-
Notifications
You must be signed in to change notification settings - Fork 89
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade DNSCrypt-proxy to v2: add DoH support #1831
Comments
According to this list, we should delete: cs-cfii (CS secondary cryptofree France DNSCrypt server) And add: @ameshkov should I start? |
yes please..... so, yes update it please.... if possible, like I said, periodic pull of those file from that link.... |
also, if possible & hasn't been implemented yet: move to DNScrypt v2 instead of using the old v1.... from my exp of using it in my PC, its more reliable + stable than v1 DNScrypt. |
Maybe the DNS list can be made to be linked to the update filter/app option - so it periodically pulls an updated list. |
Dunno where this log will fit into, I merely exporting it for no reason just for the devs to check. http://www.mediafire.com/file/ro3akmht8lmgrxg/adguard_logs_2.11.81_2304_0807.zip |
@admitrevskiy here's what needs to be done here:
|
@ameshkov don't worry about apk size, we're living in 2018 where space doesn't matter anymore.... increase in few MB for better app functionality is better than keeping it down but "just working".... |
@ameshkov Log: https://www.dropbox.com/s/tnjx46bmqdnbhhc/adguard_logs_2.12.19_2205_1746.zip?dl=0 Also, is it periodically updated according to the source? @admitrevskiy I tried to manually edit the dnscrypt-proxy.toml matching my settings in my PC, it's defaulted back to original value upon activating AG. |
UPDATE: DNScrypt in v2.12.26-beta is working ONLY in VPN mode. It won't work at all (no efffect, still using ISP's) on Local HTTP Proxy mode. Tested using WiFi & mobile data. |
That's a template file, it is unpacked to the data folder when AG runs dnscrypt-proxy. Edit: okay, I see, you've been checking the data folder. We'll check it. |
We're keeping an eye on its repo, but the process is not automated. |
It should've been working: What are your system DNS? |
Ah, I think I've figured what's going on. We exclude private subnets, hence DNS traffic is not getting redirected:
It's not just about dnscrypt, DNS filtering is broken in the local HTTP proxy mode completely (for those who have system dns pointing to a private subnet ip). Thank you for reporting it! |
@CrescendoFang Hi! |
@ameshkov My system DNS is the ISP's (DHCP assigned). So I can only test using DNScrypt. Here's my AG settings: https://www.dropbox.com/s/mcoet56m298b0pf/adguard_settings_2.12.26_2305_1029.json?dl=0&m= |
@CrescendoFang have you tried the test build posted by @admitrevskiy? Is it okay with it now? |
@ameshkov @admitrevskiy yup, still not working...
Those 36.86.63.185 is my ISP's censorship proxy... EDIT: IT'S WORKING NOW after reboot.... |
Hm, not sure why reboot was required, but I am glad it is working now:) |
I tried to reconnect the wifi on my wife's phone, it's working OK... maybe it only needs a reconnection, but I rebooted mine first... 😝 How to check DoH? If all is done, we can close this issue 😉 |
@CrescendoFang it already works, try to connect any DoH server. For example doh-crypto-sx or doh-cleanbrowsing. Please let me know if something goes wrong. |
@admitrevskiy yup, it's working perfectly 😉 thank you so much... shall we close this issue now? |
Not yet, it's in Review/QA pipeline now |
For some reason secure DNS doesn't work for me at all in the latest 2.12 nightly. As soon as I enable any server, the Internet effectively dies. Is it something you are aware of? If not, how can I assist in debugging what's going on? My phone is the Exynos version of Galaxy S8 with the latest stable Oreo firmware (G950FXXU2CRED), if it's of any help. |
@vchrn logs with "record everything" level would be helpful. But before that try reinstalling AG and see if it changes anything. |
Heh, yeah, reinstalling did the trick, it works now. |
It means something is not okay with the update process. What DNSCrypt server did you have before upgrading to nightly? Was it a custom server or smth else? |
I had been using the regular DNS.WATCH, no custom configuration. After the upgrade to nightly the regular servers still worked fine, but not a single "Secure DNS" one could resolve names. |
What was the version you were upgrading from? |
The latest beta. |
How about cleanup of DNScrypt providers and update it to match this:
https://download.dnscrypt.info/dnscrypt-resolvers/v2/
Coz many DNS are down/non-existent anymore, like many of D0wn's DNS.
Or pull that lists periodically in AG, like once every 2 weeks or 1 month to maintain working DNScrypt list.
You don't even have Cloudflare's DNS till this RC.
The text was updated successfully, but these errors were encountered: