Open xyzmos opened 5 years ago
jedisct1
commented
5 years ago Hi!
The resolvers list is maintained here: https://github.com/DNSCrypt/dnscrypt-resolvers
And you can directly submit a pull request with your changes if you like.
The DNSCrypt stamps you posted here appear to be incorrect; they are truncated, invalid Base64. I tried to fix them but still couldn't connect. Is it supposed to be on port 22?
jedisct1
commented
5 years ago [2019-08-28 15:44:54] [INFO] [geekdns-doh-east] TLS version: 303 - Protocol: h2 - Cipher suite: 49199
[2019-08-28 15:44:54] [ERROR] Certificate hash [3e1a1a0f6c53f3e97a492d57084b5b9807059ee057ab1505876fd83fda3db838] not found for [geekdns-doh-east]Looks like the certificates have changed from being signed by Let's Encrypt to being signed by GlobalSign.
This is very suspicious and may be a hijack, which is why dnscrypt-proxy doesn't connect to it.
I am going to update the certificate hashes to put globalsign instead.
jedisct1
commented
5 years ago The no filter flag has to remain because GeekDNS is blocking ads.
jedisct1
commented
5 years ago Or does it? The original description mentions that it does, but the website doesn't say anything about ads.
xyzmos
commented
5 years ago The dnscrypt stamps destruction should be caused by translation software. The dnscrypt port is indeed 22, which is used to deal with China's complex network environment.
Geekdns closed in April this year, so filtering, including filtering off ads and trackers.
xyzmos
commented
5 years ago sdns sdns://AQMAAAAAAAAAEDExOS4yOS4xMDcuODU6MjIgCsUpkBu6ujbEDZ8PQI2wa3DCkDzxLlczLOwTyQTQM70ZMi5kbnNjcnlwdC1jZXJ0LjIzM3B5LmNvbQ
edns sdns://AQMAAAAAAAAAEDQ3LjEwMS4xMzYuMzc6MjIgCRIqxqrF-npxg2-xjGLKvzuxvS7hCGgXx_x_4K85yHYZMi5kbnNjcnlwdC1jZXJ0LjIzM3B5LmNvbQ
ndns sdns://AQMAAAAAAAAAEjExNC4xMTUuMjQwLjE3NToyMiCLntDYEK0AwismFtMCM0YMkflJGNZiJnINFtDLcCLLwBkyLmRuc2NyeXB0LWNlcnQuMjMzcHkuY29t
wdns sdns://AQMAAAAAAAAAETExOC4yNC4yMDguMTk3OjIyIL66dzE0aNGlvYsF3RnukLk4AI3lQqSxeEo6PxHme-qZGTIuZG5zY3J5cHQtY2VydC4yMzNweS5jb20
hk-dns sdns://AQcAAAAAAAAAETE1MC4xMDkuNzQuMTY0OjIyIPcEBXJOU2jQys6br08P8yyn132SuDixQ8Oek3lhoRQoGTIuZG5zY3J5cHQtY2VydC4yMzNweS5jb20
us-dns sdns://AQMAAAAAAAAAETEwNy4xNTUuNzkuMTIwOjIyIDzxhAPcjkUtLFGDWuU9rLKuuRzz2iKEoeO7TqqSpXkqGTIuZG5zY3J5cHQtY2VydC4yMzNweS5jb20
jedisct1
commented
5 years ago Thanks a lot for the updated stamps! These seem to work fine!
So, should these resolvers keep being called geekdns or something different?
jedisct1
commented
5 years ago The US one doesn't seem to be reachable at the moment :(
jedisct1
commented
5 years ago And geekdns-east doesn't seem to have the correct certificate.
xyzmos
commented
5 years ago You can call it GeekDNS, I feel that I have provided the wrong label and I am sorry for the inconvenience. I have tested the following Stamps.
