[2019-01-14 14:08:44] [NOTICE] dnscrypt-proxy 2.0.19[2019-01-14 14:08:44] [NOTICE] Loading the set of blocking rules from [/usr/local/etc/dnscrypt-proxy/domains-blacklist][2019-01-14 14:08:45] [NOTICE] Loading the set of forwarding rules from [/usr/local/etc/dnscrypt-proxy/forwarding-rules][2019-01-14 14:08:45] [NOTICE] Loading the set of IP blocking rules from [/usr/local/etc/dnscrypt-proxy/domains-ip-blacklist][2019-01-14 14:08:45] [NOTICE] Now listening to 127.0.0.1:5353 [UDP][2019-01-14 14:08:45] [NOTICE] Now listening to 127.0.0.1:5353 [TCP][2019-01-14 14:08:46] [NOTICE] [cloudflare] OK (DoH) - rtt: 31ms
[2019-01-14 18:10:16] 127.0.0.1 s.youtube.com A REJECT[2019-01-14 18:10:16] 127.0.0.1 s.youtube.com A REJECT[2019-01-14 18:10:16] 127.0.0.1 s.youtube.com A REJECT[2019-01-14 18:10:16] 127.0.0.1 s.youtube.com A REJECT[2019-01-14 18:10:16] 127.0.0.1 s.youtube.com A REJECT[2019-01-14 18:10:36] 127.0.0.1 mqtt-p4.facebook.com A PASS[2019-01-14 18:10:36] 127.0.0.1 mqtt-p4.c10r.facebook.com A PASS[2019-01-14 18:10:36] 127.0.0.1 mqtt-p4.c10r.facebook.com A PASS[2019-01-14 18:10:36] 127.0.0.1 cdn.fbsbx.com A PASS[2019-01-14 18:10:37] 127.0.0.1 scontent.xx.fbcdn.net A PASS[2019-01-14 18:10:37] 127.0.0.1 scontent.xx.fbcdn.net A PASS[2019-01-14 18:10:37] 127.0.0.1 scontent.xx.fbcdn.net A PASS[2019-01-14 18:10:37] 127.0.0.1 scontent.xx.fbcdn.net A PASS[2019-01-14 18:10:37] 127.0.0.1 fbsbx.com DS PASS
root@OPNsense:~ # ps ax | grep dnscrypt50066 - Is 0:00.00 daemon: /usr/local/sbin/dnscrypt-proxy[50151] (daemon)50151 - I 1:32.52 /usr/local/sbin/dnscrypt-proxy -config /usr/local/etc/71046 0 S+ 0:00.01 grep dnscrypt
root@OPNsense:~ # drill -p 53 opnsense.org @127.0.0.1;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 926;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION:;; opnsense.org. IN A;; ANSWER SECTION:opnsense.org. 508 IN A 81.171.2.181;; AUTHORITY SECTION:;; ADDITIONAL SECTION:;; Query time: 241 msec;; SERVER: 127.0.0.1;; WHEN: Redacted;; MSG SIZE rcvd: 46
root@OPNsense:~ # drill -p 5353 opnsense.org @127.0.0.1;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 8169;; flags: qr rd ra ad ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION:;; opnsense.org. IN A;; ANSWER SECTION:opnsense.org. 599 IN A 81.171.2.181;; AUTHORITY SECTION:;; ADDITIONAL SECTION:;; Query time: 18 msec;; EDNS: version 0; flags: ; udp: 1452;; SERVER: 127.0.0.1;; WHEN: Mon Jan 14 17:59:46 2019;; MSG SIZE rcvd: 69
root@OPNsense:~ # dnscrypt-proxy -resolve dnscrypt.meResolving [dnscrypt.me]Domain exists: yes, 2 name servers foundCanonical name: dnscrypt.me.IP addresses: 104.31.74.114, 104.31.75.114TXT records: v=spf1 include:spf.messagingengine.com ?allResolver IP: 194.132.32.23 (dns2.ipredator.se.)
