Merge pull request #22 from GrizzlyJr/master
update binary to version 2.0.16 and add exception for fallback resolver in iptables
This commit is contained in:
commit
abcf624507
19
README.md
19
README.md
|
@ -16,17 +16,17 @@ Just flash and forget.
|
||||||
- DNS server address is 127.0.0.1:53 for ipv4 and [::1]:53 for ipv6
|
- DNS server address is 127.0.0.1:53 for ipv4 and [::1]:53 for ipv6
|
||||||
- If you use AfWall, you can write this enter custom script
|
- If you use AfWall, you can write this enter custom script
|
||||||
```
|
```
|
||||||
iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 127.0.0.1:53
|
iptables -t nat -A OUTPUT -p tcp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination 127.0.0.1:53
|
||||||
iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination 127.0.0.1:53
|
iptables -t nat -A OUTPUT -p udp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination 127.0.0.1:53
|
||||||
ip6tables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination [::1]:53
|
ip6tables -t nat -A OUTPUT -p tcp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination [::1]:53
|
||||||
ip6tables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination [::1]:53
|
ip6tables -t nat -A OUTPUT -p udp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination [::1]:53
|
||||||
```
|
```
|
||||||
and this shutdown script
|
and this shutdown script
|
||||||
```
|
```
|
||||||
iptables -t nat -D OUTPUT -p tcp --dport 53 -j DNAT --to-destination 127.0.0.1:53
|
iptables -t nat -D OUTPUT -p tcp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination 127.0.0.1:53
|
||||||
iptables -t nat -D OUTPUT -p udp --dport 53 -j DNAT --to-destination 127.0.0.1:53
|
iptables -t nat -D OUTPUT -p udp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination 127.0.0.1:53
|
||||||
ip6tables -t nat -D OUTPUT -p tcp --dport 53 -j DNAT --to-destination [::1]:53
|
ip6tables -t nat -D OUTPUT -p tcp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination [::1]:53
|
||||||
ip6tables -t nat -D OUTPUT -p udp --dport 53 -j DNAT --to-destination [::1]:53
|
ip6tables -t nat -D OUTPUT -p udp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination [::1]:53
|
||||||
```
|
```
|
||||||
|
|
||||||
## Configuration (post-installing)
|
## Configuration (post-installing)
|
||||||
|
@ -34,6 +34,9 @@ Just flash and forget.
|
||||||
- For more detailed configuration please refer to [official documentation](https://github.com/jedisct1/dnscrypt-proxy/wiki/Basic-dnscrypt-proxy.toml-editing)
|
- For more detailed configuration please refer to [official documentation](https://github.com/jedisct1/dnscrypt-proxy/wiki/Basic-dnscrypt-proxy.toml-editing)
|
||||||
|
|
||||||
## Changelog
|
## Changelog
|
||||||
|
### v2.5.0
|
||||||
|
- Update binary files to 2.0.16
|
||||||
|
- add exception for cloudflare fallback resolver.
|
||||||
### v2.4.0
|
### v2.4.0
|
||||||
- Update binary files to 2.0.14
|
- Update binary files to 2.0.14
|
||||||
### v2.3.0
|
### v2.3.0
|
||||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,4 +1,8 @@
|
||||||
# Changelog
|
# Changelog
|
||||||
|
## Changelog
|
||||||
|
### v2.5.0
|
||||||
|
- Update binary files to 2.0.16
|
||||||
|
- add exception for cloudflare fallback resolver.
|
||||||
## v2.4.0
|
## v2.4.0
|
||||||
* Update binary files to 2.0.14
|
* Update binary files to 2.0.14
|
||||||
## v2.3.0
|
## v2.3.0
|
||||||
|
|
|
@ -12,10 +12,10 @@ for i in 1 2 3 4 5 6 7 8 9 10 11 12; do
|
||||||
then
|
then
|
||||||
$MODDIR/system/xbin/dnscrypt-proxy -config $MODDIR/system/etc/dnscrypt-proxy/dnscrypt-proxy.toml &
|
$MODDIR/system/xbin/dnscrypt-proxy -config $MODDIR/system/etc/dnscrypt-proxy/dnscrypt-proxy.toml &
|
||||||
sleep 15
|
sleep 15
|
||||||
iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 127.0.0.1:5354
|
iptables -t nat -A OUTPUT -p tcp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination 127.0.0.1:5354
|
||||||
iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination 127.0.0.1:5354
|
iptables -t nat -A OUTPUT -p udp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination 127.0.0.1:5354
|
||||||
ip6tables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination [::1]:5354
|
ip6tables -t nat -A OUTPUT -p tcp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination [::1]:5354
|
||||||
ip6tables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination [::1]:5354
|
ip6tables -t nat -A OUTPUT -p udp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination [::1]:5354
|
||||||
break;
|
break;
|
||||||
else
|
else
|
||||||
sleep 5
|
sleep 5
|
||||||
|
|
|
@ -44,7 +44,7 @@ print_modname() {
|
||||||
ui_print " DNSCrypt-Proxy2 "
|
ui_print " DNSCrypt-Proxy2 "
|
||||||
ui_print " Magisk Module "
|
ui_print " Magisk Module "
|
||||||
ui_print "*******************************"
|
ui_print "*******************************"
|
||||||
ui_print " v2.3.0 "
|
ui_print " v2.5.0 "
|
||||||
ui_print " bluemeda "
|
ui_print " bluemeda "
|
||||||
ui_print "*******************************"
|
ui_print "*******************************"
