That's what I did now, but I can't get DNScrypt to work. My clients are not resolving URLs when it is in use.
With below file dnscrypt-proxy, DNScrypt seems to work when I start it. It shows me that the certificate is valid and the service is running on the specific port.
/etc/init.d/dnscrypt-proxy
#!/bin/sh /etc/rc.common
START=50
USE_PROCD=1
PROG=/usr/sbin/dnscrypt-proxy
start_service() {
dnscrypt-proxy --local-address=127.0.0.1:5353 --resolver-address=82.211.31.248:443 --provider-name=2.dnscrypt-cert.de.d0wn.biz --provider-key=D4A8:6FB5:AA0C:2B6B:8C13:8C29:7F69:F9C8:29C8:E157:F279:6FC7:7366:290F:2A80:0AD2 --daemonize
dnscrypt-proxy --local-address=127.0.0.1:5354 --resolver-address=185.137.15.105:443 --provider-name=2.dnscrypt-cert.de2.d0wn.biz --provider-key=8C62:691A:A7EA:69D3:8A25:86AA:2715:87F0:9B11:9159:0663:55FC:1CD0:61C5:C863:1940 --daemonize
}
service_triggers() {
procd_add_reload_trigger 'dnscrypt-proxy'
The problems seems to be my dnsmasq config, could someone help me?
/etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option localservice '1'
option nonwildcard '0'
option noresolv '1'
list server '127.0.0.1#5353'
list server '127.0.0.1#5354'
list server '/pool.ntp.org/208.67.222.222'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '200'
option leasetime '12h'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
If I add the Google DNS with following command, my DNS is working again (for sure not with DNScrypt, that's not what I want to achieve):
list server '8.8.8.8'
(Last edited by johndoe on 30 Oct 2016, 07:59)