Skip to content

jamesduncombe/veild

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits

cmd/veild

cmd/veild

 
 

fixtures

fixtures

 
 

vendor/gopkg.in/yaml.v2

vendor/gopkg.in/yaml.v2

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

blacklist.go

blacklist.go

 
 

blacklist_test.go

blacklist_test.go

 
 

dns_parse.go

dns_parse.go

 
 

dns_parse_test.go

dns_parse_test.go

 
 

pconn.go

pconn.go

 
 

pool.go

pool.go

 
 

query_cache.go

query_cache.go

 
 

query_cache_test.go

query_cache_test.go

 
 

resolvers.go

resolvers.go

 
 

resolvers_test.go

resolvers_test.go

 
 

response_cache.go

response_cache.go

 
 

response_cache_test.go

response_cache_test.go

 
 

veild.go

veild.go

 
 

veild_test.go

veild_test.go

 
 

Repository files navigation

veild

Build Status Go Report Card godoc

Stub resolver for routing DNS queries over TLS (DNS-over-TLS).

Thanks to the following sites/RFCs:

Features

  • Roundrobin of requests over each DNS server
  • Caches responses and adhers to TTLs
  • Blacklist domains using a supplied file (txt file of domains to block)
  • Ability to define a list of resolvers in a YAML file

Install

Head on over to the latest releases page to pick up your release of choice :)

Usage

The quickest and easiest way to get started, assuming you've extracted the archive and are in the directory:

sudo ./veild

This will start veild with caching on and a resolvers set to Cloudflare's 1.1.1.1 and 1.0.0.1.

Why do I need sudo?! Well, by default veild listens on port 53 (UDP) which is within the privileged ports range... more on that here.

Hopefully you should see it startup with output similar to the following:

$ sudo ./veild
2018/09/06 16:59:03 Starting Veil
2018/09/06 16:59:03 [main] Outbound port set to 853
2018/09/06 16:59:03 [main] Listening on 127.0.0.1:53 (UDP)

If you do... good stuff!

Time to set your resolver to your nice, new, fresh super secure™ resolver.

When your OS is set to use veild you should start to see some activity in the console.

Resolvers

The resolvers.yml file which you'll see in the archive also gives you the ability to enable/disable DNS resolvers as needed. I've added comments in there which should explain things.

Outbound port

You can specify an outbound port (instead of the default 853 DNS-over-TLS port) by using the -p flag when starting veild.

Using the -p flag filters down the resolvers in the resolvers.yml file to the specified port.

Blacklists

Blacklist support is also available to block ad domains etc. For that you'll need to head to Steven Black's repo where you can find multiple blacklists available for download.

Veild is happy working with the hosts file format, so, once you have a blacklist downloaded, simply add: -b blacklist.txt to the end of the command above.

I think that just about covers things... for a full set of the arguments that you can pass to veild run: ./veild --help

Todo

  • Limit size of cache
  • Add ability to remap domain requests

About

Stub resolver for routing DNS queries over TLS (DNS-over-TLS).

Topics

go dns dns-over-tls stub-resolver

Resources

Readme

License

MIT license
Activity

Stars

8 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases 1

v0.1.0 Latest
Sep 7, 2018

Languages