To resolve all problems associated with installing Dnscrypt-Proxy with Entware (or similar) along with setting up various scripts to handle dnscrypt-proxy starting up including the ntp issue, this installer of dnscrypt-proxy resolves all these concerns... The only requirement is an Asus Router flashed with custom Asuswrt-Merlin Firmware.
- ARM based ASUS routers that use Asuswrt-Merlin Firmware
- JFFS support and enabled
- Service commands require Firmware version 384.11, or higher
- No known issue
- dnscrypt-proxy version 2 with ODoH, DoH, and DNSCrypt version 2 protocols, multiple resolvers, and other features
- Running as nobody through nonroot binary (using --user requires change to passwd)
- Support ARM based routers
- Support OpenDNS dynamic IP update by entering your OpenDNS account information
- Handling ntp update at router boot up by starting dnscrypt-proxy with cert_ignore_timestamp option
- Redirect all DNS queries on your network to dnscrypt if user chooses to using DNS Filter Option
- Install haveged/rngd for better speed with dnscrypt and other cryptographic applications
- Support various HW RNG such as TrueRNG (tested with v3), TrueRNGpro, OneRNG, EntropyKey
- Ability to setup a swap file
- Ability to setup timezone file (/etc/localtime) used by dnscrypt-proxy and other apps
- Ability to reconfigure dnscrypt-proxy without reinstalling unlike previous installer for dnscrypt-proxy version 1.x.x
- Ability to configure anonymized relay support per Dnscrypt server through menu option or Wildcard Relay Support to cover all dnscrypt servers when automatic is selected.
- Support for NextDNS.io Account SDNS stamp as Static server.
- Support for addition of multiple static servers using SDNS Stamp and Custom Server Naming that can be mixed with servers on the resolvers list.
- Improved Installer/Update/Backup Functions.
https://github.com/thuantran/dnscrypt-asuswrt-installer/commits/master
Run this command from ssh shell and following the prompt for dnscrypt-proxy version 2:
curl -L -s -k -O https://raw.githubusercontent.com/thuantran/dnscrypt-asuswrt-installer/master/installer && sh installer; rm installer
User can safely update from dnscrypt-proxy version 1 to version 2 with above command.
If you want to use dnscrypt-proxy version 1, run this command:
curl -L -s -k -O https://raw.githubusercontent.com/thuantran/dnscrypt-asuswrt-installer/dnscrypt-proxy-v1/installer && sh installer dnscrypt-proxy-v1; rm installer
/jffs/dnscrypt/manager {(dnscrypt-)?(start|stop)|restart|kill}
or (recommended commands)
service {(dnscrypt-)?(start|stop)|restart|kill}_dnscrypt-proxy
If you use OpenDNS, run this command on Windows cmd
nslookup -type=txt debug.opendns.com
You should see something like
"dnscrypt enabled (717473654A614970)"
in result.
Otherwise running this command:
pidof dnscrypt-proxy
will return a number.
I need following directory and files:
/jffs/dnscrypt
/jffs/scripts/init-start
/jffs/scripts/dnsmasq.postconf
/jffs/scripts/services-stop
/jffs/scripts/service-event-end
One can use this command to create a tar archive of these files:
echo .config > exclude-files; tar -cvf dnscrypt.tar -X exclude-files /jffs/dnscrypt /jffs/scripts/init-start /jffs/scripts/dnsmasq.postconf /jffs/scripts/services-stop /jffs/scripts/service-event-end ; rm exclude-files
in current directory and send me the archive for debug.
I also need following information:
- Which dns server you selected during dnscrypt installation
- Which router you're using
- Firmware and its version
- Use dnscrypt-proxy binary packages from https://github.com/jedisct1/dnscrypt-proxy
- Compiling and stripping required binaries using firmware building toolchain from asuswrt-merlin
- I wrote the installer script with stuff inspired from entware-setup.sh from asuswrt-merlin
- You can look at all the stuff here https://github.com/thuantran/dnscrypt-asuswrt-installer
This script will always be open source and free to use under GPL-3.0 License, but if you want to support future development you can do so by Donating With PayPal. or Buy me a coffee.