2019-10-01 20:57:13 +00:00
# DNSCrypt Proxy 2 for Android | privacy oriented
2018-02-27 14:42:14 +00:00
2019-10-24 08:04:40 +00:00
A flexible DNS proxy, with support for modern encrypted DNS protocols such as [DNSCrypt v2 ](https://dnscrypt.info/protocol ), [DNS-over-HTTPS ](https://www.rfc-editor.org/rfc/rfc8484.txt ) and [Anonymized DNSCrypt ](https://github.com/DNSCrypt/dnscrypt-protocol/blob/master/ANONYMIZED-DNSCRYPT.txt ).
2018-02-27 14:42:14 +00:00
2019-10-24 07:31:00 +00:00
2018-04-17 09:12:54 +00:00
## Features
2019-10-24 08:08:51 +00:00
- For all features please refer to the [OFFICIAL PAGE ](https://github.com/DNSCrypt/dnscrypt-proxy#features )
2020-05-16 22:56:03 +00:00
- All binary files are downloaded from the [OFFICIAL RELEASE PAGE ](https://github.com/DNSCrypt/dnscrypt-proxy/releases )
2018-02-27 14:42:14 +00:00
2019-10-24 07:31:00 +00:00
2019-10-24 08:04:40 +00:00
## Pre-built binaries
Up-to-date, pre-built binaries are available for:
- Android/arm
- Android/arm64
- Android/x86
- Android/x86_64
2020-12-01 09:53:12 +00:00
## Differences from the main dnscrypt-proxy project
2019-10-01 20:57:13 +00:00
2020-12-09 08:27:29 +00:00
- `server_names` = `acsacsar-ams-ipv4` [NLD], `arvind-io` [IND], `bcn-dnscrypt` [ESP], `d0wn-tz-ns1` [TZA], `dnscrypt.be` [BEL], `dnscrypt.ca-1` [CAN], `dnscrypt.ca-2` [CAN], `dnscrypt.eu-dk` [DNK], `dnscrypt.eu-nl` [NLD], `dnscrypt.one` [DEU], `dnscrypt.pl` [POL], `dnscrypt.uk-ipv4` [GBR], `ev-canada` [CAN], `faelix-ch-ipv4` [CHE], `faelix-uk-ipv4` [GBR], `ffmuc.net` [DEU], `jp.tiar.app` [JPN], `meganerd` [NLD], `plan9-dns` [USA], `publicarray-au` [AUS], `sarpel-dns-istanbul` [TUR], `scaleway-ams` [NLD], `scaleway-fr` [FRA], `serbica` [NLD], `skyfighter-dns` [NLD], `v.dnscrypt.uk-ipv4` [GBR], `ventricle.us` [USA] are the resolvers in use.
2020-12-07 01:36:01 +00:00
- `doh_servers` = `false` (disable servers implementing the `DNS-over-HTTPS` protocol)
2020-12-07 13:56:51 +00:00
- `require_dnssec` = `true` (server must support `DNSSEC` security extension)
2020-12-07 01:36:01 +00:00
2020-12-07 13:58:43 +00:00
- `timeout` = `1000` (set the max. response time of a single DNS query from `5000` to `1000` ms.)
