Author Topic: Dnscrypt-proxy2: 2.0.39 Custom Blacklist (Read 3184 times)

mush2020 · « **on:** April 01, 2020, 06:30:24 pm »

I have installed Dnscrypt-proxy2: plugin with following version
OPNsense 20.1.3-amd64
os-dnscrypt-proxy: 1.7_1 [OPNsense]
dnscrypt-proxy2: 2.0.39 [OPNsense]

Looking to add custom domain e.g. to blacklist.txt file in /usr/local/etc/dnscrypt-proxy directory
*.tv
*.xyz
It looks that this blacklist.txt file not accept any manual entries, as after some time it rollbacks to the original.
So how can additional domains and IP address or add github links to download could be added as custom blacklist

Also i could not see any Blacklist tab as such in Opnsense - Dnscrypty-Proxy under services

looking to hear for some directions

Thanks

mimugmail · « **Reply #1 on:** April 01, 2020, 07:25:00 pm »

Currently manual additions are not possible

mush2020 · « **Reply #2 on:** April 01, 2020, 08:15:40 pm »

Thanks for prompt reply.
how can i add this blacklist https://github.com/notracking/hosts-blocklists/wiki/Install-dnscrypt-proxy
or any other public blacklist and create a cron job for daily updates.

mimugmail · « **Reply #3 on:** April 01, 2020, 09:52:09 pm »

Manual lists are only available in unbound-plus which will be released in some weeks

mush2020 · « **Reply #4 on:** April 09, 2020, 05:44:34 pm »

I have now installed unbound plus and cloud see Blacklist, few queries
1. Does unbound + replaces DNSCrypt-Proxy 2? Both has identical DNSBL providers
2. How to add custom blacklist for TLDs? like i want to block *.xyz
3. Is it possible to add Shalla or UT1 links to Blacklist for domains filtering based on web categorization?
4. What changes required in firewall and NAT rules if only unbound+ is used? eg. now with DNSCrypt Proxy port forwarding DNS 5353 is used along with unbound + port 53
5. should unbound + Adv options required
do-not-query-localhost: no
forward-zone:
name: "."
forward-addr: 127.0.0.1@5353

mimugmail · « **Reply #5 on:** April 09, 2020, 05:53:30 pm »

- It replaces dnscrypt if you only use it for DNSBL, if you also use encryption you need to wait for the next update supporting DoT
- You can add custom domains via Overrides I'd guess
- Shalla uses URI and not URL .. this won't work
- No port forward required since Unbound uses local port 53
- No advanced options .. its all in there ..

Cool thing

mush2020 · « **Reply #6 on:** April 09, 2020, 05:59:35 pm »

Thanks,
How about adding DoH, more specifically i want to use DNS servers like cleanbrowsing is it possible to add.
As you mentioned earlier in the post, where i can now add manual blacklist in unbound+

mimugmail · « **Reply #7 on:** April 09, 2020, 10:24:06 pm »

Unbound only supports DoT. The URL free form allows to you add a URL

Author Topic: Dnscrypt-proxy2: 2.0.39 Custom Blacklist (Read 3184 times)

mush2020

Dnscrypt-proxy2: 2.0.39 Custom Blacklist

mimugmail

Re: Dnscrypt-proxy2: 2.0.39 Custom Blacklist

mush2020

Re: Dnscrypt-proxy2: 2.0.39 Custom Blacklist

mimugmail

Re: Dnscrypt-proxy2: 2.0.39 Custom Blacklist

mush2020

Re: Dnscrypt-proxy2: 2.0.39 Custom Blacklist

mimugmail

Re: Dnscrypt-proxy2: 2.0.39 Custom Blacklist

mush2020

Re: Dnscrypt-proxy2: 2.0.39 Custom Blacklist

mimugmail

Re: Dnscrypt-proxy2: 2.0.39 Custom Blacklist