adblock: release 4.4.3-1

* support TLDs in feeds and local block-/allowlist, e.g. to block all 'de' domains with a single entry * add active feed domains (of the feed download URLs) automatically to the local allowlist, to prevent download erros * update the feed categories of 1hosts * update and change the feed categories of hagezi: new categories are 'abusetlds', 'social', 'urlshortener' and 'nrd' (newly registered domains). The latter one required download URL changes. Please note: if you use hagezi than remove and re-add the categories in LuCI feed selection after the updae * Add an external adblock test (https://adblock.turtlecute.org/) on the DNS reporting tab, itprovides a simple way to check whether your current adblock setup is working as expected * readme update Signed-off-by: Dirk Brenken <dev@brenken.org>
2025-12-10 12:41:22 +00:00 · 2025-11-16 19:19:39 +01:00
parent 2fa5ae7647
commit 65c403a54b
5 changed files with 113 additions and 83 deletions
--- a/net/adblock/Makefile
+++ b/net/adblock/Makefile
@@ -6,8 +6,8 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=adblock
-PKG_VERSION:=4.4.2
-PKG_RELEASE:=3
+PKG_VERSION:=4.4.3
+PKG_RELEASE:=1
 PKG_LICENSE:=GPL-3.0-or-later
 PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>

--- a/net/adblock/files/README.md
+++ b/net/adblock/files/README.md
@@ -267,8 +267,8 @@ Adblock does use RAM by default and never writes to the flash space of the route
 The following feeds are just my personal recommendation as an initial setup:  
 * 'adguard', 'adguard_tracking' and 'certpl'

-In total, this feed selection blocks about 100K domains. It may also be useful to include compilations like hagezi, stevenblack or oisd.  
-Please note: don't just blindly activate (too) many feeds at once, sooner or later this will lead to OOM conditions.  
+In total, this feed selection blocks about 280K domains. It may also be useful to include compilations like hagezi, stevenblack or oisd.  
+Please note: don't just blindly activate too many feeds at once, sooner or later this will lead to OOM conditions.  

 **DNS reporting, enable the GeoIP Map**  
 adblock includes a powerful reporting tool on the DNS Report tab which shows the latest DNS statistics generated by tcpdump. To get the latest statistics always press the "Refresh" button.  
@@ -282,6 +282,11 @@ To make this work, adblock uses the following external components:
 * [CARTO basemap styles](https://github.com/CartoDB/basemap-styles) based on [OpenMapTiles](https://openmaptiles.org/schema)
 * The free and quite fast [IP Geolocation API](https://ip-api.com/) to resolve the required IP/geolocation information (max. 45 blocked Domains per request)

+**External adblock test**  
+In addition to the built‑in DNS reporting and GeoIP map, adblock users can verify the effectiveness of their configuration with an external test page. The [Adblock Test](https://adblock.turtlecute.org/) provides a simple way to check whether your current adblock setup is working as expected. It loads a series of test elements (ads, trackers, and other resources) and reports whether they are successfully blocked by your configuration.  
+
+The test runs entirely in the browser and does not require additional configuration. For best results, open the page in the same environment where adblock is active and review the results displayed.
+
 **Use the jail mode, a restrictive DNS blocklist:**
 You can enable a restrictive 'adb_list.jail' to block access to all domains except those listed in the allowlist file. Usually this list will be generated as an additional list for guest or kidsafe configurations (for a separate dns server instance). If the jail directory points to your primary dns directory, the jail blocklist replaces your default blocklist.

@@ -304,22 +309,29 @@ from            dev.adblock@gmail.com
 user            dev.adblock
 password        xxx
 </code></pre>
-Finally enable E-Mail support and add a valid E-Mail receiver address in LuCI.
+Finally enable E-Mail support, add a valid E-Mail receiver address in LuCI and setup an appropriate cron job.

