NOTE: after a firmware upgrade, the script needs to be executed again manually to re-create the crontab job and refill the dnsmasq list.
So after a firmware upgrade, log in using SSH, sudo to root and run /config/user-data/update-adblock-dnsmasq.sh
20171203
-added first youtube adblocking
20171121
First release
-added pi-hole domains as suggsted by @recrudesce
-added https://github.com/notracking/hosts-blocklists
SSH into your USG:
sudo su -
curl -o /config/user-data/update-adblock-dnsmasq.sh https://raw.githubusercontent.com/Ar0xA/USG-DNS-ADBLOCK/master/update-adblock-dnsmasq.sh
chmod +x /config/user-data/update-adblock-dnsmasq.sh
/config/user-data/update-adblock-dnsmasq.sh
Check if all went fine by nslookup on a box that uses your USG as DNS (default from DHCP)
nslookup aa.i-stream.pl (should return address: 0.0.0.0)
crontab -l should show you now a line to automatically update once a day
Originally taken from https://community.ubnt.com/t5/UniFi-Routing-Switching/Use-USG-to-block-sites-apps-like-ER/td-p/1497045