Closed ghost closed 2 years ago
I know connectivitycheck.gstatic.com/generate_204 or www.gstatic.com/generate_204 or client*.google.com/generate_204 (..client3 mostly) are used for Android, and maybe www.msftncsi.com/ncsi.txt and www.msftconnecttest.com/connecttest.txt for Windows 10.
Neither of these are blocked by AdGuard DNS.
Any idea what else could be causing this behavior on your device?
Just in case, the full list is here: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
setting AdGuard-DNS servers in my router seems to mark the networks as "Without Internet".
both with Windows 10, and with Android clients that use a custom firmware (AOSP based, such as LineageOS for example).
I know
connectivitycheck.gstatic.com/generate_204
orwww.gstatic.com/generate_204
orclient*.google.com/generate_204
(..client3
mostly) are used for Android, and maybewww.msftncsi.com/ncsi.txt
andwww.msftconnecttest.com/connecttest.txt
for Windows 10.linux lite/linux Ubuntu network quality enumeration is also showing similar results.
the status of the network as presented with Windows 10 WiFi / LAN menu pre-connection is shown as "no-internet", but after actually connecting the status is changed showing full connectivity, same with Android. There are no actual internet access issues, but the false status interfere with a lot of processes across multiple operation systems.
I did not notice this issue after selecting different DNS-servers from https://kb.adguard.com/en/general/dns-providers and restarting my router.
notes/workarounds..
official samsung firmwares (not really AOSP based), will use their own servers which are not blocked. there is a workaround for Android ADB-accessible devices to modify the global settings of `captive_portal_server` (for alternative hostname) and `captive_portal_https_url` (complete URL) to change it to another server. I had my raspberry pi zero w2 run ubuntu with privoxy, act as a proxy through the router and returning everything with `204` in its path immediately with HTTP 204, while letting other connections through. still not really a great solution but it keeps my phone WiFi from disconnecting, since apparently there is a repeating check every 5 minutes or so to see if there "is an internet" (and it fails, and favor the data-plan which does not pipe through AdGuard-DNS, so it "pings" successfully).as for `captive_portal_https_url`/`captive_portal_http_url`, as a fallback I'm also modifying (where I can manage to have super user access) the android devices to use those 204-servers, yes google, which seems that most of its servers support the `/generate_204` path. I had to specify few (the ones that seems to do not deliver ads or collect analytics are on top), I have http first since I sometime need to work with network sniffing and without proper certificate, and I'm also specifying IP to avoid DNS-resolving.. ```txt http://fonts.gstatic.com/generate_204 http://142.250.185.227/generate_204 https://fonts.gstatic.com/generate_204 https://142.250.185.227/generate_204 https://fonts.googleapis.com/generate_204 https://142.250.185.74/generate_204 https://apis.google.com/generate_204 https://142.250.185.110/generate_204 https://www.youtube-nocookie.com/generate_204 https://142.250.186.110/generate_204 https://www.youtube.com/generate_204 https://142.251.1.93/generate_204 https://www.gstatic.com/generate_204 https://64.233.165.94/generate_204 ``` I've tried to avoid a really bad solution of simply specifying HOSTS entry for them, in order to avoid specifying a single machine out of a pool, but it should also, probably work... I, also, would love to have a some sort of 204-returning-path in AdGuard-DNS servers as an alternative to existing google/samsung servers..
and I'm fully aware of that those servers might also be used for delivering adware/analytics, and I'm personally fine with adguard-dns blocking all those \@\$\% servers, and manually connecting to WiFi again and again..
I just thought you should be aware of it since it does not seems to be documented elsewhere..
screenshots
(after connecting it takes a few seconds and the machine probably "pings" it by itself, and it seems fine)