2020-12-07 01:36:01 +00:00
- `blocked_query_response` = `'refused'` (set `refused` response to blocked queries)
- `dnscrypt_ephemeral_keys` = `true` (create a new, unique key for every single DNS query)
2020-12-07 13:56:51 +00:00
- `fallback_resolvers` = `['91.239.100.100:53']` (use [UncensoredDNS ](https://blog.uncensoreddns.org/ ) instead [CloudFlare ](https://iscloudflaresafeyet.com/ ))
2020-12-07 01:36:01 +00:00
2020-12-07 13:56:51 +00:00
- `netprobe_address` = `'91.239.100.100:53'` (use [UncensoredDNS ](https://blog.uncensoreddns.org/ ) instead [CloudFlare ](https://iscloudflaresafeyet.com/ ))
2020-12-07 01:36:01 +00:00
- `block_ipv6` = `true` (immediately respond to IPv6-related queries with an empty response)
2020-12-09 09:30:46 +00:00
- `blocked_names_file` , `blocked_ips_file` , `allowed_names_file` and `allowed_ips_file` options enabled. (you can now filter your web content, to know how, please refer to the [official documentation ](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Filters ) or take a look at my [block repository ](https://git.nixnet.services/quindecim/block ))
2020-12-07 01:36:01 +00:00
2020-12-07 13:56:51 +00:00
- `anonymized_dns` feature enabled. (`routes` are indirect ways to reach DNSCrypt servers, each resolver has 2 relays assigned)
2020-12-07 01:36:01 +00:00
- `skip_incompatible` = `true` (skip resolvers incompatible with anonymization instead of using them directly)
- `direct_cert_fallback` = `false` (prevent direct connections through the resolvers for failed certificate retrieved via relay)
2019-10-24 07:31:00 +00:00
2019-10-01 20:57:13 +00:00
2018-04-17 09:12:54 +00:00
## Installation
2020-03-19 08:08:44 +00:00
2020-12-10 16:57:20 +00:00
1. Download the latest `.zip` file from the [Releases ](https://git.nixnet.services/quindecim/dnscrypt-proxy-android/releases ) page or from my [dnscrypt-proxy-android | CHANNEL ](https://t.me/dnscrypt_proxy ) on Telegram and flash it with Magisk Manager.
2. Reboot your device.
2020-05-11 21:24:59 +00:00
3. Test your DNS: https://dnsleaktest.com/
2020-03-19 08:08:44 +00:00
2018-03-06 06:56:09 +00:00
2019-10-01 20:57:13 +00:00
### Configuration (post-installing)
2019-10-01 10:39:00 +00:00
2020-12-02 09:02:26 +00:00
- You can edit `dnscrypt-proxy.toml` as you wish located on `/sdcard/dnscrypt-proxy/dnscrypt-proxy.toml` , or `/data/media/0/dnscrypt-proxy/dnscrypt-proxy.toml` .
2020-05-16 22:56:03 +00:00
- For more detailed configuration please refer to [official documentation ](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Configuration ).
2020-12-09 09:30:46 +00:00
- For more support on a good privacy oriented setup, join our group at [dnscrypt-proxy-android | CHAT ](https://t.me/qd_invitations ) on Telegram.
2019-10-01 10:39:00 +00:00
2019-10-24 07:31:00 +00:00
2020-05-11 21:24:59 +00:00
#### AFWall+ users only
If you experience no connection issue after flashing the module I suggest you to insert these scripts: (in both, enter and shutdown boxes)
```
iptables -A "afwall" -d 127.0.0.1 -p tcp --dport 5354 -j ACCEPT
iptables -A "afwall" -d 127.0.0.1 -p udp --dport 5354 -j ACCEPT
```
2020-05-13 08:50:41 +00:00
The issue is related to the use of `AFWall+` and only happens on some devices, it depends on how the DNS configuration is implemented in the device itself.
2020-05-11 21:24:59 +00:00
2018-02-27 14:59:15 +00:00
## Changelog
2019-10-01 10:03:11 +00:00
2020-12-02 09:04:10 +00:00
[Full changelog ](https://git.nixnet.services/quindecim/dnscrypt-proxy-android/src/branch/master/CHANGELOG.md )
2018-02-27 14:42:14 +00:00
2019-10-24 07:31:00 +00:00
2020-10-19 08:57:18 +00:00
## Credits
2020-05-16 22:56:03 +00:00
- DNSCrypt-Proxy2 upstream | [jedisct1 ](https://github.com/DNSCrypt/dnscrypt-proxy )
2019-09-17 15:23:38 +00:00
- [bluemeda ](https://github.com/bluemeda ) for the original module
2020-12-10 16:57:20 +00:00
- [All contributors ](https://github.com/Magisk-Modules-Repo/dnscrypt-proxy/graphs/contributors )
