forked from Lainports/freebsd-ports
4fb2a83de5
dns-proxy-tor is a DNS server that stops DNS leaks with applications that don't support or aren't configured to use socks4a or Tor's DNS resolution. WWW: http://http://p56soo2ibjkx23xo.onion/ PR: ports/99033 Submitted by: Fabian Keil <fk at fabiankeil.de>
48 lines
1.4 KiB
Text
48 lines
1.4 KiB
Text
|
|
Before running dns-proxy-tor you have to add:
|
|
|
|
ControlPort 9051
|
|
|
|
in Tor's configuration file (usually: %%PREFIX%%/etc/tor/torrc).
|
|
|
|
By default dns-proxy-tor binds to port 5353,
|
|
you can use PF to make sure DNS requests get there:
|
|
|
|
# Example taken from %%DOCSDIR%%/filter-examples
|
|
# redirect dns traffic from both into the dns proxy
|
|
rdr pass on { lo1 $int_if } inet proto udp to port domain \
|
|
-> 127.0.0.1 port $dns_proxy
|
|
# reroute loopback dns queries
|
|
pass out quick on lo0 route-to lo1 inet proto udp to port domain keep state
|
|
# skip all other loopback traffic
|
|
pass quick on lo0 keep state
|
|
# reroute locally generated dns trying to leave on the external interface
|
|
pass out on $ext_if route-to lo1 inet proto udp to port domain keep state
|
|
|
|
Add:
|
|
|
|
cloned_interfaces="lo1"
|
|
ifconfig_lo1="127.0.0.2 up"
|
|
|
|
to /etc/rc.conf to create and configure lo1 on boot, add
|
|
|
|
dns_proxy_tor_enable="YES"
|
|
|
|
to start dns-proxy-tor on boot as well. If you want dns-proxy-tor
|
|
to bind to the standard port 53, additionally use:
|
|
|
|
dns_proxy_tor_start_privileged="YES"
|
|
dns_proxy_tor_bind_port="53"
|
|
|
|
Have a look at %%PREFIX%%/etc/rc.d/dns-proxy-tor
|
|
to see the other optional variables you can use.
|
|
|
|
dns-proxy-tor's README, LICENSE and changelog were copied to
|
|
%%DOCSDIR%%, note that they also contain
|
|
information about trans-proxy-tor which has its own port.
|
|
|
|
Run:
|
|
|
|
perldoc dns-proxy-tor
|
|
|
|
to see how to use dns-proxy-tor without the rc file.
|