Port details |
- dnscrypt-proxy2 Flexible DNS proxy with support for encrypted protocols
- 2.1.2_1 dns
=3 Version of this port present on the latest quarterly branch. - Maintainer: egypcio@FreeBSD.org
 - Port Added: 2018-03-25 14:46:33
- Last Update: 2022-08-03 21:35:13
- Commit Hash: 4476f89
- People watching this port, also watch:: unbound, php80-pecl-ssh2, sshguard, python27, py39-ansible
- Also Listed In: security
- License: ISCL
- Description:
- A flexible DNS proxy with support for modern encrypted DNS protocols such as
DNSCrypt v2 and DNS-over-HTTP/2.
WWW: https://github.com/jedisct1/dnscrypt-proxy
- SVNWeb : git : Homepage
- pkg-plist: as obtained via:
make generate-plist - Dependency lines:
-
- dnscrypt-proxy2>0:dns/dnscrypt-proxy2
- Conflicts:
- CONFLICTS_INSTALL:
- Conflicts Matches:
-
There are no Conflicts Matches for this port. This is usually an error.
- To install the port:
- cd /usr/ports/dns/dnscrypt-proxy2/ && make install clean
- To add the package, run one of these commands:
- pkg install dns/dnscrypt-proxy2
- pkg install dnscrypt-proxy2
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: dnscrypt-proxy2
- Flavors: there is no flavor information for this port.
- distinfo:
- TIMESTAMP = 1659443362
SHA256 (DNSCrypt-dnscrypt-proxy-2.1.2_GH0.tar.gz) = aa55fd52b9c1b983405bf98b42ec754f5d6f59b429ba9c98115df617eef5dea4
SIZE (DNSCrypt-dnscrypt-proxy-2.1.2_GH0.tar.gz) = 6792121
- Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- go119 : lang/go119
- Runtime dependencies:
-
- ca_root_nss>=3.35 : security/ca_root_nss
- There are no ports dependent upon this port
- Configuration Options:
- ===> The following configuration options are available for dnscrypt-proxy2-2.1.2_1:
DOCS=on: Build and/or install documentation
EXAMPLES=on: Build and/or install examples
===> Use 'make config' to modify these settings
- Options name:
- dns_dnscrypt-proxy2
- USES:
- go:modules
- pkg-message:
- For install:
- Version 2 of dnscrypt-proxy is written in Go. by default, this port's daemon
will listen on port 5353 (TCP/UDP) as the _dnscrypt-proxy user.
It's possible to bind it and listen on port 53 (TCP/UDP) with mac_portacl(4)
kernel module (network port access control policy). For this add
dnscrypt_proxy_mac_portacl_enable=YES in your rc.conf. The dnscrypt-proxy
startup script will load mac_portacl and add a rule where _dnscrypt-proxy user will
be able to bind on port 53 (TCP/UDP). This port can be changed by
dnscrypt_proxy_mac_portacl_port variable in your rc.conf. You also need to
change dnscrypt-proxy config file to use port 53.
Below are a few examples on how to redirect local connections from port
5353 to 53.
[ipfw]
ipfw nat 1 config if lo0 reset same_ports \
redirect_port tcp 127.0.0.1:5353 53 \
redirect_port udp 127.0.0.1:5353 53
ipfw add nat 1 ip from any to 127.0.0.1 via lo0
/etc/rc.conf:
firewall_enable="YES"
firewall_nat_enable="YES"
/etc/sysctl.conf:
net.inet.ip.fw.one_pass=0
[pf]
set skip on lo0
rdr pass on lo0 proto { tcp udp } from any to port 53 -> 127.0.0.1 port 5353
/etc/rc.conf:
pf_enable="YES"
[unbound]
/etc/rc.conf:
local_unbound_enable="YES"
/var/unbound/unbound.conf:
server:
interface: 127.0.0.1
do-not-query-localhost: no
/var/unbound/forward.conf:
forward-zone:
name: "."
forward-addr: 127.0.0.1@5353
If you are using local_unbound, DNSSEC is enabled by default. You should
comment the "auto-trust-anchor-file" line or change dnscrypt-proxy to use
servers with DNSSEC support only.
