Synology dhcp and dnscrypt-proxy

[xyzulu]

For new Package Requests, see the guidelines

Setup

Package Name: dnscrypt-proxy Package Version: .23

NAS Model: ds118 NAS Architecture: x64 DSM version: 6.2.2

Expected behavior

When installing after Synology dhcp is enabled and running, despite running on port 10053 Synology DNS should proxy requests through to dnscrypt-proxy

Actual behavior

Port 53 resolves DNS, but not via dnscrypt-proxy

Steps to reproduce

1. 2. 3.

Package log

Check Package Center or /usr/local/{package}/var/

Insert the package log here

Other logs

E.g. /var/log/messages or /var/log/synopkg.log

Insert log here

[publicarray]

Hi thanks for the report! Do you happen to have the log files?

Usually there is small config file added to the synology dhcpd server to change the port. Can you verify that the file is present and the contents is correct? https://github.com/publicarray/spksrc/blob/e6ed9b93ff9b54386e201e93924967e24e91fb11/spk/dnscrypt-proxy/src/service-setup.sh#L50 If not try uninstalling and installing the package

[xyzulu]

The file isn't present. I've reinstalled a few times to test already.

If I manually create that file and reload dhcp will that do the trick?

[publicarray]

Yes you could do that. The contents should be ‘server=127.0.0.1#10053’.

I need to find out why that file wasn’t created by my script. Is it possible that you can give me the log files? Thanks. I’ll fix this in an upcoming update.

[xyzulu]

dnscrypt-proxy_install.log dnscrypt-proxy.log

Sure, here you go..

[publicarray]

Thanks so much

[publicarray]

Thanks. I just need to update the dhcp detection part. That will have to wait a little unfortunately. I hope I get to it tomorrow. Did adding the file help you? It is possible that you also need to add another file to enable the config https://github.com/publicarray/spksrc/blob/e6ed9b93ff9b54386e201e93924967e24e91fb11/spk/dnscrypt-proxy/src/service-setup.sh#L51

‘enable=“yes”’

Sorry I’m on a mobile at the moment.

[xyzulu]

Despite having both files present, I'm still not having any success. I can wait ;)

Thanks

[publicarray]

Oh :/ Did you restart dhcpd with ‘/etc/rc.network nat-restart-dhcp’ ?

[xyzulu]

Oh :/ Did you restart dhcpd with ‘/etc/rc.network nat-restart-dhcp’ ?

I did

[publicarray]

Hm at this point I need to get my hands on my synology to see if an update by synology changed something that broke the script or my assumptions. As a last result maybe restart your NAS.

Just a quick summary: From the log file you gave me the script did not detect dhcpd as running but like you said you can query your NAS on the dns port which is also used by the dhcp server. Additionally the added config files do not have any effect.

Thanks for reporting this :)

[xyzulu]

Correct. I might try a restart sometime and retest. I'll let you know if I have a different result.

[xyzulu]

FYI I've tested this out a number of ways now.. still no go. Even manually creating the files, when restarting dhcp none of the added conf files are pulled into dhcpd.conf.. I feel like this is the main issue here.

Edit: I've found a workaround Create a file dhcpd-vendor.conf in /etc/dhcdp.conf with: server=127.0.0.1#10053

Then restart networking and this is added to dhcpd.conf and everything works correctly. Will this persist across DSM updates? What about dnscrypt-proxy (this package) updates? Any other comments on this method?

I found this tip by digesting this: https://forum.synology.com/enu/viewtopic.php?t=131699

[publicarray]

I'm glad you found a workaround 👍

So I've tried to update my VM to SRM 6.2.2 but failed to do so (I'm using xpenology since I only have the Synology router)

Anyhow in version 6.2.0 the dhcpd config files where in /etc/dhcpd/ so /etc/dhcpd/dhcpd.conf is the main file. And just adding the appropriate files in the folder worked nicely and would work with dhcpd configuration changes and updates.

Is /etc/dhcdp.conf a folder?

Will this persist across DSM updates? What about dnscrypt-proxy (this package) updates?

Yes adding the dhcpd-vendor.conf file should persist the change on updates (unless the file structure changes again) I suggest renaming it to dhcpd-dnscrypt-dnscrypt.conf since this is what my script is using. So in the future (once I update the package) on uninstall it would remove the file.

I was using the same method just in a different folder. I just didn't think that they would change the folder structure on me.

Since I don't have the latest DSM would you mind running this command? ps aux | grep dhcp It should list the dhcpd server and would help be develop a fix.

Do you know if the folder structure change as in done in 2.2.1 or is it since 2.2.2?

[xyzulu]

ps aux | grep dhcp
root     19956  0.0  0.2  11192  2104 ?        S    07:11   0:00 dnsmasq --user=root --cache-size=200 --conf-file=/etc/dhcpd/dhcpd.conf --dhcp-lease-max=2147483648
root     19957  0.0  0.2  11192  1904 ?        S    07:11   0:00 dnsmasq --user=root --cache-size=200 --conf-file=/etc/dhcpd/dhcpd.conf --dhcp-lease-max=2147483648

I've tried with the file name you suggest (your script uses) and the content is not being pulled into dhpcd.conf when restarting dhcp. This appears to be a change in DMS 2.2.x perhaps.

/etc/dhcpd/ is a folder.. /etc/dhcpd/dhcpd.conf is the conf file present.

[publicarray]

Thanks so much!

Ok so the folder structure didn't change just that the file needs a specific name. I'll work on a fix soon.

[publicarray]

I've pushed a new release, please let me know if this fixed the issue. FYI I used the /etc/dhcpd/dhcpd-dns-dns.conf file as it appears more appropriate and still allows users to edit the dhcpd-vendor.config file. Thank you for your patience!

[xyzulu]

I'll test it out now.. will let you know. Thanks!

[xyzulu]

Still not quite right.. sorry ;)

Sat Jun 22 20:36:46 WIB 2019
Starting dnscrypt-proxy command
dns forwarding - dhcpd (dnsmasq) enabled: yes
pgrep: no process with 'dhcpd.conf' found
[2019-06-22 20:36:46] [NOTICE] Network connectivity detected
[2019-06-22 20:36:46] [NOTICE] Source [public-resolvers.md] loaded
[2019-06-22 20:36:46] [NOTICE] dnscrypt-proxy 2.0.25

[publicarray]

Thanks for the feedback and sorry for the delay. I have pushed a new release and this time I have tested the package on both the DSM and the SRM. I'm confident this issue is now resolved. Thank you for staying with me on this!