Dnscrypt and Dnsmasq

Configure your resolver with a server that don't censorship there for respect your freedom and privacy. Read Tor Dns Resolver for more information.

        $ sudo useradd -M -r -s /bin/false -g net net
        

1. Dnscrypt

        $ prt-get depinst dnscrypt
        

Dnscrypt by default resolves to dnscrypt.eu-nl, check file /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv for a list of compatible servers. Dnscrypt-proxy port from machine-ports contains dnscrypt-proxy init script configured to use dnscrypt.eu-dk resolver and run as nobody user. Basic usage example;

        $ sudo -u net  dnscrypt-proxy --daemonize --resolver-name=<resolver name>
        

2. Dnsmasq

Edit resolv.conf;

        # /etc/resolv.conf.head can replace this line
        nameserver 127.0.0.1
        # CCC server
        # nameserver 213.73.91.35
        # OpenNIC Servers
        # nameserver 192.71.249.83
        # nameserver 5.135.183.146
        

Make sure daemons like dhcpd don't change it, turn on immutable attribute;

        $chattr +i resolv.conf
        

Dnsmasq provides dns caching and dhcpd, example configuration files: dnsmasq.conf (change interface), hosts.dnsmasq.

Check /var/lib/dhcp/dnsmasq.leases to get list of dhcp leases assigned.

Local host

To configure dnsmasq for local host only change configuration provided values to;

	server=10.0.0.254
	#local=/ank/
	#interface=br0
	#interface=wlp7s0
	listen-address=127.0.0.7
	#no-dhcp-interface=wlp7s0
	#dhcp-range=10.0.0.100,10.0.0.200,255.0.0.0,2h
	#enable-tftp
        

This is part of the LeetIO System Documentation. Copyright (C) 2021 LeetIO Team. See the file Gnu Free Documentation License for copying conditions.