- Master Sites:
|
Commit History - (may be incomplete: see SVNWeb link above for full details) |
Date | By | Description |
03 Aug 2022 21:35:13 2.1.2_1 |
Dmitri Goutnik (dmgk)  |
all: Bump PORTREVISION after Go update
Bump Go ports PORTREVISION after GO_DEFAULT and lang/go118 update. |
02 Aug 2022 12:45:46 2.1.2 |
Vinícius Zavam (egypcio)  |
dns/dnscrypt-proxy2: update 2.1.1_3 to 2.1.2
* https://github.com/DNSCrypt/dnscrypt-proxy/releases/tag/2.1.2 |
28 Jul 2022 19:06:09 2.1.1_3 |
Vinícius Zavam (egypcio)  |
dns/dnscrypt-proxy2: fix 'pkg-message warning is out of date'
PR: 264323
Reported by: Bill Blake <billblake2018 % gmail.com> |
14 Jul 2022 12:46:05 2.1.1_3 |
Dmitri Goutnik (dmgk)  |
all: Bump PORTREVISION after lang/go{117,118} update |
07 Jun 2022 21:56:10 2.1.1_2 |
Dmitri Goutnik (dmgk)  |
*/*: Bump port revisons after lang/go{117,118} update |
01 Apr 2022 15:09:49 2.1.1_1 |
Dmitry Marakasov (amdmi3)  |
*/*: fix trailing whitespace in pkg-descr's
Approved by: portmgr blanket |
30 Mar 2022 07:01:44 2.1.1_1 |
Guangyuan Yang (ygy)  |
*/*: Bump PORTREVISION after lang/go 1.18 update |
17 Oct 2021 13:08:22 2.1.1 |
Vinícius Zavam (egypcio)  |
dns/dnscrypt-proxy2: update 2.0.45 to 2.1.1
* https://github.com/DNSCrypt/dnscrypt-proxy/releases/tag/2.1.1
* https://github.com/DNSCrypt/dnscrypt-proxy/compare/2.0.45...2.1.1 |
07 Apr 2021 08:09:01 2.0.45 |
Mathieu Arnold (mat)  |
One more small cleanup, forgotten yesterday.
Reported by: lwhsu |
06 Apr 2021 14:31:13 2.0.45 |
Mathieu Arnold (mat)  |
all: Remove all other $FreeBSD keywords. |
06 Apr 2021 14:31:07 2.0.45 |
Mathieu Arnold (mat)  |
Remove # $FreeBSD$ from Makefiles. |
23 Jan 2021 10:00:48
2.0.45 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.44 to 2.0.45
* https://github.com/DNSCrypt/dnscrypt-proxy/releases/tag/2.0.45
PR: 252574
Reported by: Bill Blake <billblake2018 % gmail.com> |
12 Jun 2020 10:34:48
2.0.44 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.42 to 2.0.44 |
30 Mar 2020 15:11:29
2.0.42 |
garga  |
dns/dnscrypt-proxy2: Update to 2.0.42
Submitted by: egypcio (maintainer) |
04 Feb 2020 11:49:42
2.0.39 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.36 to 2.0.39 |
03 Jan 2020 12:48:27
2.0.36 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.34 to 2.0.36 |
09 Dec 2019 13:04:04
2.0.34 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.33 to 2.0.34 |
22 Nov 2019 10:13:22
2.0.33 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.31_1 to 2.0.33 |
16 Nov 2019 12:52:40
2.0.31_1 |
dmgk  |
Bump PORTREVISION after r517743 to force relinking.
Approved by: araujo (mentor)
Differential Revision: https://reviews.freebsd.org/D21854 |
03 Nov 2019 16:45:44
2.0.31 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.29_2 to 2.0.31 |
30 Oct 2019 20:15:56
2.0.29_2 |
egypcio  |
dns/dnscrypt-proxy2: sync stable 2.0.29 (37c9394)
Obtained
from: https://github.com/DNSCrypt/dnscrypt-proxy/commit/37c939480d79deb9571290fbb62724d7c20f7432 |
30 Oct 2019 18:40:15
2.0.29_1 |
egypcio  |
dns/dnscrypt-proxy2: fix 'panic: runtime error' on 2.0.29
Reported by: blakkheim (tj@openbsd.org)
Obtained from: https://github.com/DNSCrypt/dnscrypt-proxy/issues/998 |
29 Oct 2019 18:07:36
2.0.29 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.28 to 2.0.29 |
17 Oct 2019 18:18:17
2.0.28 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.27 to 2.0.28
* https://github.com/DNSCrypt/dnscrypt-proxy/blob/2.0.28/ChangeLog
Sponsored by: TorBSD Diversity Project, TDP |
09 Oct 2019 10:34:57
2.0.27 |
bapt  |
Drop the ipv6 virtual category for d* category as it is not relevant anymore |
29 Sep 2019 22:29:40
2.0.27 |
dmgk  |
Go ports: cleanup, finish transition to USES=go started with r505321 (cat.
