path: root/tools/dnsmasq.html

               

<!DOCTYPE html>
<html dir="ltr" lang="en">
    <head>
        <meta charset='utf-8'>
        <title>Dnscrypt and Dnsmasq</title>
    </head>
    <body>

        <a href="index.html">Tools Index</a>

        <h1>Dnscrypt and Dnsmasq</h1>

        <p>Configure your resolver with a server that don't
        censorship there for respect your freedom and privacy.
        Read <a href="https://trac.torproject.org/projects/tor/wiki/doc/DnsResolver/PublicDnsResolvers#PublicDNSServers">Tor Dns Resolver</a> for more information.</p>

        <pre>
        $ sudo useradd -M -r -s /bin/false -g net net
        </pre>


        <h2 id="dnscrypt">1. Dnscrypt</h2>

        <pre>
        $ prt-get depinst dnscrypt
        </pre>

        <p>Dnscrypt by default resolves to dnscrypt.eu-nl, check file
        /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv for a list of
        compatible servers. Dnscrypt-proxy port from machine-ports contains
        <a href="conf/etc/rc.d/dnscrypt-proxy">dnscrypt-proxy</a> init
        script configured to use dnscrypt.eu-dk resolver and run as 
        nobody user. Basic usage example;</p>

        <pre>
        $ sudo -u net  dnscrypt-proxy --daemonize --resolver-name=&lt;resolver name&gt;
        </pre>

        <h2 id="dnsmasq">2. Dnsmasq</h2>

        <p>Edit <a href="conf/etc/resolv.conf">resolv.conf</a>;</p>

        <pre>
        # /etc/resolv.conf.head can replace this line
        nameserver 127.0.0.1
        # CCC server
        # nameserver 213.73.91.35
        # OpenNIC Servers
        # nameserver 192.71.249.83
        # nameserver 5.135.183.146
        </pre>

        <p>Make sure daemons like dhcpd don't change it,
        turn on immutable attribute;</p>

        <pre>
        $chattr +i resolv.conf
        </pre>

        <p>Dnsmasq provides dns caching and dhcpd, example configuration
        files:
        <a href="conf/etc/dnsmasq.conf">dnsmasq.conf</a> (change interface),
        <a href="conf/etc/hosts.dnsmasq">hosts.dnsmasq</a>.</p>

        <p>Check /var/lib/dhcp/dnsmasq.leases to get list of dhcp leases
        assigned.</p>

        <h3>Local host</h3>

	<p>To configure dnsmasq for local host only change configuration provided values to;</p>

        <pre>
	server=10.0.0.254
	#local=/ank/
	#interface=br0
	#interface=wlp7s0
	listen-address=127.0.0.7
	#no-dhcp-interface=wlp7s0
	#dhcp-range=10.0.0.100,10.0.0.200,255.0.0.0,2h
	#enable-tftp
        </pre>

        <a href="index.html">Tools Index</a>

        <p>
        This is part of the Tribu System Documentation.
        Copyright (C) 2020
        Tribu Team.
        See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> for copying conditions.</p>
    </body>
</html>
<!DOCTYPE html>
<html dir="ltr" lang="en">
    <head>
        <meta charset='utf-8'>
        <title>Dnscrypt and Dnsmasq</title>
    </head>
    <body>

        <a href="index.html">Tools Index</a>

        <h1>Dnscrypt and Dnsmasq</h1>

        <p>Configure your resolver with a server that don't
        censorship there for respect your freedom and privacy.
        Read <a href="https://trac.torproject.org/projects/tor/wiki/doc/DnsResolver/PublicDnsResolvers#PublicDNSServers">Tor Dns Resolver</a> for more information.</p>

        <pre>
        $ sudo useradd -M -r -s /bin/false -g net net
        </pre>


        <h2 id="dnscrypt">1. Dnscrypt</h2>

        <pre>
        $ prt-get depinst dnscrypt
        </pre>

        <p>Dnscrypt by default resolves to dnscrypt.eu-nl, check file
        /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv for a list of
        compatible servers. Dnscrypt-proxy port from machine-ports contains
        <a href="conf/etc/rc.d/dnscrypt-proxy">dnscrypt-proxy</a> init
        script configured to use dnscrypt.eu-dk resolver and run as 
        nobody user. Basic usage example;</p>

        <pre>
        $ sudo -u net  dnscrypt-proxy --daemonize --resolver-name=&lt;resolver name&gt;
        </pre>

        <h2 id="dnsmasq">2. Dnsmasq</h2>

        <p>Edit <a href="conf/etc/resolv.conf">resolv.conf</a>;</p>

        <pre>
        # /etc/resolv.conf.head can replace this line
        nameserver 127.0.0.1
        # CCC server
        # nameserver 213.73.91.35
        # OpenNIC Servers
        # nameserver 192.71.249.83
        # nameserver 5.135.183.146
        </pre>

        <p>Make sure daemons like dhcpd don't change it,
        turn on immutable attribute;</p>

        <pre>
        $chattr +i resolv.conf
        </pre>

        <p>Dnsmasq provides dns caching and dhcpd, example configuration
        files:
        <a href="conf/etc/dnsmasq.conf">dnsmasq.conf</a> (change interface),
        <a href="conf/etc/hosts.dnsmasq">hosts.dnsmasq</a>.</p>

        <p>Check /var/lib/dhcp/dnsmasq.leases to get list of dhcp leases
        assigned.</p>

        <h3>Local host</h3>

	<p>To configure dnsmasq for local host only change configuration provided values to;</p>

        <pre>
	server=10.0.0.254
	#local=/ank/
	#interface=br0
	#interface=wlp7s0
	listen-address=127.0.0.7
	#no-dhcp-interface=wlp7s0
	#dhcp-range=10.0.0.100,10.0.0.200,255.0.0.0,2h
	#enable-tftp
        </pre>

        <a href="index.html">Tools Index</a>

        <p>
        This is part of the Tribu System Documentation.
        Copyright (C) 2020
        Tribu Team.
        See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> for copying conditions.</p>
    </body>
</html>