What's new

DNScrypt dnscrypt installer for asuswrt

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

'cloudflare-family' and 'cloudflare-family-ipv6' can be used if you are wanting to also parental control safe-search and block other inappropriate explicit bad stuff.


sorry my post above is awaiting moderation.
 
yes I know,
but I wondered if I had to just adding ''cloudflare-security'' in the toml config, cause when I try, I lose wifi
it is on their list of supported servers, the only way i would see you losing internet is if you need to update your server files by running update.

Basically, if your dnscrypt-proxy directory doesn't have the latest server files, then this would explain why you have are having dns failure and the .toml relies on those files being maintained and kept up to date when using newer servers.
 
it is on their list of supported servers, the only way i would see you losing internet is if you need to update your server files by running update.

Basically, if your dnscrypt-proxy directory doesn't have the latest server files, then this would explain why you have are having dns failure and the .toml relies on those files being maintained and kept up to date when using newer servers.
Ok I see.
Via ssh, I guess i can see the version i have, and update ?

Thanks again

Envoyé de mon SM-G960W en utilisant Tapatalk
 
are you running this on Asuswrt Merlin router using this installer?
if so, you can run
Code:
curl -L -s -k -O https://raw.githubusercontent.com/thuantran/dnscrypt-asuswrt-installer/master/installer && sh installer ; rm installer
inside SSH and just choose to run option 1 and let it update everything. you can even reconfigure from the menu if you want.
 
are you running this on Asuswrt Merlin router using this installer?
if so, you can run
Code:
curl -L -s -k -O https://raw.githubusercontent.com/thuantran/dnscrypt-asuswrt-installer/master/installer && sh installer ; rm installer
inside SSH and just choose to run option 1 and let it update everything. you can even reconfigure from the menu if you want.
I have an asus but since a few weeks I try dd wrt but I ask some infos here cause you are pretty good :)

Envoyé de mon SM-G960W en utilisant Tapatalk
 
I have an asus but since a few weeks I try dd wrt but I ask some infos here cause you are pretty good :)

Envoyé de mon SM-G960W en utilisant Tapatalk
Well if you decide to go to use asuswrt-merlin , I highly recommend it because there is alot of help in this forum. All the user scripts are streamlined to assist the user as well and Merlin keeps supported firmwares up-to-date with the latest security patches available.
 
I just saw that cloudflare have their new filter dns, 1.1.1.2 and .1.1.1.3.
but on ''https://dnscrypt.info/public-servers/'' the protocol supported by them is DOT..... in dnscrypt toml confi, Can I just put '' 'cloudflare-family' or 'cloudflare-security' to use it or I need to to use the stamp tool?

cause when I add ''cloudflare-security' in '' server_names'' I lose wifi

thanks
Did you add cloudflare servers like this in your toml?
Code:
server_names = ['cloudflare-security', 'cloudflare-security-ipv6']
 
even
Did you add cloudflare servers like this in your toml?
Code:
server_names = ['cloudflare-security', 'cloudflare-security-ipv6']

even 'cloudflare' does not work, losing internet, when I removed it, just restart dnscrypt proxy service from ssh and wifi comes back.
 
/snip

DNSCrypt Installer also have built in "Health Check" to help out with Relay randomization
:)
Any questions on this setup or want help with another setup just ask ;)

snip/

Thank you, your instructions were really helpful.

Quick questions:
1) How did you do this Health Check?
2) How to ensure that DNSCrypt is actually working?
3) How to test?
4) Also, if I modify the dnscrypt-proxy.toml manually (I have added an OpenNIC server list) ; what is the best way to reload?
- Restart router
- Or just execute ./dnscrypt-proxy -service restart

Thanks you.
 
Thank you, your instructions were really helpful.

Quick questions:
1) How did you do this Health Check?
2) How to ensure that DNSCrypt is actually working?
3) How to test?
4) Also, if I modify the dnscrypt-proxy.toml manually (I have added an OpenNIC server list) ; what is the best way to reload?
- Restart router
- Or just execute ./dnscrypt-proxy -service restart

Thanks you.
1) Health check restarts the proxy every 12 hours (as it is now one random relay is chosen on proxy startup if the user has chosen more then one that is;)) So this provides randomization for relays until it is added in a new DNSCrypt-proxy version.
2) First page in this thread has some info on how to check if it is working (pidof dnscrypt-proxy will return a number in your ssh client) and recommend checking dnsleaktest.com also
3) ?
4) I use: /jffs/dnscrypt/manager dnscrypt-start (to restart the proxy)

And happy you liked the instructions ;)
 
Last edited:
1) Health check restarts the proxy every 12 hours (as it is now one random relay is chosen on proxy startup if the user has chosen more then one that is;)) So this provides randomization for relays until it is added in a new DNSCrypt-proxy version.
2) First page in this thread has some info on how to check if it is working (pidof dnscrypt-proxy will return a number in your ssh client) and recommend checking dnsleaktest.com also
3) ?
4) I use: /jffs/dnscrypt/manager dnscrypt-start (to restart the proxy)

And happy you liked the instructions ;)

Thanks for the quick reply.