audio-mail)
- Remove custom build/install targets left in place after r505321
- Switch to the new GO_TARGET tuple syntax introduced in r512001
- Switch to go:modules when upstream already uses them
Reviewed by: tobik
Approved by: araujo (mentor), portmgr (adamw)
Differential Revision: https://reviews.freebsd.org/D21741 |
19 Sep 2019 15:41:59
2.0.27 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.25 to 2.0.27 |
13 Aug 2019 16:01:59
2.0.25  |
mat  |
Convert to UCL & cleanup pkg-message (categories d) |
04 Jun 2019 13:22:39
2.0.25 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.23 to 2.0.25
Approved by: mentors (implicit) |
29 Apr 2019 13:20:28
2.0.23 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.22 to 2.0.23
- .onion servers are now automatically ignored,
if Tor routing is not enabled;
- caching of server addresses has been improved,
especially when using proxies;
- DNSCrypt communications are now automatically forced to using TCP,
when a SOCKS proxy has been set up.
https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/2.0.23/ChangeLog
Approved by: mentors (implicit) |
08 Apr 2019 17:24:47
2.0.22 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.19 to 2.0.22
Approved by: araujo (mentor)
Differential Revision: https://reviews.freebsd.org/D19624 |
05 Dec 2018 14:09:12
2.0.19 |
egypcio  |
use @FreeBSD.org as MAINTAINER instead of my private address
benchmarks/vegeta
devel/busybee
devel/git-lfs
devel/gnu-efi
devel/hub
devel/libe
devel/py-fabric3
devel/py-fabric3
dns/dhisd
dns/dnscrypt-proxy2
dns/go-geodns
emulators/hatari
irc/weechat-otr (Only the first 15 lines of the commit message are shown above ) |
04 Dec 2018 10:50:37
2.0.19 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.18 to 2.0.19
- The value for netprobe_timeout was read from the command-line,
but not from the configuration file any more. This is a regression
introduced in the previous version, that has been fixed;
- The default value for netprobe timeouts has been raised to 60 seconds;
- A hash of the body is added to query parameters when sending DoH
queries with the POST method in order to work around badly configured
proxies.
https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/2.0.19/ChangeLog
Approved by: araujo (mentor)
Differential Revision: https://reviews.freebsd.org/D18341 |
21 Nov 2018 10:07:27
2.0.18 |
egypcio  |
dns/dnscrypt-proxy2: update 2.0.17 to 2.0.18
- official builds now support TLS 1.3;
- timeout for the initial connectivity check can be set from the cli;
- an 'Accept:' header is now always sent with GET queries;
- BOM is now ignored in configuration files;
- HTTP and HTTPS proxies are now supported for DoH servers.
https://github.com/jedisct1/dnscrypt-proxy/blob/2.0.18/ChangeLog
Approved by: araujo (mentor)
Differential Revision: https://reviews.freebsd.org/D18005 |
15 Oct 2018 08:58:30
2.0.17 |
egypcio  |
update to version 2.0.17;
changes:
https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/2.0.17/ChangeLog
while here, silence portlint
move USE_* variables to a point after USES;
extra item placed in the USES/USE_x section got a new line, for example,
"GH_ACCOUNT".
