BinaryDichotomy
New Member
I have been diving into the various Adguard for Windows, iOS, DNS, etc in an effort to replace an aging system utilizing NextDNS + uBlocker/1blocker/etc browser extensions, with internal shared lists via git repos. We even got uBlock working almost entirely automatically using git + various scripts, but it felt hacky at best. The task is to find a suite that covers all platforms + scenarios (on a domain) with minimal overheard once the system is built. As it is now, we've got AdGuard for DNS running as forwarders on our DC's, kind of as a "catch all" for any traffic that either falls through rules or network changes, using DNS conditionals and other scripting.
AdGuard for iOS/Windows/Android etc cover all of the platforms, and then browser extensions -- which shares common rules with the AdGuard proxy, nice touch -- are the top layer, where requests originate. All of that is working beautifully, especially AdGuard for DNS which is much better than NextDNS. The issue is in keeping rules engines sync'd. AdGuard for DNS rules serve as the "single source of truth", meaning, those rules should be replicated in all other rules lists, e.g. rules for AdGuard for Windows, then mobile devices on iOS and Android, etc. The format for the rules lists is the exact same (@@||domainname.com^), so using the built-in exporting and then importing them on other platforms works doing it by hand. This doesn't scale.
Ideally, the AdGuard for DNS rules list is the single source of truth which gets replicated to Windows/*nix, and mobile devices. Having the same rules is repetitive, but it ensures that no matter what client is on which network, a version of the rule is getting hit in the http request pipeline. Ideally at the browser and reverse proxy level. Having AdGuard for DNS also ensures that IoT devices/etc all get covered out of the box with zero configuration needed by admins, and git repos can house specific rules for depts/etc. The file format is already in place, just need to serialize the lists. I'm sure with enough time, my engineers could hack together some crazy solution, but having something official, or some sort of object model/API or libraries for developers to use.
It's a great product. That the same rules lists are used by the Windows+Edge/etc is one way lists are already being reused and is a clever solution. Browser rules can get much more detailed, bot that's the only edge case I can think of. Anybody else using solutions like these on corporate LANS? I'm assuming classes of products exist that operate in a more scaled environment?
AdGuard for iOS/Windows/Android etc cover all of the platforms, and then browser extensions -- which shares common rules with the AdGuard proxy, nice touch -- are the top layer, where requests originate. All of that is working beautifully, especially AdGuard for DNS which is much better than NextDNS. The issue is in keeping rules engines sync'd. AdGuard for DNS rules serve as the "single source of truth", meaning, those rules should be replicated in all other rules lists, e.g. rules for AdGuard for Windows, then mobile devices on iOS and Android, etc. The format for the rules lists is the exact same (@@||domainname.com^), so using the built-in exporting and then importing them on other platforms works doing it by hand. This doesn't scale.
Ideally, the AdGuard for DNS rules list is the single source of truth which gets replicated to Windows/*nix, and mobile devices. Having the same rules is repetitive, but it ensures that no matter what client is on which network, a version of the rule is getting hit in the http request pipeline. Ideally at the browser and reverse proxy level. Having AdGuard for DNS also ensures that IoT devices/etc all get covered out of the box with zero configuration needed by admins, and git repos can house specific rules for depts/etc. The file format is already in place, just need to serialize the lists. I'm sure with enough time, my engineers could hack together some crazy solution, but having something official, or some sort of object model/API or libraries for developers to use.
It's a great product. That the same rules lists are used by the Windows+Edge/etc is one way lists are already being reused and is a clever solution. Browser rules can get much more detailed, bot that's the only edge case I can think of. Anybody else using solutions like these on corporate LANS? I'm assuming classes of products exist that operate in a more scaled environment?
