Step 1: Install block-list script

Create a new script named /overlay/update-adblock.sh

#!/bin/ash
dummyhost="0.0.0.0"

echo -n "updating domains list..." wget -q -O- "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=dnsmasq&showintro=0&mimetype=plaintext"|grep address >/var/adblock.domains sed -i s/127.0.0.1/$dummyhost/g /var/adblock.domains echo " done"

echo -n "updating adhosts list..." wget -q -O- http://winhelp2002.mvps.org/hosts.txt|grep "0.0.0.0" >/var/adblock.hosts sed -i -e 's/\r//g' /var/adblock.hosts sed -i -e 's/0.0.0.0/$dummyhost/g' /var/adblock.hosts echo " done"

echo -n "restarting dnsmasq..." /etc/init.d/dnsmasq restart echo " done"

Make it executable

chmod +x /overlay/update-adblock.sh

Force creation of files at boot and create a scheduled run (I'll use 07:23 every Sunday) with crontab -e

@reboot                 touch /var/adblock.domains /var/adblock.hosts
23 7         * * 0         /overlay/update-adblock.sh

Step 2: Add additional config for dnsmasq

Add the following line to /etc/dnsmasq.conf

conf-file=/var/adblock.domains
addn-hosts=/var/adblock.hosts

Make sure that these files exists at boot, or else dnsmasq will fail. Add the following lines to /etc/rc.local

touch /var/adblock.domains
touch /var/adblock.hosts

Step 3: Update and restart dnsmasq

Run the update manually with /overlay/update-adblock.sh

Now all your hosts on your network will be redirected to the dummyhost for the blocked domains and hosts. The lists will also be regulary updated. For further security, block outgoing DNS directly from clients (only allow the router to be source of DNS on your network)