I didn't know that at all i was on the thinking that unticking one will untick everything to do with it. Thanks for the info.
Yours might be different, but mine was locked in with curly brackets {*}.
so was mine as i tried to do remove libustream-openssl but it was a locked {*} but now i know about what i must do, it shouldn't be an issue anymore.
1 Like
BTW -- Luci is much more responsive now.. Maybe it is just me, but seems much faster.
2 Likes
@davidc502 Luci is definitely improved for me too. Also, the upgrade gave me no problems with DNSCrypt v2. Thanks!
1 Like
Yes, this did the trick butter smooth.
1 Like
I feel like I need to post here with helping points more often. Esp with all of David's help here. I am always using the new builds when I see fit.
1 Like
David, I see that DNSCrypt V2 is included however to make it work there few more steps to go trough. It's just following certain steps of the manual at the wiki of dnscrypt however are you planning updating in on your website aswell?
Best Regards,
on the first page, It seems that my local time is +1H compared to Paris time even if properly set in system.
this bug is only on this release, all good in the 18.6.4 release.
this affect when firewall rules applies.
i had to revert.
can you please help here
pascal
Hi @davidc502
I just saw that you released a new update that has DNScrypt V2 built in. I am still running build r10851 on my linksys wrt32x. If I flash the latest firmware, are there any additional steps that I have to follow in order to get dnscrypt to work?
Note: I am ot using DNScrypt currently and I have not configured it on build r10851 which I am currently running.
Thanks
Excellent update!! I updated from r11266 to r11398. The only package I added was "mc" (GNU Midnight Commander). I noticed this build included luci-ssl which includes px5g-mbedtls. I used to have to have to add luci-ssl to gain access to LuCi from my tablet. If this is what fixed the LuCi hanging issues others were having I am so sorry I didn't put the 2 together and say something. I have been adding luci-ssl since update r6781 when I jumped on board with you guys. Again thanks for all you do. Thanks for the smooth update.
Also DNScrypt resolves to Cloudflare. DNS leak check the same. I did move the .toml file like you said to do.
Is Version 1 or Version 2 currently configured on the router? It does make a difference on how to proceed.
Does anyone have any guides on howto setup MESH networks.. I've got a WRT-1900AC and a WRT-3200ACM that i would love to set this up on with a LAN backhaul.. I think I have gone over too many manuals now fully lost of how to set it up 
@davidc502 I am not using DNScrypt on the current firmware. I have not even modified it or made any changes to it because I am not using it but when I checked the list of packages installed i got this ( see picture)
dnscrypt-proxy 2018-11-22-f61ca76a-1
dnscrypt-proxy-resolvers 2018-11-22-f61ca76a-1
There really isn't a whole lot to getting it to work.. Really it sounds more confusing than it really is.
Since it is baked in now, I need to update the instructions I have on the site. Essentially, you need to configure the .toml file, found in /etc/dnscrypt-proxy2/ directory. To start, point it to cloudflare, and choose a port it will listen on. For example: listen_addresses = ['127.0.0.1:5300'] . Restart the service, /etc/init.d/dnscrypt-proxy restart. Then you just need to make sure all of your clients are set to get DNS from the router. Under /etc/config/dhcp Edit that file and add this option under "LAN" list dhcp_option '6,192.168.1.1' then in that same file "dhcp" add the following line under "config dnsmasq" - list server '127.0.0.1#5300' - Lastly you need to restart dnsmasq /etc/init.d/dnsmasq restart.
Quick recap.. Edit the .toml file, and Edit the dhcp file, and add 2 lines.. Restart both dnscrypt-proxy and dnsmasq.
Once all of that is done, on a windows machine in command line issue ipconfig /release then ipconfig /renew and verify the machine is getting the right dns server 192.168.1.1. If it is, then you can do a nslookup cnn.com and verify it resolves.
If it doesn't work, no worries, the only thing you need to do to revert is to edit the dhcp file, and take out this line - list server '127.0.0.1#5300' then restart dnsmasq, and you should be good to go.
Hi David,
I just wanted to let you know that despite configuring as described above it looked like I was still leaking dns queries (at least according to: https://www.dnsleaktest.com). What appears to have fixed it for me was setting:
option noresolv '1'
in the config dnsmasq section of /etc/config/dhcp.
Not sure if that's correct or not, but wanted to let you know. Thanks!
2 Likes
@davidc502
Thanks for the instructions. I will give it a shot.
One observation though, I flashed the latest firmware but I did not configure DNSCrypt at all and I noticed the followings:
-
Under "services" there is no DNSCrypt-Proxy anymore. Is this expected? ( you said that DNSCrypt versio 2 is built-in in the latest firmware. Do I still need to install it before I follow your instructions listed above?
-
I was able to connect but without internet connection at all. When I checked the connection information I found that the Primary DNS for the client was 192.168.1.1 which is the router's IP. Do you think that websites did not resolve because DNSCrypt was not configured yet?
For #1 that is correct. Luci-app-dnscrypt-proxy is for version 1 (hence not installed).
For #2 It sounds like the problem may be several things, so it is hard to say. For now, your clients can be manually set up to use 8.8.8.8, for example, and it should work normally until dnscrypt-proxy2 is configured.
Sorry for the newb question, but Google is failing me:
Everything works fine running r10899 with dns-proxy2. When I upgrade to a newer version with saving settings, I lose the internet connection. E.g., ping 8.8.8.8 returns:
ping: sendto: Network unreachable
Any help on where to start debugging is appreciated. Thanks.
Sorry, just a very very little issue, but the "Local Time" is not shown correctly on the "Overview"-Page in LuCi. I have chosen the timezone Europe/Berlin and it is shown correctly on the "System"-Tab, but the Overview-Page shows the actual time +1h.