually on every device in the house. It must be stressed, however, that all these methods work only within the local network and are completely ineffective for mobile devices using cellular data away from home.

However, if we plan to use Tailscale for protection outside the home, we can also use it to configure the local network. This is an incredibly elegant solution: if we install the Tailscale client on all our devices (computers, phones) and set our AdGuard server’s DNS address in its admin panel, enabling the “Override local DNS” option, we don’t need to make any changes to the router or manually on individual devices. Tailscale will automatically force every device in our virtual network to use AdGuard, regardless of which physical network it is connected to.

image 126

AdGuard Home Features: Much More Than Ad Blocking

  • Protection against Malware: Automatically blocks access to sites known for phishing, malware, and scams.
  • Parental Controls: Allows you to block sites with adult content, an invaluable feature in homes with children.
  • Filter Customisation: We can use ready-made, regularly updated filter lists or add our own rules.
  • Detailed Statistics: The panel shows which queries are being blocked, which devices are most active, and which domains are generating the most traffic.

For advanced users, the ability to manage clients is particularly useful. Each device on the network can be given a friendly name (e.g., “Anna-Laptop,” “Tom-Phone”) and assigned individual filtering rules. In my case, for VPS servers that do not require ad blocking, I have set default DNS servers (e.g., 1.1.1.1 and 8.8.8.8), so their traffic is ignored by the AdGuard filters.

The Challenge: Blocking Adverts Beyond the Home Network

While protection on the local network is already a powerful tool, true freedom from adverts comes when we can use it away from home. By default, when a smartphone connects to a mobile network, it loses contact with the home AdGuard server. Attempting to expose a DNS server to the public internet by forwarding ports on your router is not only dangerous but also ineffective. Most mobile operating systems, like Android and iOS, do not allow changing the DNS server for mobile connections, making such a solution impossible. This is where Tailscale comes to the rescue.

Tailscale: Your Private Network, Anywhere

Tailscale is a service based on the WireGuard protocol that creates a secure, virtual private network (a “Tailnet”) between your devices. Regardless of where they are, computers, servers, and phones can communicate with each other as if they were on the same local network.

Installing Tailscale on TrueNAS and on mobile devices is swift and straightforward. After logging in with the same account, all devices see each other in the Tailscale admin panel. To combine the power of both tools, you need to follow these key steps:

  1. In the Tailscale admin panel, under the DNS tab, enable the Override local DNS option.
  2. As the global DNS server, enter the IP address of our TrueNAS server within the Tailnet (e.g., 100.x.x.x).

With this configuration, all DNS traffic from our phone, even when it’s using a 5G network on the other side of the country, is sent through a secure tunnel to the Tailscale server on TrueNAS and then processed by AdGuard Home. The result? Adverts, trackers, and malicious sites are blocked on your phone, anytime and anywhere.

Advanced Tailscale Features: Subnet Routes and Exit Node

Tailscale offers two powerful features that further extend the capabilities of our network:

  • Subnet routes: This allows you to share your entire home LAN (e.g., 192.168.1.0/24) with devices on your Tailnet. After configuring your TrueNAS server as a “subnet router,” your phone, while away from home, can access not only the server itself but also your printer, IP camera, or other devices on the local network, just as if you were at home.
  • Exit node: This feature turns your home server into a fully-fledged VPN server. Once activated, all internet traffic from your Tailnet (not just DNS queries) is tunnelled through your home internet connection. This is the perfect solution when using untrusted public Wi-Fi networks (e.g., in a hotel or at an airport), as all your traffic is encrypted and protected. If your home server is in the UK, you also gain a UK IP address while abroad.

Checking the Effectiveness of Ad Blocking

To find out how effective your ad-blocking filters are, you can visit https://adblock.turtlecute.org/. There, you will see what types of adverts are being blocked and which are still being displayed. This will help you to fine-tune your filter lists in AdGuard Home.

image 127

Summary: Advantages and Disadvantages

Creating such a system is an investment of time, but the benefits are invaluable.

Advantages:

  • Complete and Unified Protection: Blocks adverts and threats on all devices, on any network, with minimal configuration.
  • Centralised Management: A single place to configure rules for the entire household.
  • Increased Privacy and Security: Reduces tracking and encrypts traffic on public networks.
  • Performance: Faster page loading and lower mobile data consumption.

Disadvantages:

  • Requires a Server: Needs a 24/7 device like a TrueNAS server to be running.
  • Initial Setup: Requires basic technical knowledge.
  • Dependency on Home Connection: The speed of DNS responses and bandwidth (in Exit Node mode) outside the home depends on your internet’s upload speed.

The combination of AdGuard Home and Tailscale is a powerful tool for anyone who values a clean, fast, and secure internet. It is a declaration of digital independence that places control back into the hands of the user, away from advertising corporations.

KATEGORIE

Inne wpisy

Komentarze

Leave a Reply

Your email address will not be published. Required fields are marked *

Więcej wpisów