Secure DNS queries using DNSCrypt - XIYO/asuswrt-merlin.ng-kr GitHub Wiki
μ΄ νν 리μΌμ asuswrt λΌμ°ν°μμ dnscryptλ₯Ό νμ±ννλ λ°©λ²μ λν΄ μ€λͺ ν©λλ€.
Entware μ€μΉνκΈ°, κ·Έ λ€μ νμν ν¨ν€μ§λ€μ μ€μΉν©λλ€:
opkg install dnscrypt-proxy fake-hwclock
λΌμ°ν°μ μλ‘μ΄ λ¦¬μ‘Έλ² μ¬μ©μ μ§μν©λλ€:
echo -e "#!/bin/sh\nsed -i '/^servers-file=.*/d' \$1" > /jffs/scripts/dnsmasq.postconf
chmod 755 /jffs/scripts/dnsmasq.postconf
echo "no-resolv" > /jffs/configs/dnsmasq.conf.add
echo "server=127.0.0.1#65053" >> /jffs/configs/dnsmasq.conf.add
λΌμ°ν° λΆν μ dnscrypt μμνκΈ°
echo "/opt/etc/init.d/S09dnscrypt-proxy start" >> /jffs/scripts/services-start
μ¬λ°λ₯Έ syslog μκ°μ μν΄ νμμ‘΄ λ³μ μ€μ
echo "export TZ=$(cat /etc/TZ)" >> /opt/etc/profile
(μ νμ¬ν) λ€λ₯Έ DNS μλ²λ₯Ό μ¬μ©νμ¬ ν΄λΌμ΄μΈνΈμ 리λλ μ νκΈ°: firewall-start λλ nat-startμ μΆκ°νκΈ°
iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to $(nvram get lan_ipaddr)
iptables -t nat -A PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to $(nvram get lan_ipaddr)
λ³κ²½ μ¬νμ μ μ©νκΈ° μν΄ λΌμ°ν° μ¬λΆν :
reboot
μλνλμ§ νμΈνκΈ°
dnscrypt μλΉμ€ μ€μ§
/opt/etc/init.d/S09dnscrypt-proxy stop
μλ₯Ό λ€μ΄ URLμ ping ν΄λ³΄κΈ°
ping bing.com
DNS ν΄μμ΄ μλνμ§ μμμΌ ν©λλ€ λ€μ μΌκΈ°
/opt/etc/init.d/S09dnscrypt-proxy start
λ λ§μ μ 보 λ° ν λ‘ μ μ¬κΈ°μμ νμΈν μ μμ΅λλ€.