|
||||||
}
|
}
|
||||||
|
|
|
@ -27,7 +27,7 @@
|
||||||
## The proxy will automatically pick the fastest, working servers from the list.
|
## The proxy will automatically pick the fastest, working servers from the list.
|
||||||
## Remove the leading # first to enable this; lines starting with # are ignored.
|
## Remove the leading # first to enable this; lines starting with # are ignored.
|
||||||
|
|
||||||
# server_names = ['scaleway-fr', 'google', 'yandex', 'cloudflare']
|
# server_names = ['cloudflare', 'google']
|
||||||
|
|
||||||
|
|
||||||
## List of local addresses and ports to listen to. Can be IPv4 and/or IPv6.
|
## List of local addresses and ports to listen to. Can be IPv4 and/or IPv6.
|
||||||
|
@ -41,6 +41,18 @@ listen_addresses = ['127.0.0.1:53', '[::1]:53']
|
||||||
max_clients = 250
|
max_clients = 250
|
||||||
|
|
||||||
|
|
||||||
|
## Switch to a non-privileged system user after listening sockets have been created.
|
||||||
|
## Two processes will be running.
|
||||||
|
## The first one will keep root privileges, but is only a supervisor, that does nothing
|
||||||
|
## except create the sockets, manage the service, and restart it if it crashes.
|
||||||
|
## The second process is the service itself, and that one will always run as a different
|
||||||
|
## user.
|
||||||
|
## Note (1): this feature is currently unsupported on Windows.
|
||||||
|
## Note (2): this feature is not compatible with systemd socket activation.
|
||||||
|
|
||||||
|
# user_name = 'nobody'
|
||||||
|
|
||||||
|
|
||||||
## Require servers (from static + remote sources) to satisfy specific properties
|
## Require servers (from static + remote sources) to satisfy specific properties
|
||||||
|
|
||||||
# Use servers reachable over IPv4
|
# Use servers reachable over IPv4
|
||||||
|
@ -77,6 +89,14 @@ require_nofilter = true
|
||||||
force_tcp = false
|
force_tcp = false
|
||||||
|
|
||||||
|
|
||||||
|
## HTTP / SOCKS proxy
|
||||||
|
## Uncomment the following line to route all TCP connections to a local Tor node
|
||||||
|
## Tor doesn't support UDP, so set `force_tcp` to `true` as well.
|
||||||
|
|
||||||
|
# proxy = "socks5://127.0.0.1:9050"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## How long a DNS query will wait for a response, in milliseconds
|
## How long a DNS query will wait for a response, in milliseconds
|
||||||
|
|
||||||
timeout = 2500
|
timeout = 2500
|
||||||
|
@ -154,7 +174,7 @@ cert_refresh_delay = 240
|
||||||
## People in China may need to use 114.114.114.114:53 here.
|
## People in China may need to use 114.114.114.114:53 here.
|
||||||
## Other popular options include 8.8.8.8 and 1.1.1.1.
|
## Other popular options include 8.8.8.8 and 1.1.1.1.
|
||||||
|
|
||||||
fallback_resolver = '9.9.9.9:53'
|
fallback_resolver = '1.1.1.1:53'
|
||||||
|
|
||||||
|
|
||||||
## Never let dnscrypt-proxy try to use the system DNS settings;
|
## Never let dnscrypt-proxy try to use the system DNS settings;
|
||||||
|
@ -172,6 +192,13 @@ ignore_system_dns = false
|
||||||
netprobe_timeout = 30
|
netprobe_timeout = 30
|
||||||
|
|
||||||
|
|
||||||
|
## Offline mode - Do not use any remote encrypted servers.
|
||||||
|
## The proxy will remain fully functional to respond to queries that
|
||||||
|
## plugins can handle directly (forwarding, cloaking, ...)
|
||||||
|
|
||||||
|
# offline_mode = false
|
||||||
|
|
||||||
|
|
||||||
## Automatic log files rotation
|
## Automatic log files rotation
|
||||||
|
|
||||||
# Maximum log files size in MB
|
# Maximum log files size in MB
|
||||||
|
|
Loading…
Reference in New Issue