Menu
What's new
By:
Filters Better Search

[SOLVED] DNSCrypt - question re optional commands on wiki

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Jack Yaz

Jack Yaz

Part of the Furniture
Following the guide here: https://github.com/RMerl/asuswrt-merlin/wiki/Secure-DNS-queries-using-DNSCrypt

Code: 
(optional) You can redirect using other DNS-servers on clients: add to firewall-start or nat-start

iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to $(nvram get lan_ipaddr)
iptables -t nat -A PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to $(nvram get lan_ipaddr)

Which of the 2 starts is preferable? And do I need these? Will it affect the VPN server I run etc?
 
Jack Yaz said:
Code: 
(optional) You can redirect using other DNS-servers on clients: add to firewall-start or nat-start

iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to $(nvram get lan_ipaddr)
iptables -t nat -A PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to $(nvram get lan_ipaddr)
Click to expand...
Both - one is for TCP the other for UDP protocol!
Jack Yaz said:
And do I need these?
Click to expand...
No! DNScrypt uses different ports. This is just to block the standard DNS ports.
Jack Yaz said:
Will it affect the VPN server I run etc?
Click to expand...
No! VPN will also use the DNScrypt - unless you want to use the DNS from the VPN provider.
 
joegreat said:
Both - one is for TCP the other for UDP protocol!

No! DNScrypt uses different ports. This is just to block the standard DNS ports.

No! VPN will also use the DNScrypt - unless you want to use the DNS from the VPN provider.
Click to expand...

Thanks, makes sense. Sorry, i meant is firewall start or services start better?
 
Jack Yaz said:
Thanks, makes sense. Sorry, i meant is firewall start or services start better?
Click to expand...
Firewall start script is the place to go - runs much earlier the service-start!
 
Ok cool, I was going to put it there as I've had mixed results with iptables rules in service-start!
 
Hello ...

I have another question in this context.
Would be nice if someone can help me. I use the dnscrypt installer for asuswrt from here: https://www.snbforums.com/threads/release-dnscrypt-installer-for-asuswrt.36071/

Dnscrypt uses port 443 by default but the DNS standard port is of course 53, dnscrypt.eu supports these ports - and this I would like to use. I found this guide, I do not know I can implement it:
https://mydarkerego.blogspot.nl/2015/11/bypassing-udp443-blocks-for-dnscrypt.html

:)
 
You must log in or register to reply here.

Similar threads

GShlomi
Sharing my DualWan with port forwarding and DDNS experience
Replies
0
Views
216
GShlomi
GShlomi
G
VPN Client with Public IP, split tunnel web server over VPN and other traffic not on the VPN
Replies
4
Views
499
Grefyne
G
M
iptable questions
Replies
2
Views
1K
Mikii
M
R
One router, two segments desired.
Replies
4
Views
490
Rombo
R
A
Port forwarding from OpenVPN Client
Replies
4
Views
878
almaster76
A
Similar threads
Thread starter Title Forum Replies Date
B (solved) Dnscrypt blocked-names.txt automatically deleted upon modification Asuswrt-Merlin 4
S [Solved] GT-AX6000 - Temperature not showing Asuswrt-Merlin 4
N (Solved - Bad router) RT-AX88U node causes network instability (3004.388.7) Asuswrt-Merlin 2
G Miracast problems solved by router reboot -RT-AC86U 386.12_4 Asuswrt-Merlin 0
W Solved Solved (for me): WiFi issues and/or crashes with Merlin on RT-AC86U Asuswrt-Merlin 1
magicus [solved] More than 64 static DHCP addresses? Asuswrt-Merlin 3
J Solved *SOLVED* Asus RT-AX86U Pro on latest Merlin 3004.388.4, cannot get RT-AC68U (on any firmware) to connect as a AI Mesh Node Asuswrt-Merlin 3
M SOLVED: very asymmetric UL/DL speed on 2.5G line Asuswrt-Merlin 25
Calafax AX86U setup & ethernet-only access--solved Asuswrt-Merlin 13
A Question about Asus Merlin Router behind a firewalla? Asuswrt-Merlin 8

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 487 (members: 17, guests: 470)
Top