This guide will help you setup content blocking using the Unbound DNS resolver in OPNsense, and assumes you are already using Unbound.

First, navigate to Services > Unbound DNS > Blocklist.

• In the top left corner, enable advanced mode.
• Check Enable.
• Under URLs of Blocklists, enter one of the two following URLs…
  • small.oisd.nl/domains (Blocks Ads)
  • big.oisd.nl/domains (Blocks Ads, Tracking, and Malware)
• Additionally, this URL can be added to block content that is inappropriate for children…
  • nsfw.oisd.nl/domains (Blocks adult websites)
• Click Apply.

You can visit this ad block test website to verify the blocklists are working. When using the big list I score 86%.

I suggest pairing a network-wide DNS blocklist with on-device content blockers as well. The latter can specifically help in removing whitespace on websites where ads may have otherwise been sitting. You should now notice a reduction in your internet usage, and faster loading of websites and apps.

Credits to https://oisd.nl for maintaining the lists of domains. You can report domains that should be included in the lists.

In this brief guide I will show you how to setup the shaper in OPNsense using the minimal number of settings and configuration. We will be using the modern fq_codel (Fair/Flow Queueing + COntrolled DELay) packet scheduler. The idea here is to maximize compatibility, however you may need to research further than this guide to tailor the settings for your network.

Connect a wired computer as close in your network topology to your modem or ONT as you can, and run an internet speedtest. Note the results from this test (it is wise to perform several tests, then work out the average). Here are my personal results we will use in this guide.

First, start by navigating to Firewall > Shaper > Pipes.

• Select the + icon to create a new pipe.
• Enable advanced mode in the top left corner.
• Under Bandwidth enter in your measured download throughput, rounded down.
• Under Bandwidth Metric select Mbps.
• Under Scheduler type select FlowQueue-CoDel.
• Under Description enter PipeDown.
• Save.

Add another, but this time enter the upstream bandwidth and name it PipeUp.

Second, navigate to Firewall > Shaper > Queues.

• Select the + icon to create a new queue.
• Under Pipe select PipeDown.
• Under Mask select Destination.
• Under Description enter DownQueue.
• Save.

Add another, but this time select UpPipe, Source, and enter QueueUp.

Third, navigate to Firewall > Shaper > Rules.

• Select the + icon to create a new rule.
• Under Direction select in.
• Under Target select QueueDown.
• Under Description enter RuleDown.
• Save.

Add another, but this time select out, QueueUp, and enter RuleUp.

Click on Apply for the changes to take effect. You can navigate to Firewall > Shaper > Status to confirm your settings have been enabled.

On a computer that is within your local network, re-run the internet speedtest. You will notice you lose some throughput — in my case about 7-8% — in favour of consistently low latency. Here are my results.

After whats been a five-month or so hiatus from being consistently active, today I crushed an 11 km run like it I have been doing it weekly all along. Running has never been my favourite activity, but it is definitely one where I can end up in a bit of a high if I settle into the right routine and pace.

Losing my consistency wasn’t necessarily planned, and I cannot blame it on the seasons either. It was around February this year when I broke a long streak of closing my rings daily. Throughout Winter I maintained my activity, rowing and HIIT with some outdoor activities as the weather allowed.

Sometimes I feel like I need friends to help keep my motivation up, but I am trying to remember that I am doing this for myself. To stay healthy, reach my goals (and set new ones), and to be more social. I will update this blog weekly with a recap of my week, a public journal of my progess for others to enjoy and get motivated by!

🏃🏼‍♂️

Not sure if Jens Voigt was the first to say it, but this has been the motto for most of my physical activity in the last year. Whether I am running, rowing, cycling, or HIIT-ing, I just repeat this saying to myself until I get it done.

I have planned some new cycling routes to explore this year, and will try my best to document them to some capacity to share here on the blog. You can find the first one below.

Yesterday I donated blood for the first time. I saw a news article noting the shortage in donations during the winter weather fiasco in BC a few weeks ago. In the middle of last year a colleague also sent a friendly email to remind staff at my work about the need for blood donations in Canada. I figured what better way for me to start the year than to go and donate some blood.

Canadian Blood Services has a convenient app to help you book an appointment. It seems like the mobile clinics put up in a gynasium or similar for a single day—quite the feat I think—which allows them to offer donation centres nearby to where you live, but not necessarily every day of the week. This time, the donor centre was about a 10-minute drive from home, not so bad.

Upon entering you go through some identification, surveying, and screening. This is all to make sure you are who you say you are and that you are fully eligible to donate your blood. I was told some of the identification and surveying can be done in advance via the app next time, something I plan to do.

After that, they walked me over to an area of about 8 or so bleeding stations, and sat me down. The staff were extremely polite—especially since I had to wear a 1st-time-donor sticker on my shirt—and explained what they were doing and why throughout the process. I totalled about 13 minutes of bleed time, losing about 551mL of blood.

I took it easy for the rest of the day, and drank plenty of water like they suggested. Overall I was pleasantly surprised with how easy it went. I have already booked my next appointment via the app, and will aim to make 5 out of the maximum of 6 allowed visits this year.