cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
38f33c189b
openbsd-ports/net/dnscrypt-proxy/pkg
History
bket 0b5059d794 Update to dnscrypt-proxy-2.0.25. 
Changelog can be found at
https://github.com/jedisct1/dnscrypt-proxy/releases/tag/2.0.25 and
https://github.com/jedisct1/dnscrypt-proxy/releases/tag/2.0.24

From Nam Nguyen (maintainer). Thanks!

OK sthen@
2019-06-04 10:02:45 +00:00
..
DESCR
dnscrypt_proxy.rc
PLIST
README Update to dnscrypt-proxy-2.0.25. 2019-06-04 10:02:45 +00:00

README 

$OpenBSD: README,v 1.3 2019/06/04 10:02:45 bket Exp $

+-----------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-----------------------------------------------------------------------

dnscrypt-proxy listens for DNS queries on a local address and forwards
them to a DNSCrypt resolver over an encrypted channel.

To use this package, several things are required.

Customizing dnscrypt-proxy.toml
===============================

Ensure that ${SYSCONFDIR}/dnscrypt-proxy.toml fits your needs.

Resolvers
---------
Uncomment 'server_names' to have a smaller set of public resolvers to be used
for load balancing. If this line is commented, all registered servers matching
the require_* filters will be used for load balancing. Refer to
${LOCALSTATEDIR}/dnscrypt-proxy/public-resolvers.md for a list of all public
resolvers.

Load balancing strategy
-----------------------
Note the load balancing strategy, controlled by 'lb_strategy'. It can be
set to one of the following values:
  - 'first' (always pick the fastest server in the list)
  - 'p2' (randomly choose between the top two fastest servers)
  - 'ph' (randomly choose between the top fastest half of all servers)
  - 'random' (just pick any random server from the list)

'p2' is the default option. For more information, see
https://github.com/jedisct1/dnscrypt-proxy/wiki/Load-Balancing-Options

Logging
-------
Logging is disabled by default.

To log to /var/log/messages:
log_level = 2
use_syslog = true

To log to a custom file:
log_level = 2
log_file = '/var/log/dnscrypt-proxy.log'

Daemon
======

Start the daemon:

# rcctl enable dnscrypt_proxy
# rcctl start dnscrypt_proxy

resolv.conf
===========

Set /etc/resolv.conf to perform queries from dnscrypt-proxy:

nameserver 127.0.0.1
lookup file bind

Note: If your IP address is dynamically fetched, dhclient(8) will normally
update resolv.conf with network-provided DNS servers. This can be avoided by
using "ignore domain-name, domain-name-servers;" in /etc/dhclient.conf.

For more information, see https://dnscrypt.info/