Here is a diff for dnscrypt-proxy 2.0.23, released April 28,
2019. https://github.com/jedisct1/dnscrypt-proxy/releases
Frank Denis has allowed me to take $MAINTAINER. Thank you, Frank.
--8<---------------cut here---------------start------------->8---
Sure, go ahead :)
I maintain the proxy itself, but the port not so much, so your help
would be more than welcome!
--8<---------------cut here---------------end--------------->8---
Changes:
- Updated maintainer
- Changed DESCR and README grammar and shortened some parts
- Added notes in README about `server_names' and `lb_strategy'
I have successfully tested it with the default .toml file.
diff:
--8<---------------cut here---------------start------------->8---
Index: Makefile
===================================================================
RCS file: /cvs/ports/net/dnscrypt-proxy/Makefile,v
retrieving revision 1.39
diff -u -p -r1.39 Makefile
--- Makefile 16 Apr 2019 15:26:10 -0000 1.39
+++ Makefile 30 Apr 2019 00:42:48 -0000
@@ -1,16 +1,16 @@
# $OpenBSD: Makefile,v 1.39 2019/04/16 15:26:10 bket Exp $
-COMMENT = flexible DNS proxy, with support for encrypted DNS protocols
+COMMENT = flexible DNS proxy with support for encrypted DNS protocols
GH_ACCOUNT = jedisct1
GH_PROJECT = dnscrypt-proxy
-GH_TAGNAME = 2.0.22
+GH_TAGNAME = 2.0.23
CATEGORIES = net
HOMEPAGE = https://dnscrypt.info/
-MAINTAINER = Frank Denis <dnscrypt@pureftpd.org>
+MAINTAINER = Nam Nguyen <namn@berkeley.edu>
# ISC
PERMIT_PACKAGE_CDROM = Yes
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/dnscrypt-proxy/distinfo,v
retrieving revision 1.17
diff -u -p -r1.17 distinfo
--- distinfo 16 Apr 2019 15:26:11 -0000 1.17
+++ distinfo 30 Apr 2019 00:42:48 -0000
@@ -1,2 +1,2 @@
-SHA256 (dnscrypt-proxy-2.0.22.tar.gz) = rIrTJrbaR7seUV0po1RRGo3Jpev89L6Ba2eRUy0C1WQ=
-SIZE (dnscrypt-proxy-2.0.22.tar.gz) = 2192330
+SHA256 (dnscrypt-proxy-2.0.23.tar.gz) = 1AWlYrDUsBAaETR8Fke7VTUZRdgtZ1ZbOWeUur8paQU=
+SIZE (dnscrypt-proxy-2.0.23.tar.gz) = 2552615
Index: pkg/DESCR
===================================================================
RCS file: /cvs/ports/net/dnscrypt-proxy/pkg/DESCR,v
retrieving revision 1.1
diff -u -p -r1.1 DESCR
--- pkg/DESCR 16 Oct 2018 14:55:02 -0000 1.1
+++ pkg/DESCR 30 Apr 2019 00:42:48 -0000
@@ -1,24 +1,23 @@
-dnscrypt-proxy is a flexible DNS proxy, with support for modern encrypted DNS
-protocols such as DNSCrypt v2 and DNS-over-HTTPS, which features:
+dnscrypt-proxy is a flexible DNS proxy with support for modern encrypted DNS
+protocols, such as DNSCrypt v2 and DNS-over-HTTPS, and features:
- DNS traffic encryption and authentication. Supports DNS-over-HTTPS (DoH) and
DNSCrypt.
-- DNS query monitoring, with separate log files for regular and suspicious
- queries
-- Filtering: block ads, malware, and other unwanted content. Compatible with
- all DNS services
-- Time-based filtering, with a flexible weekly schedule
-- Transparent redirection of specific domains to specific resolvers
-- DNS caching, to reduce latency and improve privacy
-- Local IPv6 blocking to reduce latency on IPv4-only networks
-- Load balancing: pick a set of resolvers, dnscrypt-proxy will automatically
- measure and keep track of their speed, and balance the traffic across the
- fastest available ones.
-- Cloaking: like a HOSTS file on steroids, that can return preconfigured
- addresses for specific names, or resolve and return the IP address of other
- names. This can be used for local development as well as to enforce safe
- search results on Google, Yahoo and Bing.
-- Automatic background updates of resolvers lists
-- Can force outgoing connections to use TCP
-- Supports SOCKS proxies
-- Compatible with DNSSEC
+- DNS query monitoring with separate log files for regular and suspicious
+ queries.
+- Filtering: block ads, malware and other unwanted content. Compatible with all
+ DNS services.
+- Time-based filtering with a flexible weekly schedule.
+- Transparent redirection of specific domains to specific resolvers.
+- DNS caching to reduce latency and improve privacy.
+- Local IPv6 blocking to reduce latency on IPv4-only networks.
+- Load balancing: pick a set of resolvers, and dnscrypt-proxy will automatically
+ measure their speeds in order to balance traffic among the fastest available.
+- Cloaking: like a HOSTS file on steroids that can return preconfigured
+ addresses for specific names or resolve and return the IP addresses of
+ other names. This can be used for local development, as well as to
+ enforce safe search results on Google, Yahoo and Bing.
+- Automatic background updates of resolvers lists.
+- Can force outgoing connections to use TCP.
+- Supports SOCKS proxies.
+- Compatible with DNSSEC.
Index: pkg/README
===================================================================
RCS file: /cvs/ports/net/dnscrypt-proxy/pkg/README,v
retrieving revision 1.1
diff -u -p -r1.1 README
--- pkg/README 16 Oct 2018 14:55:02 -0000 1.1
+++ pkg/README 30 Apr 2019 00:42:48 -0000
@@ -7,20 +7,36 @@ $OpenBSD: README,v 1.1 2018/10/16 14:55:
dnscrypt-proxy listens for DNS queries on a local address and forwards
them to a DNSCrypt resolver over an encrypted channel.
-To use this package, two things are required.
+To use this package, several things are required.
-Firstly, validate that ${SYSCONFDIR}/dnscrypt-proxy.toml fits your needs,
-and start the daemon:
+First, ensure that ${SYSCONFDIR}/dnscrypt-proxy.toml fits your needs.
+
+Uncomment 'server_names' to have a smaller set of public resolvers to be
+used for load balancing. If this line is commented, all registered
+servers matching the require_* filters will be used for load balancing.
+
+Note the load balancing strategy, controlled by 'lb_strategy'. It can be
+set to one of the following values:
+ - 'fastest' (always pick the fastest server in the list)
+ - 'p2' (randomly choose between the top two fastest servers)
+ - 'ph' (randomly choose between the top fastest half of all servers)
+ - 'random' (just pick any random server from the list)
+
+'p2' is the default option, and you may change this. For more
+information, see
+https://github.com/jedisct1/dnscrypt-proxy/wiki/Load-Balancing-Options
+
+Second, start the daemon:
# rcctl enable dnscrypt_proxy
# rcctl start dnscrypt_proxy
-Secondly, set /etc/resolv.conf to perform queries from dnscrypt-proxy:
+Finally, set /etc/resolv.conf to perform queries from dnscrypt-proxy:
nameserver 127.0.0.1
lookup file bind
-Note: If fetching your IP address dynamically, dhclient(8) will normally
+Note: If your IP address is dynamically fetched, dhclient(8) will normally
update resolv.conf with network-provided DNS servers. This can be avoided
by using "ignore domain-name, domain-name-servers;" in /etc/dhclient.conf.
--8<---------------cut here---------------end--------------->8---
No comments:
Post a Comment