miracle091/dnscrypt-proxy
miracle091
/
dnscrypt-proxy
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Un cache-proxy DNS con supporto a DoH, DNSCrypt e Anonymized DNSCrypt https://dnscrypt.info/
2,092 Commits 8 Branches 89 Tags 61 MiB
Go 90.2%
Shell 5.5%
Python 3.2%
Batchfile 0.9%
Dockerfile 0.2%
Go to file
Robert Edmonds 49000cd4f4 Forwarding plugin: Support forwarding subdomains of the root domain 
This commit updates the forwarding plugin to support matching subdomains
of the root domain ("."). It looks like the forwarding plugin already
performs subdomain matches against the domains specified in the
forwarding rules files, but matches against the root domain weren't
working because of the way matches are performed by comparing the
normalized presentation format QNAME (which omits the trailing dot for
all QNAMEs except the root domain name).

Without this commit, only queries where the QNAME is exactly "."
would match a forwarding rule for the "." domain, like this (with
`offline_mode = true` and a single forwarding rule for the "." domain):

```
[2024-03-25 21:13:31]	100.100.100.100	.	NS	FORWARD	0ms	127.0.0.1:53
[2024-03-25 21:13:36]	100.100.100.100	com	NS	NOT_READY	0ms	-
```

With this commit I get the expected result:

```
[2024-03-25 21:40:07]	100.100.100.100	.	NS	FORWARD	0ms	127.0.0.1:53
[2024-03-25 21:40:09]	100.100.100.100	com	NS	FORWARD	0ms	127.0.0.1:53
```
 		2024-03-25 21:30:09 -04:00
.ci CI tests the unregistered domain for solid NS answer 2024-01-19 19:11:03 +08:00
.github Bump softprops/action-gh-release 2024-03-11 03:24:39 +00:00
contrib/msi shellcheck 2023-11-09 22:47:41 +01:00
dnscrypt-proxy Forwarding plugin: Support forwarding subdomains of the root domain 2024-03-25 21:30:09 -04:00
utils/generate-domains-blocklist Add sources in [domains-blocklist.conf] (#2039) 2022-03-29 14:46:46 +02:00
vendor Update deps 2024-02-20 08:01:38 +01:00
windows Adding flush dns to clean up previous dns cache (#2141) 2022-07-03 14:13:12 +02:00
.gitattributes set go.mod to unix endings 2019-11-08 18:30:23 +01:00
.gitignore Added support to package dnscrypt for windows into an msi 2023-11-09 13:14:29 -08:00
ChangeLog Update ChangeLog 2023-08-11 18:47:44 +02:00
LICENSE 2023 2023-01-05 14:06:00 +01:00
README.md Update GitHub status badge 2023-02-02 20:09:09 +01:00
dnscrypt-logo.svg Rename logo.svg 2018-07-02 00:38:22 +02:00
go.mod fix go version format 2024-02-28 09:47:34 +08:00
go.sum Update deps 2024-02-20 08:01:38 +01:00
logo.png Replace the logo with a version that looks better on a dark background 2021-01-01 14:01:14 +01:00
logo.svg Fix some discrepancies in SVG logo (#545) 2018-07-15 14:57:31 +02:00

README.md

dnscrypt-proxy 2

Financial Contributors on Open Collective DNSCrypt-Proxy Release Build Status CodeQL scan ShiftLeft Scan #dnscrypt-proxy:matrix.org

Overview

A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2, DNS-over-HTTPS, Anonymized DNSCrypt and ODoH (Oblivious DoH).

Download the latest release

Available as source code and pre-built binaries for most operating systems and architectures (see below).

Features

  • DNS traffic encryption and authentication. Supports DNS-over-HTTPS (DoH) using TLS 1.3 and QUIC, DNSCrypt, Anonymized DNS and ODoH
  • Client IP addresses can be hidden using Tor, SOCKS proxies or Anonymized DNS relays
  • DNS query monitoring, with separate log files for regular and suspicious queries
  • Filtering: block ads, malware, and other unwanted content. Compatible with all DNS services
  • Time-based filtering, with a flexible weekly schedule
  • Transparent redirection of specific domains to specific resolvers
  • DNS caching, to reduce latency and improve privacy
  • Local IPv6 blocking to reduce latency on IPv4-only networks
  • Load balancing: pick a set of resolvers, dnscrypt-proxy will automatically measure and keep track of their speed, and balance the traffic across the fastest available ones.
  • Cloaking: like a HOSTS file on steroids, that can return preconfigured addresses for specific names, or resolve and return the IP address of other names. This can be used for local development as well as to enforce safe search results on Google, Yahoo, DuckDuckGo and Bing
  • Automatic background updates of resolvers lists
  • Can force outgoing connections to use TCP
  • Compatible with DNSSEC
  • Includes a local DoH server in order to support ECH (ESNI)

Pre-built binaries

Up-to-date, pre-built binaries are available for:

  • Android/arm
  • Android/arm64
  • Android/x86
  • Android/x86_64
  • Dragonfly BSD
  • FreeBSD/arm
  • FreeBSD/x86
  • FreeBSD/x86_64
  • Linux/arm
  • Linux/arm64
  • Linux/mips
  • Linux/mipsle
  • Linux/mips64
  • Linux/mips64le
  • Linux/x86
  • Linux/x86_64
  • macOS/arm64
  • macOS/x86_64
  • NetBSD/x86
  • NetBSD/x86_64
  • OpenBSD/x86
  • OpenBSD/x86_64
  • Windows
  • Windows 64 bit

How to use these files, as well as how to verify their signatures, are documented in the installation instructions.

Contributors

Code Contributors

This project exists thanks to all the people who contribute.

Financial Contributors

Become a financial contributor and help us sustain our community. [Contribute]

Individuals

Organizations

Support this project with your organization. Your logo will show up here with a link to your website. [Contribute]