-**Automatic feed updates and status reports via E-Mail**  
-For a regular, automatic update of the used feeds or other regular adblock activities set up a cron job, e.g.:
+**Automatic adblock feed updates and E-Mail reports**  
+For a regular, automatic update of the used feeds or other regular adblock tasks set up a cron job. In LuCI you find the cron settings under 'System' => 'Scheduled Tasks'. On the command line the cron file is located at '/etc/crontabs/root':

+Example 1
 ```
-# update the feeds every morning at 4 o'clock
+# update the adblock feeds every morning at 4 o'clock
 00 04 * * * /etc/init.d/adblock reload
+```

-# send a report E-Mail every morning at 3 o'clock
-00 03 * * * /etc/init.d/adblock report mail
-
-# update the feeds every hour
+Example 2
+```
+# update the adblock feeds every hour
 0 */1 * * * /etc/init.d/adblock reload
 ```

+Example 3
+```
+# send an adblock E-Mail report every morning at 3 o'clock
+00 03 * * * /etc/init.d/adblock report mail
+```
+
 **Change/add adblock feeds**  
 The adblock blocklist feeds are stored in an external JSON file '/etc/adblock/adblock.feeds'. All custom changes should be stored in an external JSON file '/etc/adblock/adblock.custom.feeds' (empty by default). It's recommended to use the LuCI based Custom Feed Editor to make changes to this file.  
 A valid JSON source object contains the following information, e.g.:
--- a/net/adblock/files/adblock.categories
+++ b/net/adblock/files/adblock.categories
@@ -1,40 +1,46 @@
-hag;multi-light;light-onlydomains.txt
-hag;multi-normal;multi-onlydomains.txt
-hag;multi-pro;pro-onlydomains.txt
-hag;multi-pro.mini;pro.mini-onlydomains.txt
-hag;multi-pro.plus;pro.plus-onlydomains.txt
-hag;multi-pro.plus.mini;pro.plus.mini-onlydomains.txt
-hag;multi-ultimate;ultimate-onlydomains.txt
-hag;multi-ultimate.mini;ultimate.mini-onlydomains.txt
-hag;threat-intelligence;tif-onlydomains.txt
-hag;threat-intelligence.medium;tif.medium-onlydomains.txt
-hag;threat-intelligence.mini;tif.mini-onlydomains.txt
-hag;anti.piracy;anti.piracy-onlydomains.txt
-hag;doh;doh-onlydomains.txt
-hag;doh-vpn-proxy-bypass;doh-vpn-proxy-bypass-onlydomains.txt
-hag;dyndns;dyndns-onlydomains.txt
-hag;fake;fake-onlydomains.txt
-hag;gambling;gambling-onlydomains.txt
-hag;gambling.medium;gambling.medium-onlydomains.txt
-hag;gambling.mini;gambling.mini-onlydomains.txt
-hag;hoster;hoster-onlydomains.txt
-hag;nsfw;nsfw-onlydomains.txt
-hag;tracker.amazon;native.amazon-onlydomains.txt
-hag;tracker.apple;native.apple-onlydomains.txt
-hag;tracker.huawei;native.huawei-onlydomains.txt
-hag;tracker.lgwebos;native.lgwebos-onlydomains.txt
-hag;tracker.oppo-realme;native.oppo-realme-onlydomains.txt
-hag;tracker.samsung;native.samsung-onlydomains.txt
-hag;tracker.tiktok;native.tiktok-onlydomains.txt
-hag;tracker.tiktok.extended;native.tiktok.extended-onlydomains.txt
-hag;tracker.vivo;native.vivo-onlydomains.txt
-hag;tracker.winoffice;native.winoffice-onlydomains.txt
-hag;tracker.xiaomi;native.xiaomi-onlydomains.txt
-hag;nosafesearch;nosafesearch-onlydomains.txt
-hag;popupads;popupads-onlydomains.txt
-hst;mini;mini/domains.wildcards
+hag;multi-light;wildcard/light-onlydomains.txt
+hag;multi-normal;wildcard/multi-onlydomains.txt
+hag;multi-pro;wildcard/pro-onlydomains.txt
+hag;multi-pro.mini;wildcard/pro.mini-onlydomains.txt
+hag;multi-pro.plus;wildcard/pro.plus-onlydomains.txt
+hag;multi-pro.plus.mini;wildcard/pro.plus.mini-onlydomains.txt
+hag;multi-ultimate;wildcard/ultimate-onlydomains.txt
+hag;multi-ultimate.mini;wildcard/ultimate.mini-onlydomains.txt
+hag;threat-intelligence;wildcard/tif-onlydomains.txt
+hag;threat-intelligence.medium;wildcard/tif.medium-onlydomains.txt
+hag;threat-intelligence.mini;wildcard/tif.mini-onlydomains.txt
+hag;anti.piracy;wildcard/anti.piracy-onlydomains.txt
+hag;doh;wildcard/doh-onlydomains.txt
+hag;doh-vpn-proxy-bypass;wildcard/doh-vpn-proxy-bypass-onlydomains.txt
+hag;dyndns;wildcard/dyndns-onlydomains.txt
+hag;fake;wildcard/fake-onlydomains.txt
+hag;gambling;wildcard/gambling-onlydomains.txt
+hag;gambling.medium;wildcard/gambling.medium-onlydomains.txt
+hag;gambling.mini;wildcard/gambling.mini-onlydomains.txt
+hag;hoster;wildcard/hoster-onlydomains.txt
+hag;nsfw;wildcard/nsfw-onlydomains.txt
+hag;tracker.amazon;wildcard/native.amazon-onlydomains.txt
+hag;tracker.apple;wildcard/native.apple-onlydomains.txt
+hag;tracker.huawei;wildcard/native.huawei-onlydomains.txt
+hag;tracker.lgwebos;wildcard/native.lgwebos-onlydomains.txt
+hag;tracker.oppo-realme;wildcard/native.oppo-realme-onlydomains.txt
+hag;tracker.samsung;wildcard/native.samsung-onlydomains.txt
+hag;tracker.tiktok;wildcard/native.tiktok-onlydomains.txt
+hag;tracker.tiktok.extended;wildcard/native.tiktok.extended-onlydomains.txt
+hag;tracker.vivo;wildcard/native.vivo-onlydomains.txt
+hag;tracker.winoffice;wildcard/native.winoffice-onlydomains.txt
+hag;tracker.xiaomi;wildcard/native.xiaomi-onlydomains.txt
+hag;nosafesearch;wildcard/nosafesearch-onlydomains.txt
+hag;popupads;wildcard/popupads-onlydomains.txt
+hag;urlshortener;wildcard/urlshortener-onlydomains.txt
+hag;abusetlds;wildcard/spam-tlds-onlydomains.txt
+hag;social;wildcard/social-onlydomains.txt
+hag;nrd-7days;domains/nrd7.txt
+hag;nrd-14days;domains/nrd14-8.txt
+hag;nrd-21days;domains/nrd21-15.txt
+hag;nrd-28days;domains/nrd28-22.txt
+hag;nrd-35days;domains/nrd35-29.txt
 hst;lite;Lite/domains.wildcards
-hst;pro;Pro/domains.wildcards
 hst;xtra;Xtra/domains.wildcards
 stb;standard;hosts
 stb;standard-fakenews;alternates/fakenews/hosts
--- a/net/adblock/files/adblock.feeds
+++ b/net/adblock/files/adblock.feeds
@@ -1,7 +1,7 @@
 {
 	"1hosts": {
 		"url": "https://raw.githubusercontent.com/badmojr/1Hosts/master/",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "VAR",
 		"descr": "compilation"
 	},
@@ -19,25 +19,25 @@
 	},
 	"adguard_tracking": {
 		"url": "https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/data/combined_disguised_trackers_justdomains.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "L",
 		"descr": "tracking"
 	},
 	"android_tracking": {
 		"url": "https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/android-tracking.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "S",
 		"descr": "tracking"
 	},
 	"andryou": {
 		"url": "https://gitlab.com/andryou/block/raw/master/kouhai-compressed-domains",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "L",
 		"descr": "compilation"
 	},
 	"anti_ad": {
 		"url": "https://raw.githubusercontent.com/privacy-protection-tools/anti-AD/master/anti-ad-domains.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "L",
 		"descr": "compilation"
 	},
@@ -55,31 +55,31 @@
 	},
 	"certpl": {
 		"url": "https://hole.cert.pl/domains/v2/domains.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "L",
 		"descr": "phishing"
 	},
 	"cpbl": {
 		"url": "https://raw.githubusercontent.com/bongochong/CombinedPrivacyBlockLists/master/NoFormatting/cpbl-ctld.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "XL",
 		"descr": "compilation"
 	},
 	"disconnect": {
 		"url": "https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "S",
 		"descr": "general"
 	},
 	"divested": {
 		"url": "https://divested.dev/hosts-domains-wildcards",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "XXL",
 		"descr": "compilation"
 	},
 	"doh_blocklist": {
 		"url": "https://raw.githubusercontent.com/dibdot/DoH-IP-blocklists/master/doh-domains_overall.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "S",
 		"descr": "doh_server"
 	},
@@ -97,25 +97,25 @@
 	},
 	"energized_blu": {
 		"url": "https://energized.pro/blu/domains.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "XL",
 		"descr": "compilation"
 	},
 	"energized_spark": {
 		"url": "https://energized.pro/spark/domains.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "L",
 		"descr": "compilation"
 	},
 	"energized_ultimate": {
 		"url": "https://energized.pro/ultimate/domains.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "XXL",
 		"descr": "compilation"
 	},
 	"firetv_tracking": {
 		"url": "https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/AmazonFireTV.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "S",
 		"descr": "tracking"
 	},
@@ -127,13 +127,13 @@
 	},
 	"hblock": {
 		"url": "https://hblock.molinero.dev/hosts_domains.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "XL",
 		"descr": "compilation"
 	},
 	"hagezi": {
-		"url": "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"url": "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "VAR",
 		"descr": "compilation"
 	},
@@ -145,31 +145,31 @@
 	},
 	"notracking": {
 		"url": "https://raw.githubusercontent.com/notracking/hosts-blocklists/master/dnscrypt-proxy/dnscrypt-proxy.blacklist.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "XL",
 		"descr": "tracking"
 	},
 	"oisd_big": {
 		"url": "https://big.oisd.nl/domainswild2",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "XXL",
