Hardened dnscrypt-proxy module for Android.
Go to file
quindecim ace7a158ff Update to 2.0.29-beta.3
 Added two more resolvers: 
publicarray-au - 45.76.113.31
publicarray-au2 - 139.99.222.72
Australia, (DNSSEC • OpenNIC • Non-logging • Uncensored - hosted on vultr.com and ovh.com.au
maintained by publicarray - https://dns.seby.io)
2019-10-26 15:43:55 -04:00
META-INF/com/google/android magisk 18.1 2019-04-23 16:46:32 +07:00
binary Update to 2.0.29-beta.3 2019-10-26 13:58:58 -04:00
common updated service.sh 2019-06-13 08:58:26 +00:00
config Upload files to 'config' 2019-10-26 15:29:51 -04:00
.gitattributes initial release 2018-02-27 21:42:14 +07:00
.gitignore add gitignore 2018-02-27 22:08:08 +07:00
README.md Update to 2.0.29-beta.3 2019-10-26 15:43:55 -04:00
changelog.md Update to 2.0.29-beta.3 2019-10-25 11:55:26 -04:00
install.sh Update to 2.0.29-beta.3 2019-10-25 11:07:28 -04:00
module.prop Update to 2.0.29-beta.3 2019-10-25 11:07:28 -04:00

README.md

DNSCrypt Proxy 2 for Android | privacy oriented

A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2, DNS-over-HTTPS and Anonymized DNSCrypt.

Features

Pre-built binaries

Up-to-date, pre-built binaries are available for:

  • Android/arm
  • Android/arm64
  • Android/x86
  • Android/x86_64

Differences between default DNSCrypt Proxy project

- CONFIG. FILE: (dnscrypt-proxy.toml)
  • DNSSEC required
  • Enabled dnscrypt_ephemeral_keys feature (create a new, unique key for every single DNS query)
  • Enabled anonymized_dns feature (each resolver has 2 relay)
  • DoH disabled
  • IPv6 disabled
  • Setrefused response to blocked queries
  • Set DNS query max. response time from 5000 to 1500, in ms.
  • Use UncensoredDNS as fallback resolver instead CloudFlare
  • Use charis (DE), dnscrypt.nl-ns0 (NL), dnscrypt.uk-ipv4 (UK), dnscrypt.eu-dk (DK), dnscrypt.eu-nl (NL), dnswarden-dc1 (DE), dnswarden-dc1 (DE), publicarray-au (AUS), publicarray-au2 (AUS), scaleway-fr (FR) and suami (FR)

Installation

  1. Download latest .zip file from here or from dnscrypt-proxy-android | CHANNEL on Telegram and flash it with Magisk Manager App or with your Recovery.
  2. Reboot.
  3. Open AFWall+ and set custom script:

ENTER SCRIPT:

iptables -t nat -A OUTPUT -p tcp ! -d 91.239.100.100 --dport 53 -j DNAT --to-destination 127.0.0.1:53
iptables -t nat -A OUTPUT -p udp ! -d 91.239.100.100 --dport 53 -j DNAT --to-destination 127.0.0.1:53

SHUTDOWN SCRIPT:

iptables -t nat -D OUTPUT -p tcp ! -d 91.239.100.100 --dport 53 -j DNAT --to-destination 127.0.0.1:53
iptables -t nat -D OUTPUT -p udp ! -d 91.239.100.100 --dport 53 -j DNAT --to-destination 127.0.0.1:53

Configuration (post-installing)

  • You can edit dnscrypt-proxy.toml as you wish located on /sdcard/dnscrypt-proxy/dnscrypt-proxy.toml [or /data/media/0/dnscrypt-proxy/dnscrypt-proxy.toml]
  • For more detailed configuration please refer to official documentation
  • FOR MORE SUPPORT ON A GOOD PRIVACY-ORIENTED SETUP, JOIN dnscrypt-proxy-android | CHAT ON TELEGRAM

Changelog

2.0.29-beta.3

Updated binary files to 2.0.29-beta.3 | jedisct1
  • Support for Anonymized DNSCrypt has been added.
  • Latency with large responses has actually been reduced.
  • DNSCrypt certificates can now be retrieved over Tor, proxies, and DNS relays.
  • Improved server error reporting (thanks to Alison Winters)
  • Quite a lot of internal improvements and bug fixes have been made, thanks to Markus Linnala.
  • Improved logging
  • Added a workaround for DNS servers using a non-standard provider name.
Updated config files to 2.0.29-beta.3 | quindecim
  • Enabled anonymized_dns feature (each resolver has 2 relays)
  • Added scaleway-fr resolver (DNSSEC/Non-logged/Uncensored - Maintained by Frank Denis - https://fr.dnscrypt.info)

Full changelog

Credit