Again, sorry for the mess! It was hard to fight a bug which I don't haveGo ahead, started after 59 seconds of booting
Thanks
Dnscrypt from opendns
- Thread starter shooter40sw
- Start date
TeHashX
Very Senior Member
Added wiki
After a while, if I go to test page http://welcome.opendns.com/ I get "Oops... You aren't using OpenDNS yet"
dnscrypt-proxy is started but host file shows only
Now I have to see after how much time is stop working and why.
After a while, if I go to test page http://welcome.opendns.com/ I get "Oops... You aren't using OpenDNS yet"
dnscrypt-proxy is started but host file shows only
Code:
admin@RT-AC66U:/tmp/home/root# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.1.1 router.asus.com
192.168.1.1 www.asusnetwork.net
192.168.1.1 www.asusrouter.com
192.168.1.1 RT-AC66U. RT-AC66U
::1 localhost6.localdomain6 localhost6The same result.
Try to click other two test links. It's seems OK.
On Windows clients, don't forget to clean DNS cache by:
Code:
> ipconfig /flushdnsNevermind, as long as system date is right, no need to add those strings to /etc/hosts again.
Last edited:
No, it was overwritted by dnsmasq_restart system event. It's OK.
Last edited:
K
krabs
Guest
Many thanks for this great tutorial
I was looking at github for more information about dns-crypt and found an interesting subject about dns cache.
https://github.com/opendns/dnscrypt-proxy#using-dnscrypt-in-combination-with-a-dns-cache
http://lunesu.com/index.php?/archives/128-Finally-unbound-+-dnsmasq.html
Would this give a huge performance boost?
I was looking at github for more information about dns-crypt and found an interesting subject about dns cache.
https://github.com/opendns/dnscrypt-proxy#using-dnscrypt-in-combination-with-a-dns-cache
http://lunesu.com/index.php?/archives/128-Finally-unbound-+-dnsmasq.html
Would this give a huge performance boost?
That's what exactly we've done here! When you'll complete HOW-TO steps, you'll get secured DNS requests cached by dnsmasq.
No need to do any additional steps, caching is working.
K
krabs
Guest
So if I understand correctly dnsmasq is always configured caching ?
It's a preconfigured parameter.
We only forward dnscrypt to make actually use of the dns caching
And my previous comment was completely stupid I see know
In firmware? Yes, up to 1500 entries will be cached:
Code:
admin@RT-N66U:/tmp/home/root# grep cache /etc/dnsmasq.conf
no-negcache
cache-size=1500
netmik3
Senior Member
Well crap, optware keeps disabling entware after restarts, even after being uninstalled.
Btw, did anyone look into enforcing dns?
https://github.com/RMerl/asuswrt-merlin/wiki/Iptables-tips
Btw, did anyone look into enforcing dns?
https://github.com/RMerl/asuswrt-merlin/wiki/Iptables-tips
shooter40sw
Senior Member
Is there a way without installing entware?
Hi guys I saw the procedure, in entware but I have to uninstall download manager that I use I dont feel very good installing entware just to use dnscrypt I am tempted to do it but... I saw in google that tomato has this in the firmware just with a check mark now like merlinwrt is based on it can it be possible that Merlin activates this without the need of installing entware? I dont want to change Merlins firmware to tomato I really like his work and Im not going to take that route Im just asking if its possible or if its in Merlins plans.
Thanks
Hi guys I saw the procedure, in entware but I have to uninstall download manager that I use I dont feel very good installing entware just to use dnscrypt I am tempted to do it but... I saw in google that tomato has this in the firmware just with a check mark now like merlinwrt is based on it can it be possible that Merlin activates this without the need of installing entware? I dont want to change Merlins firmware to tomato I really like his work and Im not going to take that route Im just asking if its possible or if its in Merlins plans.
Thanks
K
krabs
Guest
If you install entware you also can use transmission aka "download manager".
https://github.com/RMerl/asuswrt-merlin/wiki/Installing-Transmission-through-Entware
It's a win,win situation because with entware's transmission you will get a huge speed improvement
TeHashX
Very Senior Member
I removed dnscrypt and followed instructions from here https://store.opendns.com/setup/device/asus_device
the result is the same:
internetbadguys.com showing "Phishing Site Blocked"
http://www.craigslist.og is opening as http://www.craigslist.org
the result is the same:
internetbadguys.com showing "Phishing Site Blocked"
http://www.craigslist.og is opening as http://www.craigslist.org
Not the same. You lost encryption of DNS traffic between router and OpenDNS.
Hi!
2) mcedit /jffs/scripts/wan-start
3) copy code block from this thread,
4) return to ssh console and press Shift + Ins,
5) press F2 to save changes.
1) opkg install mc
2) mcedit /jffs/scripts/wan-start
3) copy code block from this thread,
4) return to ssh console and press Shift + Ins,
5) press F2 to save changes.
S_Mulligan
New Around Here
I think I'm having this problem too - is there a fix? Here's my scenario:
Partition and format (ext3) usb flash drive from within router. Install entware and dnscrypt as described in the wiki. OpenDNS test pages indicate success. System log shows dnscrypt activity. All systems go.
After reboot, entware becomes disabled and /opt goes missing. usb drive is still mounted, however it is now sdb1 instead of sda1. I see that the post-mount script looks for sda1; could that be the breaking point? Could we modify the script to have it look for the sdx1 containing entware as I think some other scripts do?
Also, since dnscrypt does caching, is it safe to assume that windows DNS client can be disabled?
And finally, under WAN configuration, does it even matter if 'Connect to DNS server automatically' is enabled or disabled, if dnscrypt is active?
Thanks
K
krabs
Guest
Hi
First off all you'd better reformat your usb flash drive to ext2 because ext3 is a journaling filesystem. Ext2 performs fewer writes than ext3 since it does not need to write to the journal.
For the entware problem you can give your partions a label. Then use this great script from Nerre.
Give it a label
Code:
tune2fs -L label /dev/partitionPlace this script in post-mount
Code:
#!/bin/sh
[ ! -e /tmp/opt ] && [ -e /mnt/<label> ] && ln -s /mnt/<label> /tmp/opt
sleep 2s
[ "$1" = "/tmp/mnt/<label>" ] && /opt/etc/init.d/rc.unslung startAnd as far as I know you can disable DNS client under services
Also it doesn't matter if 'Connect to DNS server is enabled because we add "no-resolv" to it in /jffs/configs/dnsmasq.conf.add
Last edited by a moderator:
Similar threads
Similar threads
| Thread starter | Title | Forum | Replies | Date |
|---|---|---|---|---|
| B | (solved) Dnscrypt blocked-names.txt automatically deleted upon modification | Asuswrt-Merlin | 4 |
Similar threads
-
(solved) Dnscrypt blocked-names.txt automatically deleted upon modification
- Started by Boji
- Replies: 4
Latest threads
-
Hyperotpic router replacement - will it solve my problem with connection dropping!
- Started by ACME NoLiFe
- Replies: 2
-
-
-
LAN > DHCP List - Manually Assigned Name + Icon DONT SAVE
- Started by copperhead
- Replies: 4
-
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!