dnsproxy
jp.tiar.app
Our great sponsors
dnsproxy | jp.tiar.app | |
---|---|---|
56 | 1 | |
2,179 | 32 | |
2.9% | - | |
8.3 | 0.0 | |
6 days ago | over 2 years ago | |
Go | ||
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dnsproxy
- AdGuard Simple DNS Proxy with DoH, DoT, DoQ and DNSCrypt Support
-
Adguard adblocker vs Adguard DNS?
There's no difference between the free and freemium in regards to customizability while using VPN since both offer DoT endpoints. On Android, with the standard WireGuard & OpenVPN app you can use any DoT provider you want since the Android Private DNS setting takes precedence over the DNS settings in the VPN app. In Windows you can run https://github.com/AdguardTeam/dnsproxy locally, that way the VPN won't intercept and modify the local DNS traffic (the DNS upstream still goes through the VPN, but if you use DoT/DoH/DoQ then it continues to the DNS server you prefer).
-
VPN recommendation with DoH or DoQ
Which OS is this? In Android the Private DNS (DoT) setting is respected by some clients like the standard WireGuard & OpenVPN, so you can just load any provider's config and enter your personal DoT address. In iOS Passepartout can accept WG/OpenVPN config and apply custom DoH, as for desktop OS you can just run https://github.com/AdguardTeam/dnsproxy forwarding to your DoH/DoQ address and set the VPN interface to use localhost as DNS.
-
Privacy threat: needing to choose between VPN and DNS
If it's on a desktop/laptop, you can run https://github.com/AdguardTeam/dnsproxy to forward into your NextDNS DoH/DoT/DoQ, and set your VPN network adapter to use 127.0.0.1, 127.0.0.2, ::1 and ::2 for DNS (the secondary entry either loopback or fail entirely, all it matters is your OS shouldn't try other address), that way since local traffic isn't routed by the VPN, you still get NextDNS (the actual DoH/DoT/DoQ traffic is still going through the VPN).
-
Adguard on windows blocking dns rewrite of adguard home
Why not set AdGuard Home (assuming it's indeed installed at your home) to use DoT/DoH/DoQ upstream (so your ISP can't redirect it) and have the rewrites in AGH too? If your AGH instance isn't at home, assuming you're using Windows 11 set your AGH to listen on DoH and set Windows to use DoH to your AGH. Otherwise use dnsproxy in Windows to forward it to your AGH through DoT/DoH/DoQ.
- ISP di Indonesia sudah bisa deteksi penggunaan DNS over HTTPS/TLS?
-
Adguard Home and DNS-over-HTTPS
I'm not sure what is your plan here, do you need the Surfshark feature specifically, or do you just want to hide your traffic from your ISP? If you need Surfshark (perhaps for streaming geoblocked content or torrenting), then integrating it with AGH hosted on the cloud for device-wide traffic is going to be complicated. The Surfshark client doesn't support custom DoH/DoT address nor IPv6 (opening public IPv4 Do53 is a big no-no, you'll get swamped for DNS amplification attack), so you'll need an app running on your device to redirect DNS traffic like https://github.com/AdguardTeam/dnsproxy to your cloud AGH. You'd need to setup DoH with a custom path through Nginx otherwise people would scan your server and use it, plus if Google's crawler sees the AGH login page it will mark it as deceptive, and your entire domain is blacklisted by the Safe Browsing API that's used on multiple products (Chrome, Firefox, AdGuard, NextDNS, etc). With all that hassle might as well just run AGH locally on your device anyway (local traffic isn't handled by VPNs)
-
Client Settings Cached?
Assuming you have a custom upstream, it's by design
-
Feature Requests: Force use QUIC or DoQ Protocol, AnyCast/Ultralow toggle settings
Since nextdns-cli isn't likely to support DoQ anytime soon, your best bet is dnsproxy and ctrld.
- Feature Request: Different DoH per network i.e. different NextDNS per network.
jp.tiar.app
-
Is the Megathread down?