- I wish to enable the DNSCrypt, Query and NX Logs to actually check what is going on? I believe I can do this by editing the .toml file and enabling the 3 entries.
- How do I ensure that the logs are created in the USB Drive and not on the router (worried about writing too much to the internal flash memory)?
 
Thanks for the quick reply.

- I wish to enable the DNSCrypt, Query and NX Logs to actually check what is going on? I believe I can do this by editing the .toml file and enabling the 3 entries.
- How do I ensure that the logs are created in the USB Drive and not on the router (worried about writing too much to the internal flash memory)?
I have not tested these extra logging options from the toml. My guess is that (if it works) they will be created in the dnscrypt folder on the router, Don't know how to redirect it to a usb location.
You could maybe check dnsmasq log instead
 
I have not tested these extra logging options from the toml. My guess is that (if it works) they will be created in the dnscrypt folder on the router, Don't know how to redirect it to a usb location.
You could maybe check dnsmasq log instead
All the logs appear in the dnscrypt folder.
You could try specifying a full path to the USB file or create links that redirect to the USB.
I have tried all the various logs but not in a location other than [dnscrypt folder].
P.S.
Just tried full path and it works !!! :)
 
Previously (before I had the Asus AX88U router), my setup was as
- Linksys router
- Pi-Hole (+pixelserv) running on Raspberry Pi
- DNSCrypt-proxy on Raspberry Pi

My new setup requirements:
- DNSCrypt-proxy running on the router
- Pi-Hole running on Raspberry Pi

I want the RPi to just control ad-blocking. Even if RPi was switched off, internet connectivity should still be fine.
This gives the added advantage that if certain web-sites do not work due to ad-blocking by Pi-Hole, all I need to do is switch off RPi for a quick-fix.
I am not at home all times; so this is an easy solution for my better half.

Questions:
What would be my Router settings?
How/ what do I assign in the RPi (Upstream DNS Servers page) so as to resolve through DNSCrypt from router?
 
Previously (before I had the Asus AX88U router), my setup was as
- Linksys router
- Pi-Hole (+pixelserv) running on Raspberry Pi
- DNSCrypt-proxy on Raspberry Pi

My new setup requirements:
- DNSCrypt-proxy running on the router
- Pi-Hole running on Raspberry Pi

I want the RPi to just control ad-blocking. Even if RPi was switched off, internet connectivity should still be fine.
This gives the added advantage that if certain web-sites do not work due to ad-blocking by Pi-Hole, all I need to do is switch off RPi for a quick-fix.
I am not at home all times; so this is an easy solution for my better half.

Questions:
What would be my Router settings?
How/ what do I assign in the RPi (Upstream DNS Servers page) so as to resolve through DNSCrypt from router?
Starting at this post and further down is some info on Raspberry Pi maybe that can help
 
Need some assistance with my setup...

RT-AX88U running Diversion & DNSCrypt-Proxy

Requirements:
- All of my clients to go through DNSCrypt & Diversion Ad-Blocking
- 2 of my clients to totally bypass Diversion, but still use DNSCrypt.

On searching the forums and Diversion website; there is a suggested solution listed on Diversion FAQ here
.... It says that I set the DNS to 8.8.8.8, ... but I want the excluded clients to still use DNSCrypt-Proxy

How to exclude a client from ad-blocking
In your router Web-UI, go to DNS-Filtering
- set 'Enable DNS-based Filtering' to ON
- set 'Global Filter Mode' to 'NO filtering'
- fill in 'Custom (user-defined) DNS 1' with, for example, Google's DNS 8.8.8.8
- select your client(s) in the Client List and set 'Filter Mode' 'Custom 1'
- click Apply

Now the client(s) in the Client list get the DNS from google and not from your router.

Q: What settings do I put in the DNS Filter section (or elsewhere)?

Seeking advise...

@SomeWhereOverTheRainBow
@Zastoff -
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top