Closed ezbik closed 1 year ago
Block all outgoing DNS traffic and run Gost proxy with forwarding DNS to DNS-over-TLS (853).
iptables -A OUTPUT -p tcp --dport 53 -j REJECT iptables -A OUTPUT -p udp --dport 53 -j REJECT gost -L :2323?dns=1.1.1.1:853/tls
curl -x localhost:2323 -v ipv6.tanatos.org ... < HTTP/1.1 503 Service Unavailable < Proxy-Agent: gost/2.11.1 < Content-Length: 0
2022/04/24 18:17:10 route.go:650: auto://:2323 on [::]:2323 2022/04/24 18:17:12 http.go:161: [http] 127.0.0.1:60604 -> auto://:2323 -> ipv6.tanatos.org:80 2022/04/24 18:17:12 http.go:251: [route] 127.0.0.1:60604 -> auto://:2323 -> ipv6.tanatos.org:80 2022/04/24 18:17:12 http.go:272: [http] 127.0.0.1:60604 -> 127.0.0.1:2323 : dial tcp: lookup ipv6.tanatos.org on 8.8.4.4:53: write udp 162.243.198.122:40350->8.8.4.4:53: write: operation not permitted
So for some reason it reads something from systemd resolvers from resolv.conf eventhough it should not.
Block all outgoing DNS traffic and run Gost proxy with forwarding DNS to DNS-over-TLS (853).
So for some reason it reads something from systemd resolvers from resolv.conf eventhough it should not.