Entware DNSCrypt-Proxy V2 on DDWRT

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions
Goto page Previous  1, 2, 3, 4, 5
Author Message
martymonster
DD-WRT Novice


Joined: 18 May 2020
Posts: 14

PostPosted: Mon May 18, 2020 11:41    Post subject: Reply with quote
jauch888888 wrote:
martymonster wrote:
Not sure why you say it is working when it shows as dead and cannot be seen in Top as a running process.


He says that cause it works, really. I think the problem is about your configuration. It can be anything.

I play a lot with dnscrypt proxy, I test a lot of things, anonymized_dns + different configurations etc.

And sometimes, just a little thing and it doesn't work after restarting .

Shoot your toml file


Here is my toml file



dnscrypt-proxy.toml.txt
 Description:

Download
 Filename:  dnscrypt-proxy.toml.txt
 Filesize:  21.57 KB
 Downloaded:  61 Time(s)

Sponsor
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 3712
Location: UK, London, just across the river..

PostPosted: Mon May 18, 2020 17:42    Post subject: Reply with quote
the only thing that comes to my mind is, spacing is different in win/linux, so when you install on router side manually edit toml file with nano....do not copy paste file...
_________________
Atheros
TP-Link WR740Nv1 ------DD-WRT 44085 BS AP,NAT
TP-Link WR740Nv4 ------DD-WRT 43028 BS WAP/Switch
TP-Link WR1043NDv2 ----DD-WRT 44112 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN
TP-Link WR1043NDv2 ----DD-WRT 44048 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN
TP-Link WR1043NDv2 ----Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -------DD-WRT 44112 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -------DD-WRT 44112 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
------------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
martymonster
DD-WRT Novice


Joined: 18 May 2020
Posts: 14

PostPosted: Mon May 18, 2020 23:52    Post subject: Reply with quote
Alozaros wrote:
the only thing that comes to my mind is, spacing is different in win/linux, so when you install on router side manually edit toml file with nano....do not copy paste file...


I tried to run it manually (did not think of that earlier)
/opt/sbin/dnscrypt-proxy dnscrypt-proxy.toml

it returns with

[2020-05-18 23:15:23] [FATAL] Unsupported key in configuration file: [broken_implementations.fragments_blocked]

So I tried the above with the original toml file and it returned the same error.

So I commented out the fragments_blocked line and tried again.
This time it came back with

[2020-05-18 23:33:01] [FATAL] Unsupported key in configuration file: [tls_client_auth]
By default, the creds = is commented out so I commented out the [tls_client_auth] key

Then it had
[2020-05-18 23:36:15] [FATAL] Unsupported key in configuration file: [anonymized_dns.skip_incompatible]

So I commented that out.

This time it started but only ran for a few seconds and then stopped.
Even though I specify a log file for the application, none is created.

For my DNSmasq settings I have the following Enabled
Dnsmasq
Cache DNSSEC data
Validate DNS Replies (DNSSEC)
Local DNS
No DNS Rebind
Query DNS in Strict Order

The Additional Dnsmasq options field is blank, I have not added anything to it

Finally got the log file to work and the error is

UPDATED
[2020-05-19 01:52:02] [FATAL] listen udp 127.0.0.1:53: bind: address already in use

LATEST UPDATE - NOW WORKING

changed the config to listen to PORT 30
added server=127.0.0.1#30 to Dnsmasq options

Did a dig debug.opendns.com txt - it returned encryption active.

All is now good
mac913
DD-WRT Guru


Joined: 02 May 2008
Posts: 1553
Location: Canada

PostPosted: Wed Jul 01, 2020 23:44    Post subject: Reply with quote
I updated to Entware dnscrypt-proxy2 - 2.0.42-1 with telnet...

opkg update
opkg upgrade
/opt/etc/init.d/rc.unslung restart

If you enabled logging with syslog you will see it logged as...
Jul 1 14:45:07 DOT02-AP-WireGuard user.notice root: Started dnscrypt-proxy from .
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: dnscrypt-proxy 2.0.42
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Network connectivity detected
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Source [public-resolvers] loaded
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Source [relays] loaded
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Firefox workaround initialized
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Now listening to 127.0.0.3:30 [UDP]
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Now listening to 127.0.0.3:30 [TCP]
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: [quad9-dnscrypt-ip4-filter-alt] OK (DNSCrypt) - rtt: 7ms
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: [quad9-dnscrypt-ip4-filter-alt] OK (DNSCrypt) - rtt: 7ms - additional certificate
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: [quad9-dnscrypt-ip4-filter-pri] OK (DNSCrypt) - rtt: 6ms
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: [quad9-dnscrypt-ip4-filter-pri] OK (DNSCrypt) - rtt: 6ms - additional certificate
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Sorted latencies:
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: - 6ms quad9-dnscrypt-ip4-filter-pri
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: - 7ms quad9-dnscrypt-ip4-filter-alt
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: Server with the lowest initial latency: quad9-dnscrypt-ip4-filter-pri (rtt: 6ms)
Jul 1 14:45:07 DOT02-AP-WireGuard daemon.notice dnscrypt-proxy[17464]: dnscrypt-proxy is ready - live servers: 2

_________________
Home Network on Telus PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway WiFi 3xWireGuard - DDWRT r44112 Std
R7000 - Wired IPTV Gateway - DDWRT r44112 Std
E3000 - Wired IPTV Router - DDWRT K2.6 r44112 Mega
WHR-HP-G54 - Internal Routing - DDWRT r35531 std-special

Off Site 1

R7000 - Gateway, WiFi & WireGuard - DDWRT r44112 Std
WRT610Nv1 - Client Bridge - DDWRT r33679 Mega K2.4

Off Site 2

R7000 - Gateway & WiFi - DDWRT r43217 Std
E2000 - Wired PVR Blocker - DDWRT r35531


YAMon 3.4.6 | DNSCrypt-Proxy V2
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 3712
Location: UK, London, just across the river..

PostPosted: Thu Jul 02, 2020 0:12    Post subject: Reply with quote
yep, not bad idea to do opkg update/upgrade periodically...
Entware guy said, he is updating the stuff once when its needed, but he doesn't always add the last versions, only the stable instead...

_________________
Atheros
TP-Link WR740Nv1 ------DD-WRT 44085 BS AP,NAT
TP-Link WR740Nv4 ------DD-WRT 43028 BS WAP/Switch
TP-Link WR1043NDv2 ----DD-WRT 44112 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN
TP-Link WR1043NDv2 ----DD-WRT 44048 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN
TP-Link WR1043NDv2 ----Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -------DD-WRT 44112 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -------DD-WRT 44112 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
------------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
Goto page Previous  1, 2, 3, 4, 5 Display posts from previous:    Page 5 of 5
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum