Merge pull request #57 from lucenera/master

Update to version 2.0.27
This commit is contained in:
Affif Mukhlashin 2019-10-01 15:50:19 +07:00 committed by GitHub
commit 9def43372a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 46 additions and 100 deletions

View File

@ -1,4 +1,4 @@
# DNSCrypt Proxy 2 for Android # dnscrypt-proxy for Android
A flexible DNS proxy, with support for modern encrypted DNS protocols such as [DNSCrypt v2](https://github.com/DNSCrypt/dnscrypt-protocol/blob/master/DNSCRYPT-V2-PROTOCOL.txt) and [DNS-over-HTTP/2](https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-03). A flexible DNS proxy, with support for modern encrypted DNS protocols such as [DNSCrypt v2](https://github.com/DNSCrypt/dnscrypt-protocol/blob/master/DNSCRYPT-V2-PROTOCOL.txt) and [DNS-over-HTTP/2](https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-03).
@ -8,7 +8,7 @@ A flexible DNS proxy, with support for modern encrypted DNS protocols such as [D
- All binary files are downloaded from [https://github.com/jedisct1/dnscrypt-proxy/releases](https://github.com/jedisct1/dnscrypt-proxy/releases) - All binary files are downloaded from [https://github.com/jedisct1/dnscrypt-proxy/releases](https://github.com/jedisct1/dnscrypt-proxy/releases)
## Installation ## Installation
- Download [.zip module](https://github.com/Magisk-Modules-Repo/dnscrypt-proxy-magisk/releases), flash it in Magisk Manager App or in Recovery and follow the instructions. - Download [.zip module](https://t.me/dnscrypt_proxy), flash it in Magisk Manager App or in Recovery and follow the instructions.
### Set DNS server manually with 3rd-party app (not included in this module) ### Set DNS server manually with 3rd-party app (not included in this module)
- DNS server address is 127.0.0.1:5354 for ipv4 and [::1]:5354 for ipv6 - DNS server address is 127.0.0.1:5354 for ipv4 and [::1]:5354 for ipv6
@ -16,44 +16,25 @@ A flexible DNS proxy, with support for modern encrypted DNS protocols such as [D
``` ```
iptables -t nat -A OUTPUT -p tcp ! -d 9.9.9.9 --dport 53 -j DNAT --to-destination 127.0.0.1:5354 iptables -t nat -A OUTPUT -p tcp ! -d 9.9.9.9 --dport 53 -j DNAT --to-destination 127.0.0.1:5354
iptables -t nat -A OUTPUT -p udp ! -d 9.9.9.9 --dport 53 -j DNAT --to-destination 127.0.0.1:5354 iptables -t nat -A OUTPUT -p udp ! -d 9.9.9.9 --dport 53 -j DNAT --to-destination 127.0.0.1:5354
ip6tables -t nat -A OUTPUT -p tcp ! -d 9.9.9.9 --dport 53 -j DNAT --to-destination [::1]:5354 ```
ip6tables -t nat -A OUTPUT -p udp ! -d 9.9.9.9 --dport 53 -j DNAT --to-destination [::1]:5354
```
and this shutdown script and this shutdown script
``` ```
iptables -t nat -D OUTPUT -p tcp ! -d 9.9.9.9 --dport 53 -j DNAT --to-destination 127.0.0.1:5354 iptables -t nat -D OUTPUT -p tcp ! -d 9.9.9.9 --dport 53 -j DNAT --to-destination 127.0.0.1:5354
iptables -t nat -D OUTPUT -p udp ! -d 9.9.9.9 --dport 53 -j DNAT --to-destination 127.0.0.1:5354 iptables -t nat -D OUTPUT -p udp ! -d 9.9.9.9 --dport 53 -j DNAT --to-destination 127.0.0.1:5354
ip6tables -t nat -D OUTPUT -p tcp ! -d 9.9.9.9 --dport 53 -j DNAT --to-destination [::1]:5354 ```
ip6tables -t nat -D OUTPUT -p udp ! -d 9.9.9.9 --dport 53 -j DNAT --to-destination [::1]:5354
```
## Configuration (post-installing) ## Configuration (post-installing)
- Configuration located on `/sdcard/dnscrypt-proxy/dnscrypt-proxy.toml` [or /data/media/0/dnscrypt-proxy/dnscrypt-proxy.toml] - Configuration located on `/sdcard/dnscrypt-proxy/dnscrypt-proxy.toml` [or /data/media/0/dnscrypt-proxy/dnscrypt-proxy.toml]
- For more detailed configuration please refer to [official documentation](https://github.com/jedisct1/dnscrypt-proxy/wiki/Configuration) - For more detailed configuration please refer to [official documentation](https://github.com/jedisct1/dnscrypt-proxy/wiki/Configuration)
## Changelog ## Changelog
### v2.8.7 ### v1.0.0
- changed path of configuration file [dnscrypt-toml] from /system/etc/ to /data/media/0/ [or /sdcard] - updated binary & configuration files to 2.0.27
- updated binary & configuration files to 2.0.25 - updated configuration file [dnscrypt.toml] according to the revision https://github.com/DNSCrypt/dnscrypt-proxy/releases/tag/2.0.27
- Removed automatic redirection of dns-request and let dnscrypt-proxy do its job only.
### v2.8.5
- Fix #40
### v2.8.4
- Fix failed to copy or backup config file
### v2.8.3
- Fix permission issue
- Add option to replace or backup-restore config file
### v2.8.2
- Fix "binary file is missing"
### v2.8.1
- Update Magisk 18100 requirements
### v2.8.0
- Update binary files to 2.0.22
### v2.7.0
- Update binary files to 2.0.21
[Full changelog](changelog.md) [Full changelog](changelog.md)
## Credit ## Credit
- DNSCrypt-Proxy2 upstream | [jedisct1](https://github.com/jedisct1/dnscrypt-proxy) - DNSCrypt-Proxy2 upstream | [jedisct1](https://github.com/jedisct1/dnscrypt-proxy)
- [bluemeda](https://github.com/bluemeda) for the original module
- [All contributor](https://github.com/Magisk-Modules-Repo/dnscrypt-proxy/graphs/contributors) - [All contributor](https://github.com/Magisk-Modules-Repo/dnscrypt-proxy/graphs/contributors)

