Entware DNSCrypt-Proxy V2 on DDWRT

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions
Goto page Previous  1, 2, 3, 4, 5
Author Message
martymonster
DD-WRT Novice


Joined: 18 May 2020
Posts: 14

PostPosted: Mon May 18, 2020 11:41    Post subject: Reply with quote
jauch888888 wrote:
martymonster wrote:
Not sure why you say it is working when it shows as dead and cannot be seen in Top as a running process.


He says that cause it works, really. I think the problem is about your configuration. It can be anything.

I play a lot with dnscrypt proxy, I test a lot of things, anonymized_dns + different configurations etc.

And sometimes, just a little thing and it doesn't work after restarting .

Shoot your toml file


Here is my toml file



dnscrypt-proxy.toml.txt
 Description:

Download
 Filename:  dnscrypt-proxy.toml.txt
 Filesize:  21.57 KB
 Downloaded:  83 Time(s)

Sponsor
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 3964
Location: UK, London, just across the river..

PostPosted: Mon May 18, 2020 17:42    Post subject: Reply with quote
the only thing that comes to my mind is, spacing is different in win/linux, so when you install on router side manually edit toml file with nano....do not copy paste file...
_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 44538 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 44715 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 44849 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 44849 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 44849 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
martymonster
DD-WRT Novice


Joined: 18 May 2020
Posts: 14

PostPosted: Mon May 18, 2020 23:52    Post subject: Reply with quote
Alozaros wrote:
the only thing that comes to my mind is, spacing is different in win/linux, so when you install on router side manually edit toml file with nano....do not copy paste file...


I tried to run it manually (did not think of that earlier)
/opt/sbin/dnscrypt-proxy dnscrypt-proxy.toml

it returns with

[2020-05-18 23:15:23] [FATAL] Unsupported key in configuration file: [broken_implementations.fragments_blocked]

So I tried the above with the original toml file and it returned the same error.

So I commented out the fragments_blocked line and tried again.
This time it came back with

[2020-05-18 23:33:01] [FATAL] Unsupported key in configuration file: [tls_client_auth]
By default, the creds = is commented out so I commented out the [tls_client_auth] key

Then it had
[2020-05-18 23:36:15] [FATAL] Unsupported key in configuration file: [anonymized_dns.skip_incompatible]

So I commented that out.

This time it started but only ran for a few seconds and then stopped.
Even though I specify a log file for the application, none is created.

For my DNSmasq settings I have the following Enabled
Dnsmasq
Cache DNSSEC data
Validate DNS Replies (DNSSEC)
Local DNS
No DNS Rebind
Query DNS in Strict Order

The Additional Dnsmasq options field is blank, I have not added anything to it

Finally got the log file to work and the error is

UPDATED
[2020-05-19 01:52:02] [FATAL] listen udp 127.0.0.1:53: bind: address already in use

LATEST UPDATE - NOW WORKING

changed the config to listen to PORT 30
added server=127.0.0.1#30 to Dnsmasq options

Did a dig debug.opendns.com txt - it returned encryption active.

All is now good
mac913
DD-WRT Guru


Joined: 02 May 2008
Posts: 1599
Location: Canada

PostPosted: Wed Jul 01, 2020 23:44    Post subject: Reply with quote
I updated to Entware dnscrypt-proxy2 - 2.0.42-1 with telnet...