Approved by: beat (mentor), rene (mentor)
Differential Revision: https://reviews.freebsd.org/D17509 |
31 Aug 2018 23:02:45
2.0.16_1 |
swills  |
dns/dnscrypt-proxy2: fix build after deps update
While here, use ${GO_BUILDFLAGS}
PR: 231063
Submitted by: Vinicius Zavam <egypcio@googlemail.com> (maintainer |
11 Jul 2018 11:45:20
2.0.16 |
swills  |
dns/dnscrypt-proxy2: update to 2.0.16
PR: 229679
Submitted by: Vinicius Zavam <egypcio@googlemail.com> (maintainer) |
07 Jun 2018 18:41:54
2.0.15 |
dbaio  |
dns/dnscrypt-proxy2: Update to 2.0.15
Changes: https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/2.0.15/ChangeLog
Approved by: egypcio@googlemail.com (maintainer, implicit) |
26 May 2018 17:43:21
2.0.14 |
dbaio  |
dns/dnscrypt-proxy2: Update to 2.0.14
Changes: https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/2.0.14/ChangeLog
Approved by: egypcio@googlemail.com (maintainer, implicit) |
13 May 2018 12:25:46
2.0.12 |
dbaio  |
dns/dnscrypt-proxy2: Update to 2.0.12
Changes: https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/2.0.12/ChangeLog
Approved by: egypcio@googlemail.com (maintainer, implicit) |
28 Apr 2018 12:21:47
2.0.11 |
dbaio  |
dns/dnscrypt-proxy2: Update to 2.0.11
Changes: https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/2.0.11/ChangeLog
Approved by: egypcio@googlemail.com (maintainer, implicit) |
24 Apr 2018 01:06:48
2.0.10_1 |
dbaio  |
dns/dnscrypt-proxy2: Add mac_portacl option in rc script
Version 2 of dnscrypt-proxy is written in Go and therefore isn't capable
of dropping privileges after binding to a low port on FreeBSD.
By default, this port's daemon will listen on port 5353 (TCP/UDP).
With this option it's possible to bind it and listen on port 53 (TCP/UDP)
with mac_portacl(4) kernel module (network port access control policy).
For this add dnscrypt_proxy_mac_portacl_enable=YES in your rc.conf.
The dnscrypt-proxy startup script will load mac_portacl and add a rule
where %%USER%% user will be able to bind on port 53 (TCP/UDP). This port
can be changed by dnscrypt_proxy_mac_portacl_port variable in your rc.conf.
You also need to change dnscrypt-proxy config file to use port 53.
Suggested by: feld
Approved by: egypcio@googlemail.com (maintainer)
Differential Revision: https://reviews.freebsd.org/D15151 |
18 Apr 2018 02:25:48
2.0.10 |
dbaio  |
dns/dnscrypt-proxy2: Update to 2.0.10
Main changes in the port:
- Improve instructions for using dnscrypt-proxy2 together with unbound. [1]
- Add dnscrypt_proxy_suexec option for users who want to run the daemon as
root.
- Move the configuration file from ${PREFIX}/etc/dnscrypt-proxy.toml to
${PREFIX}/etc/dnscrypt-proxy/dnscrypt-proxy.toml, because by default
temporary files will use the path of the config file.
This fixes a permission issue when fetching the public resolvers list.
Changes: https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/2.0.10/ChangeLog
PR: 227129 [1]
Submitted by: egypcio@googlemail.com (maintainer)
Reported by: erik@nordstroem.no [1]
Differential Revision: https://reviews.freebsd.org/D15024 |
31 Mar 2018 13:18:31
2.0.8 |
dbaio  |
dns/dnscrypt-proxy2: Update to 2.0.8
Changes: https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/2.0.8/ChangeLog
Approved by: egypcio@googlemail.com (maintainer, implicit) |
29 Mar 2018 00:49:47
2.0.7_1 |
dbaio  |
dns/dnscrypt-proxy2: Improve information/texts
Submitted by: tj@mrsk.me (email)
Approved by: egypcio@googlemail.com (maintainer, irc) |
26 Mar 2018 13:40:19
2.0.7 |
mat  |
Correctly use PORTDOCS and PORTEXAMPLES.
Sponsored by: Absolight |
25 Mar 2018 14:46:17
2.0.7 |
dbaio  |
Add dns/dnscrypt-proxy2: Flexible DNS proxy with support for encrypted protocols
A flexible DNS proxy, with support for modern encrypted DNS protocols such as
DNSCrypt v2 and DNS-over-HTTP/2.
WWW: https://github.com/jedisct1/dnscrypt-proxy
Without a repocopy because it's a new port, rewritten from scratch.
PR: 225821
Submitted by: Vinicius Zavam <egypcio@googlemail.com>
Differential Revision: https://reviews.freebsd.org/D14319 |