Hi,
I've installed the latest devel and the dns-crypt plugin which is great to see.
Are there any guides for configuring it yet?
If not I'm happy to try and write one up, I just probably need a few pointers! Is it best to use it with unbound-dns or BIND? I'd like to include my dhcp static and leases in the local zone and also use some of the adware lists - hence I'm not sure if BIND is suitable.
Any pointers would be much appreciated, happy to input with a "user guide" if that will help.
Using with Unbound you should use a forwarding like described here at the bottom:
https://www.routerperformance.net/opnsense/dnsbl-via-bind-plugin/
For the beginning I'd just enable the service and create a port forward that source and destinationy any, port 53/udp is forwarded to localhost port 5353.
Then you are using dnscrypt for all.
Blacklists are currently not implemented yet, only cloaking/overrides and forwarding.
Thanks. I did try using the NAT rules but I can't seem to get it to work correctly. When I do a leak test I'm still seeing my ISP's DNS servers.
Is there a log file for the plugin? I looked in /var/log but couldn't see anything obvious...
They are in etc folder of the plugin