about summary refs log blame commit diff stats
path: root/tools/dnsmasq.html
blob: 720979b2e19ec57e05d2061cd108bd00d9a08e65 (plain) (tree)
1
2
3
4
5
6
7
8
9
10
11
12











                                            


                                                                                                                                                                       
 




                                                     
                                          




                                  





                                                                      

             
                                                                                       

              
                                        
 
                                                                   

             
                                                     
                            

                                 


                                  










                                                                        

                                                                            
 


                                                                        
                                            
 






                                                                                                                        
 <!DOCTYPE html>
<html dir="ltr" lang="en">
    <head>
        <meta charset='utf-8'>
        <title>Dnscrypt and Dnsmasq</title>
    </head>
    <body>

        <a href="index.html">Tools Index</a>

        <h1>Dnscrypt and Dnsmasq</h1>

        <p>Configure your resolver with a server that don't
        censorship there for respect your freedom and privacy.
        Read <a href="https://trac.torproject.org/projects/tor/wiki/doc/DnsResolver/PublicDnsResolvers#PublicDNSServers">Tor Dns Resolver</a> for more information.</p>

        <pre>
        $ sudo useradd -M -r -s /bin/false -g net net
        </pre>


        <h2 id="dnscrypt">1. Dnscrypt</h2>

        <pre>
        $ prt-get depinst dnscrypt
        </pre>

        <p>Dnscrypt by default resolves to dnscrypt.eu-nl, check file
        /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv for a list of
        compatible servers. Dnscrypt-proxy port from c9-ports contains
        <a href="conf/etc/rc.d/dnscrypt-proxy">dnscrypt-proxy</a> init
        script configured to use dnscrypt.eu-dk resolver and run as 
        nobody user. Basic usage example;</p>

        <pre>
        $ sudo -u net  dnscrypt-proxy --daemonize --resolver-name=&lt;resolver name&gt;
        </pre>

        <h2 id="dnsmasq">2. Dnsmasq</h2>

        <p>Edit <a href="conf/etc/resolv.conf">resolv.conf</a>;</p>

        <pre>
        # /etc/resolv.conf.head can replace this line
        nameserver 127.0.0.1
        # CCC server
        # nameserver 213.73.91.35
        # OpenNIC Servers
        # nameserver 192.71.249.83
        # nameserver 5.135.183.146
        </pre>

        <p>Make sure daemons like dhcpd don't change it,
        turn on immutable attribute;</p>

        <pre>
        $chattr +i resolv.conf
        </pre>

        <p>Dnsmasq provides dns caching and dhcpd, example configuration
        files:
        <a href="conf/etc/dnsmasq.conf">dnsmasq.conf</a> (change interface),
        <a href="conf/etc/hosts.dnsmasq">hosts.dnsmasq</a>.</p>

        <p>Check /var/lib/dhcp/dnsmasq.leases to get list of dhcp leases
        assigned.</p>

        <a href="index.html">Tools Index</a>

        <p>
        This is part of the c9-doc Manual.
        Copyright (C) 2016
        c9 team.
        See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> for copying conditions.</p>
    </body>
</html>