BIN
binary/dnscrypt-proxy-arm Executable file → Normal file

Binary file not shown.

BIN
binary/dnscrypt-proxy-arm64 Executable file → Normal file

Binary file not shown.

BIN
binary/dnscrypt-proxy-x86 Executable file → Normal file

Binary file not shown.

BIN
binary/dnscrypt-proxy-x86_64 Executable file → Normal file

Binary file not shown.

View File

@ -1,54 +1,6 @@
# Changelog # Changelog
## Changelog ## Changelog
### v2.8.7
- changed path of configuration file [dnscrypt.toml] from /system/etc/ to /data/media/0/ [or /sdcard]
- updated binary & configuration files to 2.0.25
- Removed automatic redirection of dns-request and let dnscrypt-proxy do its job only.
### v2.8.5
- Fix #40
### v2.8.4
- Fix failed to copy or backup config file
### v2.8.3
- Fix permission issue
- Add option to replace or backup-restore config file
### v2.8.2
- Fix "binary file is missing"
### v2.8.1
- Update Magisk 18100 requirements
### v2.8.0
- Update binary files 2.0.22
### v2.7.0
- Update binary files 2.0.21
### v2.6.0
- Update binary files to 2.0.19
### v2.5.0
- Update binary files to 2.0.16
- add exception for cloudflare fallback resolver.
## v2.4.0
* Update binary files to 2.0.14
## v2.3.0
* Update binary files to 2.0.10
* Add option to choose auto redirect DNS or manually set with 3rd-party app.
## v2.2.0
* Update binary files to 2.0.8
## v2.1.3
* __If you have previous version, please uninstall it first then reinstall it again or you can change listen port manually in `dnscrypt-proxy.toml` file.__
* Fix Tethering Client cannot Resolve DNSCrypt
* Fix Chromecast devices not showing [jedisct1/dnscrypt-proxy#226](https://github.com/jedisct1/dnscrypt-proxy/issues/226)
* Add binary files for x86 and x86_64 (test)
## v2.1.2
* Bug Fixes
## v2.1.1
* Bug fixes
## v2.1
* Bug fixes
## v2.0
* Resolve download.dnscrypt.info first before executing `iptables`
* Don't override dnscrypt-proxy.toml if exist
* Update binary files to v2.0.6
## v1.1
* Change listen port to 5353 (avoid conflict while tethering)
## v1.0 ## v1.0
* Initial release * Initial release
* dnscrypt-proxy v2.0.5 * dnscrypt-proxy v2.0.27

