Opnsense blocking ads for iOS?
from somedev@aussie.zone to selfhosted@lemmy.world on 30 Nov 02:35
https://aussie.zone/post/15690933
from somedev@aussie.zone to selfhosted@lemmy.world on 30 Nov 02:35
https://aussie.zone/post/15690933
Hey all, I can’t seem to block ads in Jetpack Joyride on iOS. In using Unbound on Opnsense and I thought I had pretty good coverage - unless iOS uses a different manner to get ads on there?
threaded - newest
Almost every ad platform is moving to have their ad DNS server names into the same mix as content servers. Without packet sniffing they are practically indeterminate.
Current list off the top of my head: YouTube, Netflix, Peacock, Disney, Paramount+.
It’s more costly for them, but 🤷
You have an outdated app that isn’t aware of that. Keep it until they force you to upgrade.
Not sure why you’re downvoted; this is what’s happening.
Don’t believe me? Try blocking ads on IMDB using DNS blacklisting ONLY AND still get the site to load properly.
Guy who posted wants a fix. That’s the downvote.
Then he shouldn’t have asked a question if he isn’t open for answers. If an answer is obviously wrong or dismissive of some important detail I would understand it. But if the complaint is It’s not a one-click-fix or I don’t understand what you’re talking about then that’s the best way of not learning anything and not solving the problem.
Google devices (so maybe apple ones as well) sometimes hard code the dns server so you need to redirect dns request to you local unbound instance with a firewall rule.
And sometimes Google breaks your shit when you do that (Chromecast Ultra).
Apple devices support changing the DNS server through the wifi settings.
On Android you have to disable the use of Private DNS (or something like that) in the WiFi settings. If this is enabled it will not use your WiFi’s broadcast DNS, but a predefined one. The reasoning behind this (you can believe this or not) is so that on public WiFis your DNS queries cannot be tracked or manipulated by setting up a local DNS.
I can imagine there is something similar for iOS.
If this only affects some apps then they have decided to hardcore their DNS servers. The only thing you can do now is to identify these and block the calls, but this may also break other stuff if the servers are not only used to resolve ad URLs.
The private DNS function is also very useful if you manually set it to an ad blocking DNS server.