search

simonclausen / dnscrypt-autoinstall

Automatic installation and configuration of DNSCrypt (on Debian + Redhat like systems). This script will install DNSCrypt and configure it to start on boot and use an optional dnscrypt service.
Other
224 stars 73 forks source link

addding script for install unbound.... #97

Closed iamspa closed 6 years ago

iamspa commented 7 years ago

hello sir, can you add script for install unbound, so unbound can use dnscrypt for resolving dns and other computer konek to unbound for dns resolver

darkerego commented 7 years ago

Install unbound with apt, yum or whatever you use. Than edit the configuration file (it's probably /etc/unbound/unbound.conf ), and configure it to forward queries to your dnscrypt proxy (assuming it's listening on 127.0.0.1:53 in this example):

  auto-trust-anchor-file: "/var/lib/unbound/root.key"
server:
    logfile: "/var/log/unbound.log"
    log-time-ascii: yes
    module-config: "iterator"
    do-not-query-localhost: no
    interface: 127.0.1.1
    access-control: 127.0.0.0/8 allow
forward-zone:
   name: "."
   forward-addr: 127.0.0.1@53
   forward-first: no

remote-control:
       control-enable: no

Restart unbound (/etc/init.d/unbound restart) and than edit /etc/resolv.conf like:

sudo sh -c "echo 'nameserver 127.0.1.1 >/etc/resolv.conf'"

Than try to query a domain:

anon@mybox:~$ dig example.com

; <<>> DiG 9.9.5-9+deb8u9-Debian <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57799
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 5

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.com.           IN  A

;; ANSWER SECTION:
example.COM.        49711   IN  A   93.184.216.34
---snip---
simonclausen commented 7 years ago

@darkerego, thanks for taking the time to reply!