• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[APP][5.0+] DNS66 - Open Source Host/Ad-Blocker without Root

Search This thread

cdysthe

Senior Member
Oct 28, 2008
223
46
Gloucester, MA
Thanks! I turned on the filters yes, but for some reason Blokada won't work on this phone. The browser just hangs and times out. DNS66 works perfectly and nearly as gold a AdAway on my rooted phones.
 

Aimkaie

Member
Jan 27, 2016
15
4
Hi,
when enabling the domain filters I am getting confused by the dots. Yes, I have read the explanation in this forum, but didn't help. Just to make sure I get this right: Entering the domain filter and selecting one filter list (i.e. adaway), I have to mark it with a green dot to be enabled. After refreshing it will download the filter list and block ads according to list. OR: Do I have to mark the filter list with a red dot to be enabled???
In videos and further explanations I see both. So please, anybody explains this detailed and straight forward to me... Big Thanks!!!

Did anyone ad further filter lists (country Germany) he can recommend?!
 
Last edited:

julian_klode

Senior Member
Apr 23, 2015
280
950
Hi,
when enabling the domain filters I am getting confused by the dots. Yes, I have read the explanation in this forum, but didn't help. Just to make sure I get this right: Entering the domain filter and selecting one filter list (i.e. adaway), I have to mark it with a green dot to be enabled. After refreshing it will download the filter list and block ads according to list. OR: Do I have to mark the filter list with a red dot to be enabled???
In videos and further explanations I see both. So please, anybody explains this detailed and straight forward to me... Big Thanks!!!

Did anyone ad further filter lists (country Germany) he can recommend?!

For hosts, red means Deny, as in "Deny access to stuff listed in this entry.". Green means "Allow", you can use it to unblock an earlier entry (so you could add a hosts file as deny, and then unblock individual hosts). It's conceptually a very simple table driven firewall-like thing - look at all the allow/deny rules, the last one wins (in firewalls, usually the first rule wins, but oh well, that would have made unblocking a bit annoying).

Not sure about German ad blocking lists. I don't recall any issues with just using the default ones.
 
  • Like
Reactions: Ultramanoid

Aimkaie

Member
Jan 27, 2016
15
4
For hosts, red means Deny, as in "Deny access to stuff listed in this entry.". Green means "Allow", you can use it to unblock an earlier entry (so you could add a hosts file as deny, and then unblock individual hosts). It's conceptually a very simple table driven firewall-like thing - look at all the allow/deny rules, the last one wins (in firewalls, usually the first rule wins, but oh well, that would have made unblocking a bit annoying).

Not sure about German ad blocking lists. I don't recall any issues with just using the default ones.

Thanks for you answer. So the dots in the domain filter section have to be turned red to activate the filter list in the meaning of blocking ads.

According to a lot of introductions and videos around, you always see they are ticking the dots to green. According to your explanation this means they are actually turning of the list and unblocking it. :rolleyes:
So thanks for your reply and clearance.
 

everevil

Member
Feb 20, 2017
6
1
Memory..

Hi, i was wondering what is the average memory consumption for this app... Mine is always hovering 100mb to 170mb average... Is this normal? Why does it use quite alot of ram
 

julian_klode

Senior Member
Apr 23, 2015
280
950
It maybe a memory leak .
My average is 245 to 350.


Waiting for julian to respond what the correct issue is.

An Android memory leak? No idea. In name resolving stress tests, Android studio shows me heap sizes increasing to 20 MB; but then the GC kicks in and it's back to 12MB again. Same for reconnecting. Right now Android says 48 MB used, 78 MB top in the last 3 hours. Studio says 14MB allocated, 5 MB free. After some more reconnecting, I'm at 15MB allocated, 9MB free (so really no change in my memory use, but Android keeps increasing the overall heap size).

Obviously there can be high memory usage if there are a lot of connectivity changes events: Android is garbage collected, and does not focus on memory usage. A garbage collector means that if you reconnect, your memory usage doubles, as both the old and the new memory is kept around until a garbage collection event. And garbage collection might also differ between devices. Generally, there is no need to collect garbage until there is memory pressure - just wasting the memory is faster and more energy friendly.
 
