[Resolved] Cant get dnscrypt to work

Utini · 2015-10-09 17:51:37

I followed the wiki: https://wiki.archlinux.org/index.php/DNSCrypt

1.) pacman -S dnscrypt-proxy dnsmasq
2.) I am using NetworkManager and Network-Manager-applet in which I changed the dns server of my current connection to 127.0.0.1.

systemctl edit dnscrypt-proxy.socket:

[Socket]
ListenStream=
ListenDatagram=
ListenStream=127.0.0.1:40
ListenDatagram=127.0.0.1:40

/etc/dnsmasq.conf:

no-resolv
server=127.0.0.1#40
listen-address=127.0.0.1
cache-size=1000

To run dnsmasq with networkmanager:
/etc/NetworkManager/NetworkManager.conf

[main]
plugins=keyfile
dhcp=dhclient
#dns=default
dns=dnsmasq

## Set static hostname
#[keyfile]
#hostname=foobar

## HTTP-based connectivity check
#[connectivity]
#uri=http://nmcheck.gnome.org/check_network_status.txt
#interval=100

And since dnsmasq via networkmanager uses its own configuration file I re-created the dnsmasq.conf for networkmanager as well:
nano /etc/NetworkManager/dnsmasq.d/cache:

cache-size=1000
no-resolv
server=127.0.0.1#40
listen-address=127.0.0.1

/etc/systemd/system/multi-user.target.wants/dnscrypt-proxy.service:

[Unit]
Description=DNSCrypt client proxy
Requires=dnscrypt-proxy.socket

[Install]
Also=dnscrypt-proxy.socket
WantedBy=multi-user.target

[Service]
Type=simple
NonBlocking=true
ExecStart=/usr/bin/dnscrypt-proxy \
          -R cisco

systemctl status dnscrypt-proxy.service:

[root@_____ sneida]# systemctl status dnscrypt-proxy.service
● dnscrypt-proxy.service - DNSCrypt client proxy
   Loaded: loaded (/usr/lib/systemd/system/dnscrypt-proxy.service; enabled; vendor preset: disabled)
   Active: inactive (dead) since Fri 2015-10-09 19:29:36 CEST; 6min ago
 Main PID: 372 (code=killed, signal=TERM)

Oct 09 19:21:47 _____ dnscrypt-proxy[372]: [INFO] Done
Oct 09 19:21:52 _____ dnscrypt-proxy[372]: [INFO] Server certificate #808464433 received
Oct 09 19:21:52 _____ dnscrypt-proxy[372]: [INFO] This certificate looks valid
Oct 09 19:21:52 _____ dnscrypt-proxy[372]: [INFO] Chosen certificate #808464433 is valid from [2015-09-11] to [2016-09-10]
Oct 09 19:21:52 _____ dnscrypt-proxy[372]: [INFO] Server key fingerprint is E7AC:5C21:A4E6:6A90:B254:DD73:5229:3BA1:5BE9:8EB3:4E8F:E538:52DE:A2FB:DDB6:1357
Oct 09 19:21:52 _____ dnscrypt-proxy[372]: [NOTICE] Proxying from 127.0.0.1:53 to 176.56.237.171:443
Oct 09 19:29:36 _____ systemd[1]: Stopping DNSCrypt client proxy...
Oct 09 19:29:36 _____ systemd[1]: Stopped DNSCrypt client proxy.
Oct 09 19:34:14 _____ systemd[1]: Stopped DNSCrypt client proxy.
Oct 09 19:35:14 _____ systemd[1]: Stopped DNSCrypt client proxy.

ping archlinux.org gives me "unknown host"

Any ideas ?

@edit: sorry, solved it myself

Last edited by Utini (2015-10-09 17:58:59)

Utini · 2015-10-09 17:59:07

Solved it myself :S

grumpyKraut · 2015-12-02 09:48:02

Iḿ really glad you solved it yourself, but could you please provide how? Thank you in advance.

Utini · 2015-12-07 14:59:41

grumpyKraut wrote:

Iḿ really glad you solved it yourself, but could you please provide how? Thank you in advance.

I am not 100% sure what I did to fix it but I remember that either the chosen DNS-Server was wrongly set up / written in the dnscrypt config file (dnscrypt, opendns or whatever server you choose) or was even completely down. I just know that in the end I switched from dnscrypt to openDNS.

Arch Linux

#1 2015-10-09 17:51:37

[Resolved] Cant get dnscrypt to work

#2 2015-10-09 17:59:07

Re: [Resolved] Cant get dnscrypt to work

#3 2015-12-02 09:48:02

Re: [Resolved] Cant get dnscrypt to work

#4 2015-12-07 14:59:41

Re: [Resolved] Cant get dnscrypt to work

Board footer