Download your favorite Linux distribution at LQ ISO.
Go Back > Blogs > arniekat
User Name


Rate this Entry

Slackware-14.1-Hacks-DNSCrypt Proxy

Posted 05-19-2014 at 06:52 PM by arniekat

DNSCrypt-Proxy encrypts DNS traffic between your computer and OpenDNS's Name Servers. You will be using OpenDNS's Name Servers instead of your ISP's Domain Name Servers.

In the following case, is the Local Address of the Router/Gateway. Your address may be different. To find your Gateway Address, use the ifconfig command. The address you want is the "inet" entry. Here is a sample:

# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet netmask broadcast

If you are using wifi, look for the wlan0 entry if you have configured wireless networking.

You need to compile and install the following applications from


To start using DNSCrypt, you need to update your /etc/resolv.conf file

# cat /etc/resolv.conf


and replace your current set of resolvers with:


DHCP Note - If you are using DHCP, /etc/resolv.conf will be overwritten the next time you reboot. To keep this from happening, change the file to immutable by doing the following (thanks to ArchLinux Wiki):

# chattr +i /etc/resolv.conf

To check that it worked:

# lsattr /etc/resolv.conf
----i--------e-- /etc/resolv.conf

Place the following two lines at the end of /etc/rc.d/rc.local:

# To start the dnscrypt-proxy
dnscrypt-proxy --daemonize

Save the file, exit, and check that the file is executable:

# ls -al /etc/rc.d/rc.local
-rwxr-xr-x 1 root root 272 Aug 11 2006 /etc/rc.d/rc.local

If it is not executable, change it as follows:

# chmod +x /etc/rc.d/rc.local

Restart your computer and confirm you are using OpenDNS by opening your Web Browser and going to:

Double-check by clicking on the internetbadguys link to see if OpenDNS blocks this Phishing Test Page.

If you are using a wireless network manager like NetworkManager or Wicd, you need to change the DNS Server entry from to

Note that if you use the "netstat -lundt" command to keep track of what services are running on your box, you will now have a service running that is listening on Port 53, which is the domain service for DNS.

# netstat -lundt

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0* LISTEN
udp 0 0*
Posted in Uncategorized
Views 711 Comments 0
« Prev     Main     Next »
Total Comments 0




All times are GMT -5. The time now is 08:35 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration