OpenWrt + ODoH Oblivious DNS-over-HTTPS
PuTTY
www.chiark.greenend.org.uk
WinSCP
winscp.net
先說完全跟著這篇做會掛點
先用 putty 連上 192.168.1.1
opkg update
opkg install dnscrypt-proxy2
/etc/init.d/dnsmasq stop
uci set dhcp.@dnsmasq[0].noresolv="1"
uci set dhcp.@dnsmasq[0].localuse="1"
uci -q delete dhcp.@dnsmasq[0].server
uci add_list dhcp.@dnsmasq[0].server="127.0.0.53"
sed -i "32 s/.*/server_names = ['google', 'cloudflare']/" /etc/dnscrypt-proxy2/*.toml
uci commit dhcp
/etc/init.d/dnsmasq start
/etc/init.d/dnscrypt-proxy restart
到這裡只是開啟了 DoH
換開 WinSCP 檔案協定 SCP 去連線 192.168.1.1
切換到 /etc/dnscrypt-proxy2
開啟 dnscrypt-proxy.toml
先往下 找到
### ODoH (Oblivious DoH) servers and relays
把前面的 # 刪除
### ODoH (Oblivious DoH) servers and relays
[sources.odoh-servers]
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/odoh-servers.md', 'https://download.dnscrypt.info/resolvers-list/v3/odoh-servers.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/odoh-servers.md']
cache_file = 'odoh-servers.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
refresh_delay = 24
prefix = ''
[sources.odoh-relays]
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/odoh-relays.md', 'https://download.dnscrypt.info/resolvers-list/v3/odoh-relays.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/odoh-relays.md']
cache_file = 'odoh-relays.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
refresh_delay = 24
prefix = ''
存檔
切換到 putty 輸入 service dnscrypt-proxy restart
在 winscp 滑鼠右鍵 重新整理 你會看到多了 odoh-servers.md 和 odoh-relays.md
回到 dnscrypt-proxy.toml
最上方的 Global settings
server_names = ['odoh-cloudflare']
ipv4_servers = true
ipv6_servers = true
dnscrypt_servers = false
doh_servers = false
odoh_servers = true
require_dnssec = true
bootstrap_resolvers = ['1.1.1.1:53']
netprobe_address = '1.1.1.1:53'
存檔
切換到 putty
sed -i -e "s/.*odoh_servers.*/odoh_servers = true/; 689,700 s/#//" /etc/dnscrypt-proxy2/*.toml
odoh_servers="['odoh-cloudflare']"
odoh_relays="['odohrelay-crypto-sx']"
sed -i -e "32 s/.*/server_names = $odoh_servers/; 795 s/.*/routes = [/; 797 s/.*/ { server_name='*', via=$odoh_relays }/; 798 s/.*/]/" /etc/dnscrypt-proxy2/*.toml
service dnscrypt-proxy restart
service dnscrypt-proxy enable
瀏覽器連線至
dnsleaktest.com
Cloudflare Tokyo, Japan
PuTTY
Download PuTTY: latest release (0.80)
WinSCP
WinSCP :: Official Site :: Download
WinSCP is a free file manager for Windows supporting FTP, SFTP, S3 and WebDAV.
先說完全跟著這篇做會掛點
先用 putty 連上 192.168.1.1
opkg update
opkg install dnscrypt-proxy2
/etc/init.d/dnsmasq stop
uci set dhcp.@dnsmasq[0].noresolv="1"
uci set dhcp.@dnsmasq[0].localuse="1"
uci -q delete dhcp.@dnsmasq[0].server
uci add_list dhcp.@dnsmasq[0].server="127.0.0.53"
sed -i "32 s/.*/server_names = ['google', 'cloudflare']/" /etc/dnscrypt-proxy2/*.toml
uci commit dhcp
/etc/init.d/dnsmasq start
/etc/init.d/dnscrypt-proxy restart
到這裡只是開啟了 DoH
換開 WinSCP 檔案協定 SCP 去連線 192.168.1.1
切換到 /etc/dnscrypt-proxy2
開啟 dnscrypt-proxy.toml
先往下 找到
### ODoH (Oblivious DoH) servers and relays
把前面的 # 刪除
### ODoH (Oblivious DoH) servers and relays
[sources.odoh-servers]
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/odoh-servers.md', 'https://download.dnscrypt.info/resolvers-list/v3/odoh-servers.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/odoh-servers.md']
cache_file = 'odoh-servers.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
refresh_delay = 24
prefix = ''
[sources.odoh-relays]
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/odoh-relays.md', 'https://download.dnscrypt.info/resolvers-list/v3/odoh-relays.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/odoh-relays.md']
cache_file = 'odoh-relays.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
refresh_delay = 24
prefix = ''
存檔
切換到 putty 輸入 service dnscrypt-proxy restart
在 winscp 滑鼠右鍵 重新整理 你會看到多了 odoh-servers.md 和 odoh-relays.md
回到 dnscrypt-proxy.toml
最上方的 Global settings
server_names = ['odoh-cloudflare']
ipv4_servers = true
ipv6_servers = true
dnscrypt_servers = false
doh_servers = false
odoh_servers = true
require_dnssec = true
bootstrap_resolvers = ['1.1.1.1:53']
netprobe_address = '1.1.1.1:53'
存檔
切換到 putty
sed -i -e "s/.*odoh_servers.*/odoh_servers = true/; 689,700 s/#//" /etc/dnscrypt-proxy2/*.toml
odoh_servers="['odoh-cloudflare']"
odoh_relays="['odohrelay-crypto-sx']"
sed -i -e "32 s/.*/server_names = $odoh_servers/; 795 s/.*/routes = [/; 797 s/.*/ { server_name='*', via=$odoh_relays }/; 798 s/.*/]/" /etc/dnscrypt-proxy2/*.toml
service dnscrypt-proxy restart
service dnscrypt-proxy enable
瀏覽器連線至
dnsleaktest.com
Cloudflare Tokyo, Japan
最後編輯:
