rightpsychic.blogg.se - Openwrt adguard home

#OPENWRT ADGUARD HOME UPDATE#
#OPENWRT ADGUARD HOME FULL#

Properties bind_host, bind_port, and web_session_ttl which used to setup web UI binding configuration, are now moved to a new object http containing new properties address and session_ttl: In this release, the schema version has changed from 20 to 23. The ability to edit rewrite rules via PUT /control/rewrite/update HTTP API and the Web UI ( #1577). The UI changes are coming in the upcoming releases. The ability to set inactivity periods for filtering blocked services, both globally and per client, in the configuration file ( #951). The new command-line flag -web-addr is the address to serve the web UI on, in the host:port format.

#OPENWRT ADGUARD HOME FULL#

AcknowledgementsĪ special thanks to our open-source contributors, and as well as to everyone who filed and inspected issues, added translations, and helped us test this release! Full changelog Besides that, we've been working on internal improvements that will make it easier to add new features in future releases. NOTE: Some Docker tools may cache ENTRYPOINT and HEALTHCHECK sections, so some users may be required to backup their configuration, stop the container, purge the old image, and reload it from scratch.īugs need to be fixed, and that's just what we did in this release 🔧. They caused a lot of issues, especially with tools like docker-compose and podman. The HEALTHCHECK section and the use of tini in the ENTRYPOINT section in Dockerfile ( #5939). Incorrect setting of Parental Control cache size.Įxcessive RAM and CPU consumption by Safe Browsing and Parental Control filters ( #5896). Two unspecified IPs when a host is blocked in two filter lists ( #5972).

Default exposure of the non-standard ports 7 for DNS-over-QUIC in the Dockerfile.

To rollback this change, remove the new object log, set back log_ and verbose properties and change the schema_version back to 23. ' file ': " " ' max_backups ': 0 ' max_size ': 100 ' max_age ': 3 ' compress ': false ' local_time ': false ' verbose ': false # BEFORE: ' log_file ': " " ' log_max_backups ': 0 ' log_max_size ': 100 ' log_max_age ': 3 ' log_compress ': false ' log_localtime ': false ' verbose ': false # AFTER: ' log ': Properties starting with log_, and verbose property, which used to set up logging are now moved to the new object log containing new properties file, max_backups, max_size, max_age, compress, local_time, and verbose: In this release, the schema version has changed from 23 to 24.

Improved CPU and RAM consumption during updates of filtering-rule lists.

Ability to ignore queries for the root domain, such as NS.

Go version has been updated to prevent the possibility of exploiting the CVE-2023-29406 Go vulnerability fixed in Go 1.19.11.

AcknowledgementsĪ special thanks to our open-source contributor, as well as to everyone who filed and inspected issues, added translations, and helped us test this release! Full changelog Docker HEALTHCHECKĭocker users should note that the Docker HEALTHCHECK mechanism has been removed, since it was causing a lot of issues, especially when used with Podman and other popular Docker tools. And they were all mercilessly dealt with in this update.

It turned out that “The Big Bug” was, in fact, three smaller bugs in a trenchcoat. It took us an entire month to get to the bottom of this, and it certainly would have taken even longer if not for the awesome community members: and others.

Safe Browsing and Parental Control weren't working properly since then, which in some cases led to lowered performance, random crashes, and huge CPU spikes. Ironically, it brought about another bug.

#OPENWRT ADGUARD HOME UPDATE#

Safe Browsing and CPU spikesīack in June we released a security update to AdGuard Home with a few bugfixes. If you feel that's not enough, you can use the device internal ip, but you would need dropbare and set up an say tunnel, which would mean you would have to login via ssh inorder to access adguardhome webpage.This release improves the security of AdGuard Home and fixes a few larger issues. So when someone uses Nmap on your WAN to scan what ports are open and closed. Then in the general tab under zones set WAN zone for input and forward to drop.

You can configure the firewall to not report if a port is open or closed aka stealth ports, by disabling "Allow ping" in firewall traffic rules. Although with the default configuration of openWRT does tell those who might scan ports on your network if the port is open or closed on the WAN side. The reason being is some may change their default settings to other than 192.168.1.1 so 0.0.0.0 makes it possible for a service to find a port that is not in use by another service on the same IP.īut as others have commented, really the firewall in it's self protects from this. Most services are setup exactly the same way even openWRT itself that uses uhttpd is configured the same.