dnscrypt-proxy-android/README.md

78 lines
3.7 KiB
Markdown
Raw Normal View History

2019-10-01 20:57:13 +00:00
# DNSCrypt Proxy 2 for Android | privacy oriented
2018-02-27 14:42:14 +00:00
2019-10-24 08:04:40 +00:00
A flexible DNS proxy, with support for modern encrypted DNS protocols such as [DNSCrypt v2](https://dnscrypt.info/protocol), [DNS-over-HTTPS](https://www.rfc-editor.org/rfc/rfc8484.txt) and [Anonymized DNSCrypt](https://github.com/DNSCrypt/dnscrypt-protocol/blob/master/ANONYMIZED-DNSCRYPT.txt).
2018-02-27 14:42:14 +00:00
2019-10-24 07:31:00 +00:00
2018-04-17 09:12:54 +00:00
## Features
2019-10-24 08:08:51 +00:00
- For all features please refer to the [OFFICIAL PAGE](https://github.com/DNSCrypt/dnscrypt-proxy#features)
- All binary files are downloaded from the [OFFICIAL RELEASE PAGE](https://github.com/jedisct1/dnscrypt-proxy/releases)
2018-02-27 14:42:14 +00:00
2019-10-24 07:31:00 +00:00
2019-10-24 08:04:40 +00:00
## Pre-built binaries
Up-to-date, pre-built binaries are available for:
- Android/arm
- Android/arm64
- Android/x86
- Android/x86_64
2019-10-01 20:57:13 +00:00
## Differences between default DNSCrypt Proxy project
2019-10-24 13:45:38 +00:00
##### **- CONFIG. FILE:** *(dnscrypt-proxy.toml)*
2019-10-24 07:34:59 +00:00
-`DNSSEC` required
2019-10-24 13:45:38 +00:00
- ✅ Enabled `dnscrypt_ephemeral_keys` feature *(create a new, unique key for every single DNS query)*
- ✅ Enabled `anonymized_dns` feature *(each resolver has 2 relay)*
- ⛔️ `DoH` disabled
- ⛔️ `IPv6` disabled
- Set`refused` response to blocked queries
2019-10-24 07:31:00 +00:00
- Set DNS query max. response time from `5000` to `1500`, in ms.
- Use [UncensoredDNS](https://blog.uncensoreddns.org/) as fallback resolver instead CloudFlare
- Use `charis` (DE), `dnscrypt.nl-ns0` (NL), `dnscrypt.uk-ipv4` (UK), `dnscrypt.eu-dk` (DK), `dnscrypt.eu-nl` (NL), `dnswarden-dc1` (DE), `dnswarden-dc1` (DE), `publicarray-au` (AUS), `publicarray-au2` (AUS), `scaleway-fr` (FR) and `suami` (FR)
2019-10-24 07:31:00 +00:00
2019-10-01 20:57:13 +00:00
2018-04-17 09:12:54 +00:00
## Installation
2019-10-24 08:26:05 +00:00
1. Download latest `.zip` file from here or from [dnscrypt-proxy-android | CHANNEL](https://t.me/dnscrypt_proxy) on Telegram and flash it with Magisk Manager App or with your Recovery.
2019-10-01 10:03:11 +00:00
2. Reboot.
2019-10-01 20:57:13 +00:00
3. Open AFWall+ and set custom script:
2019-10-01 10:03:11 +00:00
**ENTER SCRIPT:**
```
2019-10-01 20:57:13 +00:00
iptables -t nat -A OUTPUT -p tcp ! -d 91.239.100.100 --dport 53 -j DNAT --to-destination 127.0.0.1:53
iptables -t nat -A OUTPUT -p udp ! -d 91.239.100.100 --dport 53 -j DNAT --to-destination 127.0.0.1:53
2019-10-01 10:03:11 +00:00
```
**SHUTDOWN SCRIPT:**
```
2019-10-01 20:57:13 +00:00
iptables -t nat -D OUTPUT -p tcp ! -d 91.239.100.100 --dport 53 -j DNAT --to-destination 127.0.0.1:53
iptables -t nat -D OUTPUT -p udp ! -d 91.239.100.100 --dport 53 -j DNAT --to-destination 127.0.0.1:53
2019-10-01 10:03:11 +00:00
```
2019-10-01 20:57:13 +00:00
### Configuration (post-installing)
2019-10-01 10:39:00 +00:00
2019-10-01 20:57:13 +00:00
- You can edit `dnscrypt-proxy.toml` as you wish located on `/sdcard/dnscrypt-proxy/dnscrypt-proxy.toml` [or /data/media/0/dnscrypt-proxy/dnscrypt-proxy.toml]
2019-04-24 03:04:58 +00:00
- For more detailed configuration please refer to [official documentation](https://github.com/jedisct1/dnscrypt-proxy/wiki/Configuration)
2019-10-24 08:24:41 +00:00
- FOR MORE SUPPORT ON A GOOD PRIVACY-ORIENTED SETUP, JOIN [dnscrypt-proxy-android | CHAT](https://t.me/qd_invitation) ON TELEGRAM
2019-10-01 10:39:00 +00:00
2019-10-24 07:31:00 +00:00
2018-02-27 14:59:15 +00:00
## Changelog
2019-10-01 10:03:11 +00:00
2019-11-01 11:19:22 +00:00
#### 2.0.31
##### Updated binary files to 2.0.31 | jedisct1
* This version fixes a startup issue introduced in version 2.0.29, on systems for which the service cannot be automatically installed (such as OpenBSD and FreeBSD). Reported by @5ch17 and Vinícius Zavam, and fixed by Will Elwood, thanks!
* This version fixes two regressions introduced in version 2.0.29: DoH server couldn't be reached over IPv6 any more, and the proxy couldn't be interrupted while servers were being benchmarked.
##### Updated config files to 2.0.31 | quindecim
* Changed the way to backup an existing .toml file. The old configuration is now backed up with `year-month-day-hour-minute.bak` suffix (thanks to @lindroidux)
2018-04-17 09:12:54 +00:00
2019-04-30 06:40:41 +00:00
[Full changelog](changelog.md)
2018-02-27 14:42:14 +00:00
2019-10-24 07:31:00 +00:00
2018-02-27 14:59:15 +00:00
## Credit
2018-04-17 09:12:54 +00:00
- DNSCrypt-Proxy2 upstream | [jedisct1](https://github.com/jedisct1/dnscrypt-proxy)
2019-09-17 15:23:38 +00:00
- [bluemeda](https://github.com/bluemeda) for the original module
2019-10-29 08:56:05 +00:00
- [All contributors](https://github.com/Magisk-Modules-Repo/dnscrypt-proxy/graphs/contributors)