Установка
| FreeBSD |
portmaster dns/bind911 dns/dnscrypt-proxy
|
| CentOS 7 |
yum -y install dnscrypt-proxy
cat <<EOF > /etc/systemd/system/dnscrypt.service
[Unit]
Description = DNSCrypt
Documentation = man:dnscrypt-proxy(8)
After = network.target
[Service]
Type = forking
# User = nobody
PIDFile = /var/run/dnscrypt.pid
ExecStartPre = /usr/sbin/ip addr add 127.0.0.2/32 dev lo label lo:0
ExecStartPre = /bin/touch /var/run/dnscrypt.pid
ExecStartPre = /bin/chmod 666 /var/run/dnscrypt.pid
ExecStart = /usr/sbin/dnscrypt-proxy \
--daemonize \
--logfile=/var/log/dnscrypt/dnscrypt.log \
--pidfile=/var/run/dnscrypt.pid \
--local-address=127.0.0.2:53 \
--provider-key=D384:C071:C9F7:4662:AF2A:CCD5:7B5D:CC97:14D4:07B6:AD36:01E1:AEDC:06D5:6D49:6327 \
--provider-name=2.dnscrypt-cert.browser.yandex.net \
--resolver-address=77.88.8.78:15353
Restart = always
ExecStopPost = /usr/sbin/ip addr del 127.0.0.2/32 dev lo label lo:0
EOF
|
Настройка
Добавить алиас на интерфейс http://specialistoff.net/question/334
| FreeBSD |
/etc/rc.conf
# Network
ifconfig_lo0_alias0="inet 127.0.0.2 netmask 0xffffffff"
# DNS
named_enable="YES"
dnscrypt_proxy_enable="YES"
dnscrypt_proxy_flags="-a 127.0.0.2"
dnscrypt_proxy_uid="bind"
|
named.conf
options {
...
listen-on {
127.0.0.1;
10.0.0.1;
};
forwarders {
127.0.0.2;
};
...
};
Для настройки на другой сервер используйте файл /usr/local/etc/dnscrypt-proxy.conf
Запуск
| FreeBSD |
/usr/local/etc/rc.d/named start
/usr/local/etc/rc.d/dnscrypt-proxy start
|
| CentOS 7 |
systemctl enable dnscrypt
systemctl start dnscrypt
|
|