 		"descr": "general"
 	},
 	"oisd_nsfw": {
 		"url": "https://nsfw.oisd.nl/domainswild2",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "XXL",
 		"descr": "porn"
 	},
 	"oisd_nsfw_small": {
 		"url": "https://nsfw-small.oisd.nl/domainswild2",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "M",
 		"descr": "porn"
 	},
 	"oisd_small": {
 		"url": "https://small.oisd.nl/domainswild2",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "L",
 		"descr": "general"
 	},
@@ -181,7 +181,7 @@
 	},
 	"phishing_army": {
 		"url": "https://phishing.army/download/phishing_army_blocklist_extended.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "S",
 		"descr": "phishing"
 	},
@@ -289,13 +289,13 @@
 	},
 	"smarttv_tracking": {
 		"url": "https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "S",
 		"descr": "tracking"
 	},
 	"spam404": {
 		"url": "https://raw.githubusercontent.com/Dawsey21/Lists/master/main-blacklist.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "S",
 		"descr": "general"
 	},
@@ -313,13 +313,13 @@
 	},
 	"utcapitole": {
 		"url": "https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "VAR",
 		"descr": "general"
 	},
 	"wally3k": {
 		"url": "https://v.firebog.net/hosts/static/w3kbl.txt",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "S",
 		"descr": "compilation"
 	},
@@ -343,7 +343,7 @@
 	},
 	"yoyo": {
 		"url": "https://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=0&mimetype=plaintext",
-		"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
+		"rule": "/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower($1)}",
 		"size": "S",
 		"descr": "general"
 	}
--- a/net/adblock/files/adblock.sh
+++ b/net/adblock/files/adblock.sh
@@ -699,7 +699,7 @@ f_list() {
 			;;
 		"blocklist" | "allowlist")
 			src_name="${mode}"
-			rset="/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}"
+			rset="/^(([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{print tolower(\$1)}"
 			case "${src_name}" in
 				"blocklist")
 					if [ -f "${adb_blocklist}" ]; then
@@ -723,7 +723,7 @@ f_list() {
 				"allowlist")
 					if [ -f "${adb_allowlist}" ] && [ "${adb_dnsallow}" != "0" ]; then
 						file_name="${adb_tmpdir}/tmp.raw.${src_name}"
-						printf "%s\n" "${adb_lookupdomain}" | "${adb_awkcmd}" "${rset}" >"${file_name}"
+						[ "${adb_lookupdomain}" != "localhost" ] && printf "%s\n" "${adb_lookupdomain}" | "${adb_awkcmd}" "${rset}" >"${file_name}"
 						"${adb_awkcmd}" "${rset}" "${adb_allowlist}" >>"${file_name}"
 						"${adb_awkcmd}" "${rset}" "${file_name}" >"${adb_tmpdir}/tmp.rem.${src_name}"
 						eval "${adb_dnsallow}" "${file_name}" >"${adb_tmpdir}/tmp.add.${src_name}"
@@ -744,7 +744,7 @@ f_list() {
 			fi
 			case "${src_name}" in
 				"google")
-					rset="/^\\.([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{printf \"%s\n%s\n\",tolower(\"www\"\$1),tolower(substr(\$1,2,length(\$1)))}"
+					rset="/^(\\.([[:alnum:]_-]{1,63}\\.)*[[:alnum:]-]{2,63}([[:space:]]|$))/{printf \"%s\n%s\n\",tolower(\"www\"\$1),tolower(substr(\$1,2,length(\$1)))}"
 					safe_url="https://www.google.com/supported_domains"
 					safe_cname="forcesafesearch.google.com"
 					if [ -s "${adb_backupdir}/safesearch.${src_name}.gz" ]; then
@@ -878,8 +878,8 @@ f_list() {
 			file_name="${adb_finaldir}/${adb_dnsfile}"
 			rm -f "${file_name}"
 			[ -n "${adb_dnsheader}" ] && printf "%b" "${adb_dnsheader}" >>"${file_name}"
-			[ -s "${adb_tmpdir}/tmp.add.iplist" ] && "${adb_catcmd}" "${adb_tmpdir}/tmp.add.iplist" >>"${file_name}"
-			[ -s "${adb_tmpdir}/tmp.add.allowlist" ] && "${adb_catcmd}" "${adb_tmpdir}/tmp.add.allowlist" >>"${file_name}"
+			[ -s "${adb_tmpdir}/tmp.add.iplist" ] && "${adb_sortcmd}" ${adb_srtopts} -u "${adb_tmpdir}/tmp.add.iplist" >>"${file_name}"
+			[ -s "${adb_tmpdir}/tmp.add.allowlist" ] && "${adb_sortcmd}" ${adb_srtopts} -u "${adb_tmpdir}/tmp.add.allowlist" >>"${file_name}"
 			[ "${adb_safesearch}" = "1" ] && "${adb_catcmd}" "${adb_tmpdir}/tmp.safesearch."* 2>/dev/null >>"${file_name}"
 			if [ "${adb_dnsdeny}" != "0" ]; then
 				eval "${adb_dnsdeny}" "${adb_tmpdir}/${adb_dnsfile}" >>"${file_name}"
@@ -1150,7 +1150,7 @@ f_log() {
 # main function for blocklist processing
 #
 f_main() {
-	local src_tmpload src_tmpfile src_name src_rset src_url src_cat src_item src_list src_entries src_suffix src_rc entry cnt
+	local src_tmpload src_tmpfile src_name src_domain src_rset src_url src_cat src_item src_list src_entries src_suffix src_rc entry cnt

