lthn-app-vpn icon indicating copy to clipboard operation
lthn-app-vpn copied to clipboard

Published 20 hours ago verified publisher icon letheanVPN

Use doh-proxy for DNS queries

Open limosek opened this issue 6 years ago • 4 comments

Would be great to implement doh-proxy so all DNS queries could be redirected to HTTPS server so it would be encrypted.

limosek avatar Jan 15 '19 13:01 limosek

I use DNS over TLS with stubby on my exit nodes and cache requests locally with dnsmasq. Adding to squid.conf use only 127.0.0.1 DNS (localhost) and block port 53 for outgoing communication in firewall. So DNS requests are encrypted.

Info Arch Linux https://wiki.archlinux.org/index.php/Stubby

General info https://stafwag.github.io/blog/blog/2018/09/09/dns-privacy-with-stubby-part1-gnulinux/

In squid.conf use dns_nameservers directive

ronnylov avatar Jan 15 '19 13:01 ronnylov

Would be great to add something like this into docker image. Can you send some more info here please? Thank you.

limosek avatar Jan 15 '19 14:01 limosek

See edit above :-)

ronnylov avatar Jan 15 '19 14:01 ronnylov

I have now tried this one. https://github.com/MatthewVance/stubby-docker

It combines stubby and unbound with docker-compose. Default setup gives DNS over TLS using Cloudflare DNS and when combined with unbound we get local DNS cache. I like it!

ronnylov avatar Feb 24 '19 12:02 ronnylov