  • Like
Reactions: Ultramanoid

LBSpeller

Senior Member
Dec 2, 2015
250
91
No memory issues here (nougat, stock, oneplus 3t)
 

Attachments

  • Screenshot_20170223-144334.png
    Screenshot_20170223-144334.png
    53.8 KB · Views: 509

julian_klode

Senior Member
Apr 23, 2015
280
950
An Android memory leak? No idea. In name resolving stress tests, Android studio shows me heap sizes increasing to 20 MB; but then the GC kicks in and it's back to 12MB again. Same for reconnecting. Right now Android says 48 MB used, 78 MB top in the last 3 hours. Studio says 14MB allocated, 5 MB free. After some more reconnecting, I'm at 15MB allocated, 9MB free (so really no change in my memory use, but Android keeps increasing the overall heap size).

Obviously there can be high memory usage if there are a lot of connectivity changes events: Android is garbage collected, and does not focus on memory usage. A garbage collector means that if you reconnect, your memory usage doubles, as both the old and the new memory is kept around until a garbage collection event. And garbage collection might also differ between devices. Generally, there is no need to collect garbage until there is memory pressure - just wasting the memory is faster and more energy friendly.

It turns out that pcap4j has several property cache things and these leak. Fixed in

https://github.com/julian-klode/dns66/commit/654c901f71de0a1faf70e0e150baeae5ffd13366

Now I'm trying to improve the reconnect memory overhead a bit.
 

julian_klode

Senior Member
Apr 23, 2015
280
950
0.3.1 leak fix and update release

This release works around a memory leak in the
pcap4j library: The pcap4j library contains a
cache of properties for the packet factory, but
the cache has no upper bound and thus grows
indefinitely - see kaitoy/pcap4j#86.

It also updates all dependencies to their
latest version.

https://github.com/julian-klode/dns66/releases/tag/v0.3.1
 

julian_klode

Senior Member
Apr 23, 2015
280
950
This release works around a memory leak in the
pcap4j library: The pcap4j library contains a
cache of properties for the packet factory, but
the cache has no upper bound and thus grows
indefinitely - see kaitoy/pcap4j#86.

It also updates all dependencies to their
latest version.

https://github.com/julian-klode/dns66/releases/tag/v0.3.1

As I feared, the F-Droid build seems to have failed. Probably missing some of the newer Android SDK components. Let's hope that can be solved in the next days.
 
  • Like
Reactions: Ultramanoid

julian_klode

Senior Member
Apr 23, 2015
280
950
I just made a tweak to the UX: I dropped the welcome screen and added a short sentence to the filter and dns lists: "Red rules block, green rules allow" for hosts, and "Green servers are enabled" for DNS.

The welcome screen was skipped often, and thus having instructions there did not really make much of a difference. All thanks goes to @franciscofranco for the idea, I did not think of it.

There will be some further tweaks: DNS server "tab" will probably switch to two-state toggles, and the item editing screen will be more specific for DNS entries. The item editing screens also have a lot of empty space at the bottom, so I'll probably add some descriptive texts there how the ordering affects things.

Widget and Quick Toggles are also on my list. One problem I'd like to address first is re-reading the hosts files when restarting the service - there's not much point in doing that if they have not changed. Also toggling the service on and off repeatedly seems to have some memory usage issues (at least compared to connectivity changes which keep the service object around but put it in some paused state). The issue might be mostly related to the host set being replaced, though (the old one becomes garbage, and then we read in the new one and the GC in its infinite wisdom increases the heap size instead of freeing the old strings first).

IPv6 would be interesting to add, but I have no real way to test that, and I would not want to crash people's devices...
 
First off.. Thanks very much! Second, I have a feature request.

What do you mean? This app does not require root.

Thanks for making this app, your truly a miraculous human being to give us this app at no cost. You're a life/money saver.

I'm on Tracfone (started with Tracfone's Samsung Centura later upgraded to an unlocked Moto X Pure from the manufacturer Motorola), with that being said, they had some of the highest data prices until recent changes... Used to the data cost about $33.33 per GB not including talk and text or the monthly service charge. That's kinda outrageous.
I would end up with 1200 Megabytes for a year. Using Opera mini with the data saving features stripped sites down to very little data, sacrificing functionality and quality. Ads was still an issue. I got used to the crappy expensive data cost for a bit..