 	# allow- and blocklist preparation
 	#
@@ -1215,6 +1215,9 @@ f_main() {
 			adb_feed="${adb_feed/${src_name}/}"
 			continue
 		fi
+
+		# get feed information
+		#
 		json_get_var src_url "url" >/dev/null 2>&1
 		json_get_var src_rset "rule" >/dev/null 2>&1
 		json_select ..
@@ -1231,6 +1234,15 @@ f_main() {
 			continue
 		fi

+		# add domains of active feed URLs to the allowlist
+		#
+		src_domain="${src_url#*://}"
+		src_domain="${src_domain%%/*}"
+		if [ -n "${src_domain}" ] && [ "${adb_dnsallow}" != "0" ] && ! "${adb_grepcmd}" -qxF "${src_domain}" "${adb_tmpdir}/tmp.raw.allowlist"; then
+			printf "%s\n" "${src_domain}" >>"${adb_tmpdir}/tmp.raw.allowlist"
+			eval "${adb_dnsallow}" "${adb_tmpdir}/tmp.raw.allowlist" >>"${adb_tmpdir}/tmp.add.allowlist"
+		fi
+
 		# download queue processing
 		#
 		src_cat=""
@@ -1465,7 +1477,7 @@ f_report() {
 						json_get_keys details >/dev/null 2>&1
 						json_get_var rc "rc" >/dev/null 2>&1
 						json_get_var domain "domain" >/dev/null 2>&1
-						if [ "${rc}" = "NX" ] && ! "${adb_catcmd}" "${map_jsn}" 2>/dev/null | "${adb_grepcmd}" -q "${domain}"; then
+						if [ "${rc}" = "NX" ] && ! "${adb_catcmd}" "${map_jsn}" 2>/dev/null | "${adb_grepcmd}" -qxF "${domain}"; then
 							(
 								"${adb_fetchcmd}" ${adb_geoparm} "${adb_geourl}/${domain}" 2>/dev/null |
 									"${adb_awkcmd}" -v feed="${domain}" '{printf ",{\"%s\": %s}\n",feed,$0}' >>"${map_jsn}"