edns sdns://AQcAAAAAAAAAEDQ3LjEwMS4xMzYuMzc6MjIgCRIqxqrF-npxg2-xjGLKvzuxvS7hCGgXx_x_4K85yHYZMi5kbnNjcnlwdC1jZXJ0LjIzM3B5LmNvbQ
ndns sdns://AQcAAAAAAAAAEjExNC4xMTUuMjQwLjE3NToyMiCLntDYEK0AwismFtMCM0YMkflJGNZiJnINFtDLcCLLwBkyLmRuc2NyeXB0LWNlcnQuMjMzcHkuY29t
sdns sdns://AQcAAAAAAAAAEDExOS4yOS4xMDcuODU6MjIgCsUpkBu6ujbEDZ8PQI2wa3DCkDzxLlczLOwTyQTQM70ZMi5kbnNjcnlwdC1jZXJ0LjIzM3B5LmNvbQ
wdns sdns://AQcAAAAAAAAAETExOC4yNC4yMDguMTk3OjIyIL66dzE0aNGlvYsF3RnukLk4AI3lQqSxeEo6PxHme-qZGTIuZG5zY3J5cHQtY2VydC4yMzNweS5jb20
hk-dns sdns://AQcAAAAAAAAAETE1MC4xMDkuNzQuMTY0OjIyIPcEBXJOU2jQys6br08P8yyn132SuDixQ8Oek3lhoRQoGTIuZG5zY3J5cHQtY2VydC4yMzNweS5jb20
us-dns sdns://AQcAAAAAAAAAETEwNy4xNTUuNzkuMTIwOjIyIM76u0x7rmr-tinkFTrR57v5TZgT7jHJs8loyWZRMDw5GTIuZG5zY3J5cHQtY2VydC4yMzNweS5jb20
Thank you, I wish you a happy weekend.
Hello, I found that when Geekdns is selected as the upstream, it will not be resolved, but the direct access to the Doh address can be resolved.
Then we updated the DNS address and service: WebSite:www.233py.com We stopped recording filtered data very early. We do not log, do not filter data, and support DNSSEC. We provide a total of 6 servers, four in mainland China, and others in Hong Kong, China, and the United States.
Southern China [Guangdong] IP: 119.29.107.85 DOH: https://sdns.233py.com/dns-query Dnscrypt: sdns://AQMAAAAAAAAAEDExOS4yOS4xMDcuODU6MjIgCsUpkBu6ujbEDZ8PQI2wa3DCkDzxLlczLOwTyQTQM70ZMi5kbnNjcnlwd DOT: sdns.233py.com
Eastern China [Shanghai] IP: 47.101.136.37 DOH: https://edns.233py.com/dns-query Dnscrypt: sdns://AQMAAAAAAAAAEDQ3LjEwMS4xMzYuMzc6MjIgCRIqxqrF-npxg2-xjGLKvzuxvS7hCGgXx_x_4K85yHYZMi5kbnNjcnlwd DOT: edns.233py.com
Northern China [Beijing] IP: 114.115.240.175 DOH: https://ndns.233py.com/dns-query Dnscrypt: sdns://AQMAAAAAAAAAEjExNC4xMTUuMjQwLjE3NToyMiCLntDYEK0AwismFtMCM0YMkflJGNZiJnINFtDLcCLLwBkyLmRuc2Nye DOT:ndns.233py.com
Western China [Chongqing] IP: 118.24.208.197 DOH: https://wdns.233py.com/dns-query Dnscrypt: sdns://AQMAAAAAAAAAETExOC4yNC4yMDguMTk3OjIyIL66dzE0aNGlvYsF3RnukLk4AI3lQqSxeEo6PxHme-qZGTIuZG5zY3J5c DOT: wdns.233py.com
China Hong Kong IP: 150.109.74.164 DOH: https://hk-dns.233py.com/dns-query Dnscrypt: sdns://AQcAAAAAAAAAETE1MC4xMDkuNzQuMTY0OjIyIPcEBXJOU2jQys6br08P8yyn132SuDixQ8Oek3lhoRQoGTIuZG5zY3J5c DOT: hk-dns.233py.com
United States IP: 107.155.79.120 IPV6: 2604:880:398:0555:0000:0000:0000:0001 DOH: https://us-dns.233py.com/dns-query Dnscrypt: sdns://AQMAAAAAAAAAETEwNy4xNTUuNzkuMTIwOjIyIDzxhAPcjkUtLFGDWuU9rLKuuRzz2iKEoeO7TqqSpXkqGTIuZG5zY3J5c DOT: us-dns.233py.com
Thank you