Now I have two phones, my other one is for dev/fun purposes.. I used to use AdAway and was quite happy with how well it worked. But AdAway doesn't work on no rooted phones. And I also got into a new game with ads for gold "Bullet Force". Not wanting to have to reboot Everytime I enable/disable ads I went looking for an alternative for AdAway. I had used AfWall on my rooted devices, and Netgaurd on my nonrooted devices to block most apps from eating all my data. Netgaurd started out free but then went to expensive numerous IAPs. I hated that (while also finding out later that the non play store version could block ads) and found NoRoot Data Firewall which had domain filtering (but you have to enter 1 at a time). Eventually I found dns66.

So for my feature request... please add firewall capabilities so I can just completely block of an app from internet. Just some simple data, wifi, and LAN switches. Thanks

P.s. sorry for then run-on
 

julian_klode

Senior Member
Apr 23, 2015
280
950
So for my feature request... please add firewall capabilities so I can just completely block of an app from internet. Just some simple data, wifi, and LAN switches.

Keep an eye on issue #30. I now have an idea how to implement this. But note that as mentioned there, we only filter DNS traffic, and for blocked apps we would simply pretend any domains they request do not exist. This allows apps to easily circumvent the block by hardcoding a custom DNS server or hardcoding server IPs as a fallback. Firewall tools like NetGuard redirect all traffic through their VPN interface - that's not something I'd want to do, because that has a huge effect on battery use as far as I heard (and it takes considerably more effort to implement forwarding of various traffic types - heck, some you even cannot forward).
 
  • Like
Reactions: Ultramanoid

julian_klode

Senior Member
Apr 23, 2015
280
950
Design: App whitelisting

Cleaned up the whitelisting activity a bit. It now has app icons and switches instead of checkboxes. This consumes vastly more space, but I think it's worth it - the UX is better.

Screenshot_20170226-151215.jpg

Next step is to probably just list the whitelisted apps, and then offer an add button leading to a list of all apps. This should make things a bit nicer to look at. Then we can implement rules for the apps:

Whitelist (aka by-pass DNS66)
Blacklist (aka resolve all hostnames to NXDOMAIN)

and even do that per connection type, either by type (mobile, wifi, wimax, ethernet, bluetooth) or by metered vs. unmetered - not really sure what makes more sense there.
 
Last edited:

kzh11411

Member
Dec 29, 2016
11
0
Thank you so much for the dns66. It gets rid of all the ads in chrome now. But I am still getting ads in some of the games and apps. Can I know if there is any setting I can set up to filter out those too?
 

Top Liked Posts

  • There are no posts matching your filters.
  • 195
    Hey,

    I am the developer of DNS66, a free (GPL-3) host and ad blocker for Android 5.0 and newer. It utilises Android's VPN service to redirect DNS traffic to the local app, and filters out any blocked hosts from reaching the servers (instead responding directly with "non-existing domain").

    As it only intercepts DNS traffic it is a fairly lightweight solution and does not seem to have any measurable effect on the battery life. Given that it only blocks entire host names, it cannot block as detailed as some other ad blockers. But it still catches almost all ads on the web.

    The project can be found in the https://github.com/julian-klode/dns66 project on GitHub and you can directly install it via F-Droid: https://f-droid.org/app/org.jak_linux.dns66, the personal fdroid repository at https://jak-linux.org/fdroid/repo (updated immediately when there is a new release), or download the apk from the github releases page: https://github.com/julian-klode/dns66/releases (or use the fdroid repository listed on github

    Android 7 notice: The DownloadManager in Nougat and newer fails to download files when a VPN service is active. This affects Play Store updates and installs, and downloads in Chrome, amongst other things. Versions 0.1.3 contains a workaround for the Play Store, but other apps might still fail to download unless the bug in Android is fixed. See https://code.google.com/p/android/issues/detail?id=213341 and https://github.com/julian-klode/dns66/issues/31#issuecomment-256695500 for further details.

    Not working? For blocking issues, send me logcat via E-Mail ([email protected]). If it worked before, send a logcat for the old version as well. Note that not all ads can be blocked via DNS, so partial ad blocking is usually not a bug - If you see requests in the logcat, that means DNS66 works correctly, and I'm not going to investigate further. Issues in UI elements and stuff like that you can just report directly (especially in preview builds).