root@OPNsense:~ # drill -p 53 google.com @127.0.0.1;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 31403;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION:;; google.com. IN A;; ANSWER SECTION:google.com. 599 IN A 216.58.199.78;; AUTHORITY SECTION:;; ADDITIONAL SECTION:;; Query time: 53 msec;; SERVER: 127.0.0.1;; WHEN: Mon Jan 14 18:06:34 2019;; MSG SIZE rcvd: 44root@OPNsense:~ #
unbound: [21146:1] info: generate keytag query _ta-4f66. NULL INunbound: [21146:2] info: generate keytag query _ta-4f66. NULL INunbound: [21146:0] info: start of service (unbound 1.8.3).unbound: [21146:0] notice: init module 1: iteratorunbound: [21146:0] notice: init module 0: validatorunbound: [86555:0] info: server stats for thread 3: requestlist max 0 avg 0 exceeded 0 jostled 0unbound: [86555:0] info: server stats for thread 3: 0 queries, 0 answers from cache, 0 recursions, 0 prefetch, 0 rejected by ip ratelimitingunbound: [86555:0] info: server stats for thread 2: requestlist max 0 avg 0 exceeded 0 jostled 0unbound: [86555:0] info: server stats for thread 2: 0 queries, 0 answers from cache, 0 recursions, 0 prefetch, 0 rejected by ip ratelimitingunbound: [86555:0] info: server stats for thread 1: requestlist max 0 avg 0 exceeded 0 jostled 0unbound: [86555:0] info: server stats for thread 1: 0 queries, 0 answers from cache, 0 recursions, 0 prefetch, 0 rejected by ip ratelimitingunbound: [86555:0] info: server stats for thread 0: requestlist max 0 avg 0 exceeded 0 jostled 0unbound: [86555:0] info: server stats for thread 0: 0 queries, 0 answers from cache, 0 recursions, 0 prefetch, 0 rejected by ip ratelimitingunbound: [86555:0] info: service stopped (unbound 1.8.3).unbound: [86555:0] info: start of service (unbound 1.8.3).unbound: [86555:0] notice: init module 1: iteratorunbound: [86555:0] notice: init module 0: validatorunbound: [86555:0] notice: Restart of unbound 1.8.3.
lan 127.0.0.110.in-addr.arpa 127.0.0.1192.in-addr.arpa 127.0.0.1254.169.in-addr.arpa 127.0.0.1
server: do-not-query-localhost: no private-domain: "plex.direct"forward-zone: name: "." forward-addr:127.0.0.1@5353
[2019-01-14 08:18:57] 127.0.0.1 dnsprivacy.org A PASS[2019-01-14 08:18:57] 127.0.0.1 dnsprivacy.org A PASS[2019-01-14 08:18:57] 127.0.0.1 dnsprivacy.org A PASS[2019-01-14 08:18:57] 127.0.0.1 dnsprivacy.org A PASS[2019-01-14 08:18:57] 127.0.0.1 org DNSKEY PASS[2019-01-14 08:18:57] 127.0.0.1 org DNSKEY PASS[2019-01-14 08:18:57] 127.0.0.1 dnsprivacy.org DS PASS[2019-01-14 08:18:57] 127.0.0.1 dnsprivacy.org A PASS[2019-01-14 08:18:58] 127.0.0.1 dnsprivacy.org DNSKEY PASS[2019-01-14 08:18:58] 127.0.0.1 dnsprivacy.org DNSKEY PASS[2019-01-14 08:18:58] 127.0.0.1 dnsprivacy.org AAAA SYNTH[2019-01-14 08:18:58] 127.0.0.1 dnsprivacy.org AAAA SYNTH[2019-01-14 08:18:58] 127.0.0.1 dnsprivacy.org AAAA SYNTH[2019-01-14 08:18:58] 127.0.0.1 dnsprivacy.org AAAA SYNTH[2019-01-14 08:18:58] 127.0.0.1 dnsprivacy.org AAAA SYNTH[2019-01-14 08:18:58] 127.0.0.1 dnsprivacy.org AAAA SYNTH[2019-01-14 08:18:58] 127.0.0.1 dnsprivacy.org DNSKEY FORWARD