opkg update
opkg upgrade
/opt/etc/init.d/rc.unslung restart

If you enabled logging with syslog you will see it logged as...
Jul 1 14:45:07 DOT02-AP-WireGuard user.notice root: Started dnscrypt-proxy from .
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: dnscrypt-proxy 2.0.42
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Network connectivity detected
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Source [public-resolvers] loaded
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Source [relays] loaded
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Firefox workaround initialized
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Now listening to 127.0.0.3:30 [UDP]
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Now listening to 127.0.0.3:30 [TCP]
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: [quad9-dnscrypt-ip4-filter-alt] OK (DNSCrypt) - rtt: 7ms
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: [quad9-dnscrypt-ip4-filter-alt] OK (DNSCrypt) - rtt: 7ms - additional certificate
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: [quad9-dnscrypt-ip4-filter-pri] OK (DNSCrypt) - rtt: 6ms
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: [quad9-dnscrypt-ip4-filter-pri] OK (DNSCrypt) - rtt: 6ms - additional certificate
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Sorted latencies:
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: - 6ms quad9-dnscrypt-ip4-filter-pri
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: - 7ms quad9-dnscrypt-ip4-filter-alt
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Server with the lowest initial latency: quad9-dnscrypt-ip4-filter-pri (rtt: 6ms)
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: dnscrypt-proxy is ready - live servers: 2

_________________
Home Network on Telus PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r44483 Std
R7000 - Wired ISP 4K IPTV Gateway - DDWRT r44483 Std

Off Site 1

R7000 - Gateway & WiFi & WireGuard - DDWRT r44483 Std
WRT610Nv1 - Client Bridge - DDWRT r33679 Mega K2.4

Off Site 2

R7000 - Gateway & WiFi - DDWRT r44483 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531


YAMon 3.4.6 | DNSCrypt-Proxy V2
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 3964
Location: UK, London, just across the river..

PostPosted: Thu Jul 02, 2020 0:12    Post subject: Reply with quote
yep, not bad idea to do opkg update/upgrade periodically...
Entware guy said, he is updating the stuff once when its needed, but he doesn't always add the last versions, only the stable instead...

_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 44538 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 44715 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 44849 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 44849 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 44849 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
mac913
DD-WRT Guru


Joined: 02 May 2008
Posts: 1599
Location: Canada

PostPosted: Fri Sep 25, 2020 0:55    Post subject: Reply with quote
I updated to Entware dnscrypt-proxy2 - 2.0.44-1 with telnet...

opkg update
opkg upgrade
/opt/etc/init.d/rc.unslung restart

If you enabled logging with syslog you will see it logged as...
Sep 24 17:51:48 DOT02-AP-WireGuard user.notice root: Started dnscrypt-proxy from .
Sep 24 17:51:48 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: dnscrypt-proxy 2.0.44
Sep 24 17:51:48 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: Network connectivity detected
Sep 24 17:51:48 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: Now listening to 127.0.0.3:30 [UDP]
Sep 24 17:51:48 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: Now listening to 127.0.0.3:30 [TCP]
Sep 24 17:51:48 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: Source [public-resolvers] loaded
Sep 24 17:51:48 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: Source [relays] loaded
Sep 24 17:51:48 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: Firefox workaround initialized
Sep 24 17:51:48 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: [quad9-dnscrypt-ip4-filter-pri] OK (DNSCrypt) - rtt: 6ms
Sep 24 17:51:48 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: [quad9-dnscrypt-ip4-filter-pri] OK (DNSCrypt) - rtt: 6ms - additional certificate
Sep 24 17:51:49 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: [quad9-doh-ip4-filter-pri] OK (DoH) - rtt: 51ms
Sep 24 17:51:49 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: Sorted latencies:
Sep 24 17:51:49 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: - 6ms quad9-dnscrypt-ip4-filter-pri
Sep 24 17:51:49 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: - 51ms quad9-doh-ip4-filter-pri
Sep 24 17:51:49 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: Server with the lowest initial latency: quad9-dnscrypt-ip4-filter-pri (rtt: 6ms)
Sep 24 17:51:49 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[8245]: dnscrypt-proxy is ready - live servers: 2

_________________
Home Network on Telus PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r44483 Std
R7000 - Wired ISP 4K IPTV Gateway - DDWRT r44483 Std

Off Site 1

R7000 - Gateway & WiFi & WireGuard - DDWRT r44483 Std
WRT610Nv1 - Client Bridge - DDWRT r33679 Mega K2.4

Off Site 2

R7000 - Gateway & WiFi - DDWRT r44483 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531


YAMon 3.4.6 | DNSCrypt-Proxy V2
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 3964
Location: UK, London, just across the river..