    In-App Ad Blocking: Might or might not work. Seems Google worked around VPNs blocking the ads or something. In-Browser blocking works fine.
    18
    0.5.6 release

    0.5.6 is out.

    Highlights:
    • Improved in-app ad blocking in "system apps bypass" mode - system webview now does not bypass anymore
    • Certain DNS requests where falsely rejected in 0.5.5 due to a bug in pcap4j 1.7.1, hence upgraded to 1.7.2 - This caused Conversations to fail to connect

    All changes:
    • Release 0.5.6 -
    • Update GSON to 2.8.2 -
    • Upgrade to SDK version 26 (Oreo) - That's what I'm using now, so let's build with it.
    • Update to pcap4j 1.7.2 for aitoy/pcap4#123 - pcap4j 1.7.1 had issues parsing certain packets.
    • Allow applications to bypass the VPN themselves - This might help with #193, not sure.
    • Report stopped when stopped by third party - There seems to be a more generic life-cycle problem here, as that does not seem to be the correct solution, but it at least fixes the issue as good as possible. Really gotta do that life-cycle rework.
    • Treat system webview like a browser in 'system except browsers' - System webview widgets might be running the view in some webview UID sandbox or something, not sure, but according to #125 this solves the issue. - Fixes #125
    • Don't just crash if logcat fails - Fixes #206
    • Increase update timeouts - Increase the time out for connect to 30 seconds, and the overall execution wait thing to an hour - this one really should not be timing out in the first place, otherwise you get inconsistent results.- Fixes #207
    • Re-add external storage permissions - Some vendors like Xiaomi seem to produce horribly broken systems that require external storage permission for ACTION_CREATE_DOCUMENT with CATEGORY_OPENABLE. They just pop up a toast saying to toggle on file permissions in settings, but if we do not list file permissions in the manifest, there are none to be toggled on in settings. This does not really have any effect on other Android >= 6.0 phone, as permissions have to be requested at run-time and the manifest just specifies an upper set, but it should allow Mi users to work around their horribly broken systems.

    Needless to say I'm sad about re-adding the external storage, but there seems to be a lot of broken MIUI and custom roms out there.
    14
    Version 0.6.3 released

    Versions 0.6.2 and 0.6.3 are out

    0.6.2 changes:
    • respect order of system dns servers (#382)
    • dependency updates

    0.6.3 changes:
    • Work around bug in pcap4j crashing dns66 (#373)
    • app whitelist: Fix crash when getContext() is null (#362)
    • StartFragment: Fix icon not being shown after disconnect (#361)
    • Force notifications on Oreo and above. Use notification channels to disable notifications you don't like
    • Fix crash when vpn is restarted in some situations (#360)
    • updates: Follow redirects (#338)
    • Automatically follow night/dark mode on Android 10+ (#358)

    I hope that f-droid picks them up soon, as usual my builds are available on github and in my f-droid repo.
    14
    0.5.0 released

    I just released 0.5.0. Changes since RC1:

    Code:
    Julian Andres Klode (7):
          WhitelistFragment: Correctly display changed toggle after scroll
          Configuration: Fix reading the itemsOnVpn array
          README.md: Add link to XDA
          Switch JSON I/O from JsonReader/JsonWriter to GSON
          strings: Some formatting cleanup
          Hack in the message for incomplete updates
          version 0.5.0
    
    Julien Lepiller (1):
          French translation
    
    Naofumi Fukue (1):
          japanese translation
    
    Nikolay Buzovsky (1):
          Russian translation

    An overview of changes since the last stable release is available at

    https://github.com/julian-klode/dns66/releases/tag/v0.5.0
    13
    Julian,
    I have some ideas for your app and provided you some new blocklists. I was wondering if you could hack together pi-hole to work on our local phones or take some of their features and add it to your app.
    Please see feature request:
    https://github.com/julian-klode/dns66/issues/197
    And:
    https://github.com/julian-klode/dns66/issues/196

    I saw it, the feature request is already equivalent to two others. That said, there likely won't be any new features this year anyway (at least not from me). My requirements are satisfied as is (in app log view and quick unblock/block would be nice, but it's not essential), and I have to hand in my master's thesis in January. I'd merge reasonable, understandable pull requests with unit tests, though; and will do the occasional 0.5 point release with bug fixes and updated translations.