You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Name servers : ns1.yahoo.com., ns2.yahoo.com., ns3.yahoo.com., ns4.yahoo.com., ns5.yahoo.com.
DNSSEC signed : no
Mail servers : 1 mail servers found
HTTPS alias : -
HTTPS info : -
Host info : -
TXT records : v=spf1 redirect=_spf.mail.yahoo.com
raspberrypi:/opt/dnscrypt-proxy#
Initially raised as discussion #...
I think this is not a bug, just curious want to ask.
I have a Raspberry Pi 3B+, behind the router, I make dnscrypt proxy work without problem, all device under the LAN works fine, but when I try to use other server (vps) use nslookup / dig to test my dnscrypt proxy, port 53 already open, none of the address can resolve,
; <<>> DiG 9.16.15-Ubuntu <<>> @xxx.xxx.xxx.xxx gmail.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
I check the log, I found that outside can connect to my RPI, because :
[2021-12-23 00:37:19] 8.21.11.6 gmail.com A PASS 0ms -
[2021-12-23 00:37:24] 8.21.11.6 gmail.com A PASS 0ms -
[2021-12-23 00:37:29] 8.21.11.6 gmail.com A PASS 0ms -
[2021-12-23 00:37:33] 10.10.10.6 itunes.com A PASS 0ms -
[2021-12-23 00:37:33] 127.0.0.1 itunes.com A PASS 0ms -
[2021-12-23 00:37:33] 127.0.0.1 itunes.com AAAA PASS 0ms -
[2021-12-23 00:37:33] 10.10.10.6 s.mzstatic.com A PASS 0ms -
8.21.11.6 is my VPS, (I use cloudflare warp) , it can connect to port 53, but cannot resolve address.
I just curious, which setting cause I can only use under LAN, and I can't resolve address from outside?
I know DNS amplification DDoS attack, I don't want my DNS act as an open resolver, I just curious, dnscrypt-proxy how to do that?let me only can use under LAN and cannot use in outside, which setting control it?I can't find the settings so I ask in here.
This discussion was converted from issue #1971 on December 22, 2021 16:58.
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
./dnscrypt-proxy -version
2.1.1
./dnscrypt-proxy -check
raspberrypi:/opt/dnscrypt-proxy# ./dnscrypt-proxy -check
raspberrypi:/opt/dnscrypt-proxy#
./dnscrypt-proxy -resolve example.com
raspberrypi:/opt/dnscrypt-proxy# ./dnscrypt-proxy -resolve yahoo.com.hk
Resolving [yahoo.com.hk] using 127.0.0.1 port 53
Resolver : 45.153.187.96
Canonical name: yahoo.com.hk.
IPv4 addresses: 74.6.136.150, 98.136.103.23, 212.82.100.150
IPv6 addresses: -
Name servers : ns1.yahoo.com., ns2.yahoo.com., ns3.yahoo.com., ns4.yahoo.com., ns5.yahoo.com.
DNSSEC signed : no
Mail servers : 1 mail servers found
HTTPS alias : -
HTTPS info : -
Host info : -
TXT records : v=spf1 redirect=_spf.mail.yahoo.com
raspberrypi:/opt/dnscrypt-proxy#
I think this is not a bug, just curious want to ask.
I have a Raspberry Pi 3B+, behind the router, I make dnscrypt proxy work without problem, all device under the LAN works fine, but when I try to use other server (vps) use nslookup / dig to test my dnscrypt proxy, port 53 already open, none of the address can resolve,
; <<>> DiG 9.16.15-Ubuntu <<>> @xxx.xxx.xxx.xxx gmail.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
I check the log, I found that outside can connect to my RPI, because :
[2021-12-23 00:37:19] 8.21.11.6 gmail.com A PASS 0ms -
[2021-12-23 00:37:24] 8.21.11.6 gmail.com A PASS 0ms -
[2021-12-23 00:37:29] 8.21.11.6 gmail.com A PASS 0ms -
[2021-12-23 00:37:33] 10.10.10.6 itunes.com A PASS 0ms -
[2021-12-23 00:37:33] 127.0.0.1 itunes.com A PASS 0ms -
[2021-12-23 00:37:33] 127.0.0.1 itunes.com AAAA PASS 0ms -
[2021-12-23 00:37:33] 10.10.10.6 s.mzstatic.com A PASS 0ms -
8.21.11.6 is my VPS, (I use cloudflare warp) , it can connect to port 53, but cannot resolve address.
I just curious, which setting cause I can only use under LAN, and I can't resolve address from outside?
I know DNS amplification DDoS attack, I don't want my DNS act as an open resolver, I just curious, dnscrypt-proxy how to do that?let me only can use under LAN and cannot use in outside, which setting control it?I can't find the settings so I ask in here.
thanks.
Beta Was this translation helpful? Give feedback.
All reactions