Skip to content

Instantly share code, notes, and snippets.

@ndlrx

ndlrx/dnscrypt-proxy.md

Last active May 15, 2024 09:38
Show Gist options
  • Save ndlrx/426a353c25684ba83b652db60ca58bb9 to your computer and use it in GitHub Desktop.
Save ndlrx/426a353c25684ba83b652db60ca58bb9 to your computer and use it in GitHub Desktop.
Download ZIP
Install dnscrypt-proxy on Archlinux or Manjaro
Raw
dnscrypt-proxy.md

Step 1 - Install and Configure dnscrypt-proxy

sudo su
pacman -S dnscrypt-proxy

cd /etc/dnscrypt-proxy/
vim dnscrypt-proxy.toml
  • Choose dns resolver

https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md

server_names = ['scaleway-fr', 'soltysiak', 'cloudflare', 'doh-blahdns-de']
  • Configure Liste address on port 53000
listen_addresses = ['127.0.0.1:53000', '[::1]:53000']
  • Enable dns cache
cache = true
  • Start service and add it ot the boot time
systemctl start dnscrypt-proxy
systemctl enable dnscrypt-proxy

Step 2 - Install and Configure Dnsmasq

pacman -S dnsmasq
vim /etc/dnsmasq.conf
  • Configure Dnsmasq
no-resolv
server=::1#53000
server=127.0.0.1#53000
listen-address=::1,127.0.0.1
  • DNSSEC Validation
conf-file=/usr/share/dnsmasq/trust-anchors.conf
dnssec
  • Start service and add it to the boot time
systemctl start dnsmasq
systemctl enable dnsmasq

Step 3 - Edit resolv.conf

vim /etc/resolv.conf
  • Change resolver to local Dnsmasq
nameserver ::1
nameserver 127.0.0.1
options edns0 single-request-reopen

Step 4 - Checking the Result

https://www.dnsleaktest.com/

Additional:

permanent /etc/resolv.conf file

chattr +i /etc/resolv.conf

📝 with ♥️ by ndlr

@lidgnulinux
Copy link

Hello, Thanks. It still works.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment