blob: 720979b2e19ec57e05d2061cd108bd00d9a08e65 (
plain) (
tree)
|
|
<!DOCTYPE html>
<html dir="ltr" lang="en">
<head>
<meta charset='utf-8'>
<title>Dnscrypt and Dnsmasq</title>
</head>
<body>
<a href="index.html">Tools Index</a>
<h1>Dnscrypt and Dnsmasq</h1>
<p>Configure your resolver with a server that don't
censorship there for respect your freedom and privacy.
Read <a href="https://trac.torproject.org/projects/tor/wiki/doc/DnsResolver/PublicDnsResolvers#PublicDNSServers">Tor Dns Resolver</a> for more information.</p>
<pre>
$ sudo useradd -M -r -s /bin/false -g net net
</pre>
<h2 id="dnscrypt">1. Dnscrypt</h2>
<pre>
$ prt-get depinst dnscrypt
</pre>
<p>Dnscrypt by default resolves to dnscrypt.eu-nl, check file
/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv for a list of
compatible servers. Dnscrypt-proxy port from c9-ports contains
<a href="conf/etc/rc.d/dnscrypt-proxy">dnscrypt-proxy</a> init
script configured to use dnscrypt.eu-dk resolver and run as
nobody user. Basic usage example;</p>
<pre>
$ sudo -u net dnscrypt-proxy --daemonize --resolver-name=<resolver name>
</pre>
<h2 id="dnsmasq">2. Dnsmasq</h2>
<p>Edit <a href="conf/etc/resolv.conf">resolv.conf</a>;</p>
<pre>
# /etc/resolv.conf.head can replace this line
nameserver 127.0.0.1
# CCC server
# nameserver 213.73.91.35
# OpenNIC Servers
# nameserver 192.71.249.83
# nameserver 5.135.183.146
</pre>
<p>Make sure daemons like dhcpd don't change it,
turn on immutable attribute;</p>
<pre>
$chattr +i resolv.conf
</pre>
<p>Dnsmasq provides dns caching and dhcpd, example configuration
files:
<a href="conf/etc/dnsmasq.conf">dnsmasq.conf</a> (change interface),
<a href="conf/etc/hosts.dnsmasq">hosts.dnsmasq</a>.</p>
<p>Check /var/lib/dhcp/dnsmasq.leases to get list of dhcp leases
assigned.</p>
<a href="index.html">Tools Index</a>
<p>
This is part of the c9-doc Manual.
Copyright (C) 2016
c9 team.
See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> for copying conditions.</p>
</body>
</html>
|