View File

@ -15,6 +15,8 @@ www.bing.com strict.bing.com
yandex.ru familysearch.yandex.ru yandex.ru familysearch.yandex.ru
=duckduckgo.com safe.duckduckgo.com
www.youtube.com restrictmoderate.youtube.com www.youtube.com restrictmoderate.youtube.com
m.youtube.com restrictmoderate.youtube.com m.youtube.com restrictmoderate.youtube.com
youtubei.googleapis.com restrictmoderate.youtube.com youtubei.googleapis.com restrictmoderate.youtube.com

View File

@ -92,13 +92,13 @@ force_tcp = false
## Uncomment the following line to route all TCP connections to a local Tor node ## Uncomment the following line to route all TCP connections to a local Tor node
## Tor doesn't support UDP, so set `force_tcp` to `true` as well. ## Tor doesn't support UDP, so set `force_tcp` to `true` as well.
# proxy = "socks5://127.0.0.1:9050" # proxy = 'socks5://127.0.0.1:9050'
## HTTP/HTTPS proxy ## HTTP/HTTPS proxy
## Only for DoH servers ## Only for DoH servers
# http_proxy = "http://127.0.0.1:8888" # http_proxy = 'http://127.0.0.1:8888'
## How long a DNS query will wait for a response, in milliseconds ## How long a DNS query will wait for a response, in milliseconds
@ -111,11 +111,12 @@ timeout = 2500
keepalive = 30 keepalive = 30
## Use the REFUSED return code for blocked responses ## Response for blocked queries. Options are `refused`, `hinfo` (default) or
## Setting this to `false` means that some responses will be lies. ## an IP response. To give an IP response, use the format `a:<IPv4>,aaaa:<IPv6>`.
## Unfortunately, `false` appears to be required for Android 8+ ## Using the `hinfo` option means that some responses will be lies.
## Unfortunately, the `hinfo` option appears to be required for Android 8+
refused_code_in_responses = false # blocked_query_response = 'refused'
## Load-balancing strategy: 'p2' (default), 'ph', 'first' or 'random' ## Load-balancing strategy: 'p2' (default), 'ph', 'first' or 'random'
@ -165,6 +166,8 @@ cert_refresh_delay = 240
## 49195 = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ## 49195 = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
## 52392 = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 ## 52392 = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
## 52393 = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 ## 52393 = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
## 4865 = TLS_AES_128_GCM_SHA256
## 4867 = TLS_CHACHA20_POLY1305_SHA256
## ##
## On non-Intel CPUs such as MIPS routers and ARM systems (Android, Raspberry Pi...), ## On non-Intel CPUs such as MIPS routers and ARM systems (Android, Raspberry Pi...),
## the following suite improves performance. ## the following suite improves performance.
@ -203,7 +206,7 @@ ignore_system_dns = false
## initializing the proxy. ## initializing the proxy.
## Useful if the proxy is automatically started at boot, and network ## Useful if the proxy is automatically started at boot, and network
## connectivity is not guaranteed to be immediately available. ## connectivity is not guaranteed to be immediately available.
## Use 0 to not test for connectivity at all, ## Use 0 to not test for connectivity at all (not recommended),
## and -1 to wait as much as possible. ## and -1 to wait as much as possible.
netprobe_timeout = 60 netprobe_timeout = 60
@ -217,7 +220,7 @@ netprobe_timeout = 60
## On other operating systems, the connection will be initialized ## On other operating systems, the connection will be initialized
## but nothing will be sent at all. ## but nothing will be sent at all.
netprobe_address = "9.9.9.9:53" netprobe_address = '9.9.9.9:53'
## Offline mode - Do not use any remote encrypted servers. ## Offline mode - Do not use any remote encrypted servers.
@ -227,6 +230,14 @@ netprobe_address = "9.9.9.9:53"
# offline_mode = false # offline_mode = false
## Additional data to attach to outgoing queries.
## These strings will be added as TXT records to queries.
## Do not use, except on servers explicitly asking for extra data
## to be present.
# query_meta = ["key1:value1", "key2:value2", "key3:value3"]
## Automatic log files rotation ## Automatic log files rotation
# Maximum log files size in MB # Maximum log files size in MB
@ -516,17 +527,15 @@ cache_neg_max_ttl = 600
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md'] urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
cache_file = 'public-resolvers.md' cache_file = 'public-resolvers.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
refresh_delay = 72
prefix = '' prefix = ''
## Quad9 over DNSCrypt - https://quad9.net/ ## Quad9 over DNSCrypt - https://quad9.net/
# [sources.quad9-resolvers] # [sources.quad9-resolvers]
# urls = ["https://www.quad9.net/quad9-resolvers.md"] # urls = ['https://www.quad9.net/quad9-resolvers.md']
# minisign_key = "RWQBphd2+f6eiAqBsvDZEBXBGHQBJfeG6G+wJPPKxCZMoEQYpmoysKUN" # minisign_key = 'RWQBphd2+f6eiAqBsvDZEBXBGHQBJfeG6G+wJPPKxCZMoEQYpmoysKUN'
# cache_file = "quad9-resolvers.md" # cache_file = 'quad9-resolvers.md'
# refresh_delay = 72 # prefix = 'quad9-'
# prefix = "quad9-"
## Another example source, with resolvers censoring some websites not appropriate for children ## Another example source, with resolvers censoring some websites not appropriate for children
## This is a subset of the `public-resolvers` list, so enabling both is useless ## This is a subset of the `public-resolvers` list, so enabling both is useless
@ -543,5 +552,5 @@ cache_neg_max_ttl = 600
[static] [static]
# [static.'google'] # [static.'myserver']
# stamp = 'sdns://AgUAAAAAAAAAAAAOZG5zLmdvb2dsZS5jb20NL2V4cGVyaW1lbnRhbA' # stamp = 'sdns:AQcAAAAAAAAAAAAQMi5kbnNjcnlwdC1jZXJ0Lg'

View File

@ -15,6 +15,8 @@
## ads[0-9]* | matches "ads" followed by one or more digits ## ads[0-9]* | matches "ads" followed by one or more digits
## ads*.example* | *, ? and [] can be used anywhere, but prefixes/suffixes are faster ## ads*.example* | *, ? and [] can be used anywhere, but prefixes/suffixes are faster
tracker.debian.org
## Time-based rules ## Time-based rules

View File

@ -124,11 +124,11 @@ REPLACE="
print_modname() { print_modname() {
ui_print " " ui_print " "
ui_print "*******************************" ui_print "*******************************"
ui_print "* DNSCrypt-Proxy2 *" ui_print "* dnscrypt-proxy-fresh *"
ui_print "* Magisk Module *" ui_print "* Magisk Module *"
ui_print "*******************************" ui_print "*******************************"
ui_print "* v2.8.7 *" ui_print "* v1.0.0 *"
ui_print "* bluemeda *" ui_print "* lucenera *"
ui_print "*******************************" ui_print "*******************************"
ui_print " " ui_print " "
} }

View File

@ -1,6 +1,6 @@
id=dnscrypt-proxy id=dnscrypt-proxy
name=DNSCrypt-Proxy 2 name=dnscrypt-proxy
version=v2.8.7 version=v2.0.0
versionCode=25 versionCode=1
author=bluemeda author=lucenera
description=A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTP/2. Using DNSCrypt-proxy 2.0.25 description=dnscrypt-proxy for Android