| Port details on branch 2023Q4 |
- dnscrypt-proxy2 Flexible DNS proxy with support for encrypted protocols
- 2.1.5_2 dns
 =0      2.1.5_2Version of this port present on the latest quarterly branch. - Maintainer: egypcio@FreeBSD.org
- Port Added: 2023-12-07 15:09:06
- Last Update: 2023-12-07 15:06:56
- Commit Hash: 1a5ede5
- Also Listed In: security
- License: ISCL
- WWW:
- https://github.com/jedisct1/dnscrypt-proxy
- Description:
- A flexible DNS proxy with support for modern encrypted DNS protocols such as
DNSCrypt v2 and DNS-over-HTTP/2.
  ¦  ¦  ¦  ¦ 
- Manual pages:
- FreshPorts has no man page information for this port.
- pkg-plist: as obtained via:
make generate-plist - Dependency lines:
-
- dnscrypt-proxy2>0:dns/dnscrypt-proxy2
- Conflicts:
- CONFLICTS_INSTALL:
- To install the port:
- cd /usr/ports/dns/dnscrypt-proxy2/ && make install clean
- To add the package, run one of these commands:
- pkg install dns/dnscrypt-proxy2
- pkg install dnscrypt-proxy2
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: dnscrypt-proxy2
- Flavors: there is no flavor information for this port.
- distinfo:
- TIMESTAMP = 1692972453
SHA256 (DNSCrypt-dnscrypt-proxy-2.1.5_GH0.tar.gz) = 044c4db9a3c7bdcf886ff8f83c4b137d2fd37a65477a92bfe86bf69587ea7355
SIZE (DNSCrypt-dnscrypt-proxy-2.1.5_GH0.tar.gz) = 4065395
Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- go120 : lang/go120
- Runtime dependencies:
-
- ca_root_nss>=3.35 : security/ca_root_nss
- There are no ports dependent upon this port
Configuration Options:- ===> The following configuration options are available for dnscrypt-proxy2-2.1.5_2:
DOCS=on: Build and/or install documentation
EXAMPLES=on: Build and/or install examples
===> Use 'make config' to modify these settings
- Options name:
- dns_dnscrypt-proxy2
- USES:
- go:modules
- pkg-message:
- For install:
- Version 2 of dnscrypt-proxy is written in Go. by default, this port's daemon
will listen on port 5353 (TCP/UDP) as the _dnscrypt-proxy user.
It's possible to bind it and listen on port 53 (TCP/UDP) with mac_portacl(4)
kernel module (network port access control policy). For this add
dnscrypt_proxy_mac_portacl_enable=YES in your rc.conf. The dnscrypt-proxy
startup script will load mac_portacl and add a rule where _dnscrypt-proxy user will
be able to bind on port 53 (TCP/UDP). This port can be changed by
dnscrypt_proxy_mac_portacl_port variable in your rc.conf. You also need to
change dnscrypt-proxy config file to use port 53.
Below are a few examples on how to redirect local connections from port
5353 to 53.
[ipfw]
ipfw nat 1 config if lo0 reset same_ports \
redirect_port tcp 127.0.0.1:5353 53 \
redirect_port udp 127.0.0.1:5353 53
ipfw add nat 1 ip from any to 127.0.0.1 via lo0
/etc/rc.conf:
firewall_enable="YES"
firewall_nat_enable="YES"
/etc/sysctl.conf:
net.inet.ip.fw.one_pass=0
[pf]
set skip on lo0
rdr pass on lo0 proto { tcp udp } from any to port 53 -> 127.0.0.1 port 5353
/etc/rc.conf:
pf_enable="YES"
[unbound]
/etc/rc.conf:
local_unbound_enable="YES"
/var/unbound/unbound.conf:
server:
interface: 127.0.0.1
do-not-query-localhost: no
/var/unbound/forward.conf:
forward-zone:
name: "."
forward-addr: 127.0.0.1@5353
If you are using local_unbound, DNSSEC is enabled by default. You should
comment the "auto-trust-anchor-file" line or change dnscrypt-proxy to use
servers with DNSSEC support only.
- Master Sites:
|
Number of commits found: 1
| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
2.1.5_2
07 Dec 2023 15:06:56
 |
Ashish SHUKLA (ashish) |
all: Bump PORTREVISION after lang/go* update
PR: 274405
(cherry picked from commit 0505b712df3ae2b4bcaba00aecc7c1e9100d8609) |
Number of commits found: 1
|
As an Amazon Associate I earn from qualifying purchases.