====== E) Ads Blocking without opnSense ======

You have already installed the DNS service to manage your home network DNS (and DHCP), so you can easily use it to filter ads as well. 

First of all you need a good, comprehensive and up-to-date **block list**. I suggest you using the official [[https://oisdl.nl|OISD]] blocklist, but there are tons out there for you to pick and choose.  Just check out that your preferred supplier use the format you need (Unbound or DNSMasq).

==== Ad Blocking with Unbound ====

Download the block list for the first time by hand:
<code bash>
wget 'https://big.oisd.nl/unbound' -O /etc/unbound/adservers.conf
</code>

Just add a cron task to daily update your blocklist. Add the following line:
<code>
0 0 * * * wget 'https://big.oisd.nl/unbound' -O /etc/unbound/adservers.conf
</code>

to root's crontab:
<code bash>
crontab -e
</code>

To add this block list to Unbound, you need a row in the unbound configuration file like:
<code>
        include: /etc/unbound/adservers.conf
</code>
  
as i have already shown you in the [[networking:basic:dns|Unbound]] setup page, and you are all set.

==== Ad Blocking with DNSMasq ====

DNSMasq support two different ways to add blocklist. One is via custon **hosts** files, the other is via custom **configuration** files. OISD blocklists are in //configuration// files format.

To use **hosts** format, just download your file and put it somewhere (i will assume **/etc/adblock.hosts**) and add the following line to your **/etc/dnsmasq.conf**:
<code>
addn-hosts=/etc/adblock.hosts
</code>
and reload dnsmasq.

To use **configuration** format, create a folder called **/etc/dnsmaq.d** put your file inside and add the following to your **/etc/dnsmasq.conf**:
<code>
conf-dir=/etc/dnsmasq.d,*.conf
</code>
this will load any file with **.conf** extension in that folder.

Now you need to download the OISD blocklist in that folder.
<code bash>
mkdir /etc/dnsmasq.d
wget 'https://big.oisd.nl/dnsmasq2' -O /etc/dnsmasq.d/oisd.conf
/etc/init.d/dnsmasq reload
</code>

This will work in addition to the AdGuard DNS you have already setup, but this will prevent any query going out to AdGuard for those domain. This is even more efficient.

For automatic updates, just add a cron task to daily update your blocklist. Add the following line:
<code>
0 0 * * * wget 'https://big.oisd.nl/dnsmasq2' -O /etc/dnsmasq.d/oisd.conf
</code>

to root's crontab:
<code bash>
crontab -e
</code>

and you are all set.