From 7875b642aaa18f74a51daff2fbf8bf36b315a8c3 Mon Sep 17 00:00:00 2001 From: George Daniel <51092143+lindroidux@users.noreply.github.com> Date: Thu, 13 Jun 2019 07:19:12 +0000 Subject: [PATCH] updated service.sh Remove the dns re-direction through iptables. Let dnscrypt-proxy do its job only. --- common/service.sh | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/common/service.sh b/common/service.sh index 7436943..2e56de7 100755 --- a/common/service.sh +++ b/common/service.sh @@ -7,13 +7,18 @@ MODDIR=${0%/*} # change config directory from /system/etc to /data/media/0/dnscrypt-proxy -# /sdcard is softlink to /data/media/0 in lineageos 16 +# /sdcard is softlink to /data/media/0 in lineageos 16. +#Check, every 15 seconds. whether an instance of dnscrypt-proxy is running,if not, keep looping +# till network is available & start dnscrypt-proxy. + while ! [ `pgrep -x dnscrypt-proxy` ] ; do - $MODDIR/system/bin/dnscrypt-proxy -config /data/media/0/dnscrypt-proxy/dnscrypt-proxy.toml; + $MODDIR/system/bin/dnscrypt-proxy -config /data/media/0/dnscrypt-proxy/dnscrypt-proxy.toml; + sleep 15; done #IPTABLES - iptables -t nat -A OUTPUT -p tcp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination 127.0.0.1:5354 - iptables -t nat -A OUTPUT -p udp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination 127.0.0.1:5354 - ip6tables -t nat -A OUTPUT -p tcp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination [::1]:5354 - ip6tables -t nat -A OUTPUT -p udp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination [::1]:5354 +# let dnscrypt-proxy do its job only. Let the user decide how to do the "redirection of dns request". +# iptables -t nat -A OUTPUT -p tcp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination 127.0.0.1:5354 +# iptables -t nat -A OUTPUT -p udp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination 127.0.0.1:5354 +# ip6tables -t nat -A OUTPUT -p tcp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination [::1]:5354 +# ip6tables -t nat -A OUTPUT -p udp ! -d 1.1.1.1 --dport 53 -j DNAT --to-destination [::1]:5354