PostPosted: Fri Sep 25, 2020 6:36    Post subject: Reply with quote
yep there was an opkg update...recently...
i'm not using DNScrypt at the moment, nor ive test it it for a while, last time I set it on a client router...
mac913 could you tell me, is it working, as it should with the update...

for example my stubby bugged and i had to debug it...it turned up it needed to be adjusted to the new openssl 1.1.1g / 1.1.1h now

by any chance do you know what this line means in DNScrypt report its interesting : P

Firefox workaround initialized

_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 44538 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 44715 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 44849 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 44849 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 44849 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
mac913
DD-WRT Guru


Joined: 02 May 2008
Posts: 1599
Location: Canada

PostPosted: Fri Sep 25, 2020 20:27    Post subject: Reply with quote
I'm currently using v2.0.44 with build 44467 on two R7800s. One R7800 it's using Cisco Servers and the other R7800 is using Quad9 Servers and is working fine.

As for the Firefox workaround check out the changlog:
https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/ChangeLog
I use FireFox as my main browser and I have no issues.

_________________
Home Network on Telus PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r44483 Std
R7000 - Wired ISP 4K IPTV Gateway - DDWRT r44483 Std

Off Site 1

R7000 - Gateway & WiFi & WireGuard - DDWRT r44483 Std
WRT610Nv1 - Client Bridge - DDWRT r33679 Mega K2.4

Off Site 2

R7000 - Gateway & WiFi - DDWRT r44483 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531


YAMon 3.4.6 | DNSCrypt-Proxy V2
jauch888888
DD-WRT User


Joined: 23 Apr 2020
Posts: 108

PostPosted: Fri Sep 25, 2020 20:44    Post subject: Reply with quote
mac913 wrote:
I'm currently using v2.0.44 with build 44467 on two R7800s. One R7800 it's using Cisco Servers and the other R7800 is using Quad9 Servers and is working fine.

As for the Firefox workaround check out the changlog:
https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/ChangeLog
I use FireFox as my main browser and I have no issues.


I don't know about Firefox workaround cause it is there since a while, last year it was there and btw I use edge as browser and I see firefox in my log
mac913
DD-WRT Guru


Joined: 02 May 2008
Posts: 1599
Location: Canada

PostPosted: Fri Sep 25, 2020 23:06    Post subject: Reply with quote
jauch888888 wrote:
mac913 wrote:
I'm currently using v2.0.44 with build 44467 on two R7800s. One R7800 it's using Cisco Servers and the other R7800 is using Quad9 Servers and is working fine.

As for the Firefox workaround check out the changlog:
https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/ChangeLog
I use FireFox as my main browser and I have no issues.


I don't know about Firefox workaround cause it is there since a while, last year it was there and btw I use edge as browser and I see firefox in my log


Read the changelog link from my last post about the FireFox workarounds it's coded to all platforms, so I doubt it does anything in these routers since FireFox is not running on the router. It would make more sense that the FireFox Workaround would help platforms in PCs running Windows, Linux etc. along with DNSCrypt v2.

_________________
Home Network on Telus PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r44483 Std
R7000 - Wired ISP 4K IPTV Gateway - DDWRT r44483 Std

Off Site 1

R7000 - Gateway & WiFi & WireGuard - DDWRT r44483 Std
WRT610Nv1 - Client Bridge - DDWRT r33679 Mega K2.4

Off Site 2

R7000 - Gateway & WiFi - DDWRT r44483 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531


YAMon 3.4.6 | DNSCrypt-Proxy V2
Goto page Previous  1, 2, 3, 4, 5 Display posts from previous:    Page 5 of 5
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum