Skip to content

ustclug/neatdns

stable
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 

Neat DNS

an anti-pollution DNS server

Including the following software:

  • bind
  • dnscrypt-wrapper
  • collectd

Deployment

docker run -itd \
	--name=neatdns \
	-p 53:53/tcp \
	-p 53:53/udp \
	-p 443:443/tcp \
	-p 443:443/udp \
	-v $DNSCRYPT_KEY_PATH:/srv/dnscrypt-wrapper \
	-e DNSCRYPT_PROVIDER=2.dnscrypt-cert.example.org \
	--cap-add=NET_ADMIN \
	ustclug/neatdns

P.S. you should install docker first.

Available environment variables:

Name Implication Default Value
GLOBAL_DNS1 preferred DNS server to resolve non-China website 8.8.4.4
GLOBAL_DNS2 alternate DNS server to resolve non-China website 8.8.8.8
CHINA_DNS1 preferred DNS server to resolve China website 119.29.29.29
CHINA_DNS2 alternate DNS server to resolve China website 223.5.5.5
DNSCRYPT_ON auto-start DNSCrypt daemon true
DNSCRYPT_PROVIDER DNSCrypt provider name 2.dnscrypt-cert.ustclug.org
DNSCRYPT_PORT DNSCrypt port 443
COLLECTD_ON auto-start collectd false
COLLECTD_HOSTNAME hostname defined in collectd.conf neatdns
INFLUXDB_HOST remote influxDB host influxdb
INFLUXDB_PORT remote influxDB port 25826
FAIL2BAN_ON auto-start fail2ban true

DNSCrypt Client Usage

Please get your own DNSCrypt fingerprint first:

$ cat $DNSCRYPT_KEY_PATH/fingerprint
Provider public key fingerprint : 4365:1587:E7A0:8C7C:1759:D300:6218:89AE:5999:42CA:562E:CB00:03E5:2147:A850:E191

ATTENTION: It would show a different fingerprint, please replace the fingerprint below with your own one.

Then, run dnscrypt-proxy on the client side, for example:

dnscrypt-proxy --local-address=127.0.0.1:53 --resolver-address=$DNS_SERVER:443 --provider-name=2.dnscrypt-cert.example.org --provider-key=4365:1587:E7A0:8C7C:1759:D300:6218:89AE:5999:42CA:562E:CB00:03E5:2147:A850:E191

NOTE: You need to replace $DNS_SERVER with your server IP address.

About

anti-pollution DNS server

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published