Pihole or OpenWRT

I am struggling to understand the fascination with the PiHole. Over a WRT real firewall, it's a vastly inferior solution beyond Ad blocking. Which in itself is a dirty problem. Ad blocking users are like strict vegans in my books. Saving all those pigs and cows, but they are still there in plain sight for the rest of us.

I am trying to create a test or simulation network that simulates a Corporate LAN with limited egress ports and address wise. The Pihole is useful because it is a DNS only solution, but when the device under test is not under complete control, you cannot use blacklists alone to control all network blockages, especially ones that do not require DNS or who use a private DNS or secure DNS. You have no way of knowing what traffic slips past without adding a sniffer. Yet another tool. turns out there is a image for Rpi (4) https://downloads.openwrt.org/snapshots/targets/brcm2708/bcm2711/ . My Pi is not here, else I would try this image out right now. Anyway, leaving this note here in the blog for later when I can find my raspi.

My end use case is most commonly an iPhone, which does support Ad blocking in a browser, but I'm not using Safari, so a lot of Google search results show apps that purport to block adds. But they are all just browser plugins. I have no idea why the word Safari barely appears in any of the app title descriptions. Apple app store publisher rules are not slipping I hope.


  1. My problem with iOS firewall apps, they are not firewalls. like this one, its a VPN, not a firewall. https://apps.apple.com/us/app/lockdown-apps/id1469783711 So you cannot use it at the same times as a VPN. Brilliant engineering to solve a problem by using a hammer when a screwdriver was asked for.

  2. Another one, it's also a VPN https://www.wired.com/story/guardian-firewall-ios-app/ , also useless for use behind a corporate network router, and also requiring a monthly subscription. The future is cloudy it seems.


Post a Comment