Outbound tracker blocking for Surf SOHO?

Could a tracker blocking database feature be added to the outbound firewall rules for the SURF SOHO, analogous to the web content filtering database for inbound ad traffic ? A recent Norwegian consumer organization found over 200 tracking sites were being contacted by a handful of popular apps. (There are overlaps between the tracking sites listed in the Norwegian study and the ad sites in the Peplink web content filtering database.) Having tracker blocking within the router would be a valuable privacy feature, which would extend protection beyond browser-based tracker blocking to apps and all LAN devices.

May I suggest one approach to handle this? We have several “PiHole” installations – https://pi-hole.net/. This involves using a raspberry pi and free software as a DNS server. As I write this I see the PiHole at my present location is reporting having blocked about 32% of DNS inquiries and there are about 125,000 sites on the “no go list.” We’ve built about a dozen PiHoles and found this approach to be highly reliable. In a couple of cases we use an additional PiHole accessible via PepVPN as a back-up DNS.

2 Likes

Another vote for PiHole. Pretty easy and straightforward to setup. What got me was configuring it on my Surf SOHO.

You can’t have DNS proxy enabled otherwise I think you end up in a kind of DNS lookup endless loop.

It’s been running for a few months without any problems. Just SSH into it every month to update Linux and any pihole updates when available.

You could also configure some additional content blocking by TLDs as listed by Palo Alto Networks that have been reported as being popular for malaware etc.

Here’s my configuration:

The .to TLD is the most popular amongst hackers. Amazon uses it for its own URL shortener for product links, so a little annoying but I don’t usually come across too many of those.

2 Likes