AhaDNS Blitz Secure DNS IPv4: 5.2.75.75 AhaDNS Blitz Secure DNS IPv4: 185.213.26.187 AhaDNS Blitz Secure DNS IPv6: 2a04:52c0:101:75:0:0:0:75 AhaDNS Blitz Secure DNS IPv6: 2a0d:5600:33:3:0:0:0:3 source: https://ahadns.com/#dns-servers CIRA Canadian Shield DNS IPv4: 149.112.121.20 CIRA Canadian Shield DNS IPv4: 149.112.122.20 CIRA Canadian Shield DNS IPv6: 2620:10A:80BB:0:0:0:0:20 CIRA Canadian Shield DNS IPv6: 2620:10A:80BC:0:0:0:0:20 source: https://www.cira.ca/cybersecurity-services/canadianshield/how-works CleanBrowsing Secure DNS IPv4: 185.228.168.9 CleanBrowsing Secure DNS IPv4: 185.228.169.9 CleanBrowsing Secure DNS IPv6: 2a0d:2a00:1:0:0:0:0:2 CleanBrowsing Secure DNS IPv6: 2a0d:2a00:2:0:0:0:0:2 source: https://cleanbrowsing.org/filters/ CloudFlare Secure DNS IPv4: 1.1.1.2 CloudFlare Secure DNS IPv4: 1.0.0.2 CloudFlare Secure DNS IPv6: 2606:4700:4700:0:0:0:0:1112 CloudFlare Secure DNS IPv6: 2606:4700:4700:0:0:0:0:1002 source: https://developers.cloudflare.com/1.1.1.1/1.1.1.1-for-families/linux ControlD Secure DNS IPv4: 76.76.2.2 ControlD Secure DNS IPv4: 76.76.10.2 ControlD Secure DNS IPv6: 2606:1a40:0:0:0:0:2 ControlD Secure DNS IPv6: 2606:1a40:1:0:0:0:2 source: https://controld.com/free-dns/ DNSlify Safe/Secure DNS IPv4: 185.235.81.3 DNSlify Safe/Secure DNS IPv4: 185.235.81.4 DNSlify Safe/Secure DNS IPv6: 2a0d:4d00:81:0:0:0:3 DNSlify Safe/Secure DNS IPv6: 2a0d:4d00:81:0:0:0:4 source: https://www.dnslify.com/services/filtering/ Neustar Secure UltraDNS IPv4: 156.154.70.2 Neustar Secure UltraDNS IPv4: 156.154.71.2 Neustar Secure UltraDNS IPv6: 2610:a1:1018:0:0:0:2 Neustar Secure UltraDNS IPv6: 2610:a1:1019:0:0:0:2 source: https://www.publicdns.neustar/ Privacy-First Secure DNS IPv4: 174.138.21.128 Privacy-First Secure DNS IPv4: 188.166.206.224 Privacy-First Secure DNS IPv6: 2400:6180:0:d0:0:5f6e:4001 [Singapore] Privacy-First Secure DNS IPv6: 2400:8902:0:f03c:91ff:feda:c514 [Japan] source: https://github.com/pengelana/jp.tiar.app/wiki | tiarap.org Quad9 Secure DNS IPv4: 9.9.9.9 [my choice] Quad9 Secure DNS IPv4: 149.112.112.112 [my choice] Quad9 Secure DNS IPv6: 2620:fe:0:0:0:0:0:9 [my choice] Quad9 Secure DNS IPv6: 2620:fe:0:0:0:0:0:fe [my choice] source: https://www.quad9.net/support/set-up-guides/windows/ Yandex Safe/Secure DNS IPv4: 77.88.8.88 Yandex Safe/Secure DNS IPv4: 77.88.8.2 Yandex Safe/Secure DNS IPv6: 2a02:6b8:0:0:0:0:feed:bad Yandex Safe/Secure DNS IPv6: 2a02:6b8:0:1:0:0:feed:bad source: https://kb.adguard.com/en/general/dns-providers#yandex-dns
What are some alternatives?
Unbound - Unbound is a validating, recursive, and caching DNS resolver.
DNS - Emerald Onion's Encrypted DNS Resolver
mosdns - 一个 DNS 转发器
blahdns - A small hobby ads block dns project with doh, dot, dnscrypt support.
doh-cf-workers - DNS-over-HTTPS proxy on Cloudflare Workers
AdGuardHome - Network-wide ads & trackers blocking DNS server
nextdns - NextDNS CLI client (DoH Proxy)
blocklist - Privacy DNS
wirehole - WireHole is a combination of WireGuard, Pi-hole, and Unbound in a docker-compose project with the intent of enabling users to quickly and easily create a personally managed full or split-tunnel WireGuard VPN with ad blocking capabilities thanks to Pi-hole, and DNS caching, additional privacy options, and upstream providers via Unbound.
sdns - A high-performance, recursive DNS resolver server with DNSSEC support, focused on preserving privacy.
dnscrypt-protocol - DNSCrypt protocol specification