What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

DNScrypt dnscrypt installer for asuswrt

Could it be dns leaks might also have been caused by clients caching dns locally? Currently with beta 11, with both WAN DNS servers in the WebUI blank, I have no leaks whatsoever anymore, so everything runs smoothly here.

That's what I'm talking about in 2, because if you have other DNS setup on your client, all bets are moot, unless you use the catch all iptables rule that my script also has.

Another possible issue is VPN but I do not have any to try.
 
That's what I'm talking about in 2, because if you have other DNS setup on your client, all bets are moot, unless you use the catch all iptables rule that my script also has.

Another possible issue is VPN but I do not have any to try.
I have a vpn and I have no leaks using the routers local ip as the wan setting for dns.
 
The beta 11 is working real well for me! The rtt results keep pretty much the same except once in a while it gives a lower result (almost exactly half of the usual result). Its a real good script!! I recommend using it.
 
I'd just like to clarify something (both for myself and everyone following along out here in cyberspace) -
does @thelonelycoder 's amtm option 2, update dnscrypt installer, run @bigeyes0x0 's new script/version?
Not that I'm aware of. The new dnscrypt installer is in beta and while it remains there @bigeyes0x0 will keep the two separate.
Once it is out of beta it will automatically be the new installer in amtm, with the same old installer URL. That's what we briefly discussed and agreed on.
 
Last edited:
Very nice script. Just used it to try dnscrypt-proxy-v2. After the reboot, lost connection to the router. Had to manually restart the router to restore the connectivity, but everything worked fine afterwards.

I have one question though. I have used the installer script to install this and did nothing else. In the tutorial given in DNSCrypt is reborn it is suggested that,

Code:
Go your router GUI,
Set the Wan and IPv6, to Manual configure and leave dns 1 and dns 2 EMPTY.

If I have used the installer script, do I still need to do that?
 
Very nice script. Just used it to try dnscrypt-proxy-v2. After the reboot, lost connection to the router. Had to manually restart the router to restore the connectivity, but everything worked fine afterwards.

I have one question though. I have used the installer script to install this and did nothing else. In the tutorial given in DNSCrypt is reborn it is suggested that,

Code:
Go your router GUI,
Set the Wan and IPv6, to Manual configure and leave dns 1 and dns 2 EMPTY.

If I have used the installer script, do I still need to do that?
I think the scripts defines noresolv so even if you had something in WAN DNS it would over ride it.
 
Go to dns leak checker and you should see non isp dns only.
Code:
https://www.dnsleaktest.com/
 
I think the scripts defines noresolv so even if you had something in WAN DNS it would over ride it.

I see.

Another question. After changing the dnscrypt-proxy.toml file, how do I make sure the updated toml file is used? Do I have to reboot every time?
 
You
I see.

Another question. After changing the dnscrypt-proxy.toml file, how do I make sure the updated toml file is used? Do I have to reboot every time?
You can try:
Code:
service restart_dnsmasq
 
You
You can try:
Code:
service restart_dnsmasq
Also in regards to what you should have in WAN DNS settings; I would use 1 address just use your routers local address (example 192.168.x.x) do not define any dns in LAN DNS settings. Depending on what you changed in the .toml file this works for me it should work for you. Enjoy!
EDIT: I meant as an example 192.168.1.1
 
Also in regards to what you should have in WAN DNS settings; I would use 1 address just use your routers local address (example 192.168.x.x) do not define any dns in LAN DNS settings. Depending on what you changed in the .toml file this works for me it should work for you. Enjoy!
EDIT: I meant as an example 192.168.1.1

I tried 'service restart_dnsmasq', but after the restart there is no syslog entry for dnscrypt. I looked at the /jffs/scripts/dnsmasq.postconf file and it only makes the manager script executable and runs it. I don't know whether calling it restarts everything related to dnscrypt or not.

Edit: Actually it does. Just after a while.

Regarding LAN DNS, I don't have anything defined there. In the toml file I added some path for log so that I can see what's happening.
 
I tried 'service restart_dnsmasq', but after the restart there is no syslog entry for dnscrypt. I looked at the /jffs/scripts/dnsmasq.postconf file and it only makes the manager script executable and runs it. I don't know whether calling it restarts everything related to dnscrypt or not.

Edit: Actually it does. Just after a while.

Regarding LAN DNS, I don't have anything defined there. In the toml file I added some path for log so that I can see what's happening.
You should see something like this 2 times an hour if you haven't changed log verbosity.
Code:
Jan 30 16:01:30 dnscrypt-proxy[754]: [google] OK (DoH) - rtt: 66ms
I don't know if your extra log instruction is supported but hey.....
 
You
You can try:
Code:
service restart_dnsmasq

I found this in the dnscrypt-proxy.toml file,

Code:
###############################  
#        Query logging        #  
###############################
                       
## Log client queries to a file                                

[query_log]                                                                                                    

## Path to the query log file (absolute, or relative to the same directory as the executable file)
                                                                         
file = '/mnt/usb1/dnscrypt-log/query.log'                  

                                     
## Query log format (currently supported: tsv and ltsv)

format = 'tsv'

My assumption was as it is mentioned in the toml file, it would work out of the box. But apparently not.
 
This is to restart dnsmasq not dnscrypt-proxy itself. Use "/jffs/dnscrypt/manager dnscrypt-start" for this.

Thanks!

Is there any way to direct logs of the queries resolved to a log file in usb?
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Back
Top