Skip to content

Installing on stock AsusWRT

Jump to bottom
Jack'lul edited this page Jun 24, 2024 · 2 revisions

This method utilizes scripts from jacklul/asuswrt-script repository.

Install main startup script: https://github.com/jacklul/asuswrt-scripts#installation
Read the warning carefully and apply mentioned workaround when needed.

Install required scripts:

curl -fsSL "https://raw.githubusercontent.com/jacklul/asuswrt-scripts/master/scripts/entware.sh" -o /jffs/scripts/entware.sh
curl -fsSL "https://raw.githubusercontent.com/jacklul/asuswrt-scripts/master/scripts/custom-configs.sh" -o /jffs/scripts/custom-configs.sh
curl -fsSL "https://raw.githubusercontent.com/jacklul/asuswrt-scripts/master/scripts/hotplug-event.sh" -o /jffs/scripts/hotplug-event.sh
curl -fsSL "https://raw.githubusercontent.com/jacklul/asuswrt-scripts/master/scripts/service-event.sh" -o /jffs/scripts/service-event.sh
chmod +x /jffs/scripts/*.sh

Plug your USB storage to your router if you didn't already.

Install Entware:

/jffs/scripts/entware.sh install /tmp/mnt/sda
# replace sda with the actual mounted storage name

Install Pi-hole package: https://github.com/jacklul/entware-pi-hole#installation

Create /jffs/scripts/dnsmasq.postconf:

#!/bin/sh

# ignore firmware defined servers
sed -e '/^resolv-file=/ s/^/#/' -i "$1"
sed -e '/^servers-file=/ s/^/#/' -i "$1"

# Pi-hole's Local DNS won't work with this option
sed -e '/^stop-dns-rebind/ s/^/#/' -i "$1"

# let Pi-hole handle DNSSEC if needed
sed -e '/^dnssec/ s/^/#/' -i "$1"

# comment existing server= entries
sed -e '/^server=/ s/^/#/' -i "$1"

# define server to forward queries to
sed "/servers-file/{n;s/^/server=127.0.0.1#5053\n/}" -i "$1"

# prevent the router from forwarding reverse lookups further
! grep -q "bogus-priv" "$1" && sed "/^server=/{n;s/^/bogus-priv\n/}" -i "$1"
! grep -q "domain-needed" "$1" && sed "/^server=/{n;s/^/domain-needed\n/}" -i "$1"

# forward origin IP and MAC address
sed "/^server=/{n;s/^/add-subnet=32,128\n/}" -i "$1"
sed "/^server=/{n;s/^/add-mac=text\n/}" -i "$1"

Edit /opt/etc/pihole/pihole.toml and modify:

[dns]
  port = 5053
  interface = "lo"
  listeningMode = "BIND"
  revServers = [
    "true,192.168.1.0/24,127.0.0.1#53,lan"
  ]

[webserver]
  port = "5080,[::]:5080,5443s,[::]:5443s"

[misc]
  dnsmasq_lines = [
    "strip-subnet",
    "strip-mac"
  ]

Change 192.168.1.0/24 to match your LAN network.

(optional) Add 'pihole' user in USB Application -> Servers Center -> Samba, you will also need to install sudo package with opkg.

In your router's web UI go to LAN -> DHCP Server and make sure Advertise router's IP in addition to user-specified DNS is turned on and no other DNS server is set in that section (DNS set on the WAN page should be external).

Start everything up:

/jffs/scripts/hotplug-event.sh start
/jffs/scripts/service-event.sh start
/jffs/scripts/custom-configs.sh start
/opt/etc/init.d/S55pihole-FTL start
service restart_dnsmasq
/jffs/scripts/custom-configs.sh run

Access Pi-hole's web UI at asusrouter.com:5080 or asusrouter.com:5443.

Clone this wiki locally