mirror of
https://github.com/openbsd/ports.git
synced 2026-06-19 07:54:00 +02:00
namn
cb11e7fb93
Remove rc_reload=NO to allow sending -HUP to load extra config files
(e.g., ${LOCALSTATEDIR}/dnscrypt-proxy/blocked-names.txt). This is an
alternative to the new feature enable_hot_reload, which can be set to
false. Note that the main config file ${SYSCONFDIR}/dnscrypt-proxy.toml
cannot be reloaded.
changelog:
https://github.com/DNSCrypt/dnscrypt-proxy/releases/tag/2.1.13
From Igor Zornik <mocheryl at mocheryl dot org> with README tweaks from me
69 lines
2.0 KiB
Plaintext
69 lines
2.0 KiB
Plaintext
+-----------------------------------------------------------------------
|
|
| Running ${PKGSTEM} on OpenBSD
|
|
+-----------------------------------------------------------------------
|
|
|
|
dnscrypt-proxy listens for DNS queries on a local address and forwards
|
|
them to a DNSCrypt resolver over an encrypted channel.
|
|
|
|
To use this package, several things are required.
|
|
|
|
Customizing dnscrypt-proxy.toml
|
|
===============================
|
|
|
|
Ensure that ${SYSCONFDIR}/dnscrypt-proxy.toml fits your needs.
|
|
|
|
Resolvers
|
|
---------
|
|
Uncomment 'server_names' to have a smaller set of public resolvers to be used
|
|
for load balancing. If this line is commented, all registered servers matching
|
|
the require_* filters will be used for load balancing. Refer to
|
|
${LOCALSTATEDIR}/dnscrypt-proxy/public-resolvers.md for a list of all public
|
|
resolvers.
|
|
|
|
Load balancing strategy
|
|
-----------------------
|
|
Note the load balancing strategy, controlled by 'lb_strategy'. It can be
|
|
set to one of the following values:
|
|
- 'wp2' (default): Weighted Power of Two - selects the better
|
|
performing server from two random candidates based on real-time RTT
|
|
and success rates.
|
|
- 'p2': Randomly choose 1 of the fastest 2 servers by latency.
|
|
- 'ph': Randomly choose from fastest half of servers.
|
|
- 'p<n>': Randomly choose from fastest n servers (e.g., 'p3' for fastest 3).
|
|
- 'first': Always use the fastest server.
|
|
- 'random': Randomly choose from all servers.
|
|
|
|
For more information, see
|
|
https://github.com/jedisct1/dnscrypt-proxy/wiki/Load-Balancing-Options
|
|
|
|
Logging
|
|
-------
|
|
Logging is disabled by default.
|
|
|
|
To log to ${LOCALSTATEDIR}/log/messages:
|
|
log_level = 2
|
|
use_syslog = true
|
|
|
|
To log to a custom file:
|
|
log_level = 2
|
|
log_file = '${LOCALSTATEDIR}/log/dnscrypt-proxy.log'
|
|
|
|
Daemon
|
|
======
|
|
|
|
Start the daemon:
|
|
|
|
# rcctl enable dnscrypt_proxy
|
|
# rcctl start dnscrypt_proxy
|
|
|
|
resolv.conf
|
|
===========
|
|
|
|
Managed by resolvd(8). One way is to disable it and force
|
|
${SYSCONFDIR}/resolv.conf to perform queries from dnscrypt-proxy:
|
|
|
|
nameserver 127.0.0.1
|
|
lookup file bind
|
|
|
|
For more information, see https://dnscrypt.info/
|