bnjdg · June 17, 2018 19:10
diff --git a/conf.sh b/conf.sh
 # Unbound configuration file for Debian.
 # See the unbound.conf(5) man page.
 # See /usr/share/doc/unbound/examples/unbound.conf for a commented
 # reference config file.

 server:
    # The following line will configure unbound to perform cryptographic
    # DNSSEC validation using the root trust anchor.
    auto-trust-anchor-file: "/var/lib/unbound/root.key"
 server:
   # access-control: 10.8.0.0/24 allow
    logfile: "/var/log/unbound.log"
    log-time-ascii: yes
    module-config: "iterator"
    do-not-query-localhost: no
    interface: 127.0.0.1
    interface: 10.8.0.1
    access-control: 127.0.0.1 allow
    access-control: 10.8.0.1/24 allow
 forward-zone:
   name: "."
   forward-addr: 127.0.0.1@40
   forward-first: no

 remote-control:
       control-enable: no
diff --git a/dnscryptinit.d b/dnscryptinit.d
 #! /bin/sh
 ### BEGIN INIT INFO
 # Provides: dnscrypt-proxy
 # Required-Start: $local_fs $network
 # Required-Stop: $local_fs
 # Default-Start: 2 3 4 5
 # Default-Stop: 0 1 6
 # Short-Description: dnscrypt-proxy
 # Description: dnscrypt-proxy secure DNS client
 ### END INIT INFO
 PATH=/usr/sbin:/usr/bin:/sbin:/bin
 DAEMON=/usr/local/sbin/dnscrypt-proxy
 NAME=dnscrypt-proxy
 case "$1" in
 start)
 echo "Starting $NAME"

 /usr/local/sbin/dnscrypt-proxy --local-address=127.0.0.1:40 --edns-payload-size=4096 --pidfile=/run/dnscrypt/dnscrypt-proxy.pid --logfile=/var/log/dnscrypt-proxy.log --user=dnscrypt -R opendns --daemonize

 ;;
 stop)
 echo "Stopping $NAME"
 pkill -f $DAEMON
 ;;
 restart)
 $0 stop
 $0 start
 ;;
 *)
 echo "Usage: /etc/init.d/dnscrypt-proxy {start|stop|restart}"
 exit 1
 ;;
 esac
diff --git a/gistfile1.txt b/gistfile1.txt
 # Update main settings 
 update-rc.d dnscrypt-proxy defaults
diff --git a/iptables b/iptables
 iptables -A INPUT -s 10.8.0.0/24 -p tcp -m tcp --dport 53 -j ACCEPT
 iptables -A INPUT -s 10.8.0.0/24 -p udp -m udp --dport 53 -j ACCEPT
diff --git a/querycheck b/querycheck
 ls -la /run/dnscrypt
diff --git a/resolv.conf b/resolv.conf
 nameserver 127.0.0.1
diff --git a/server.conf b/server.conf
 push "dhcp-option DNS 10.8.0.1"
diff --git a/worksornot b/worksornot
 dig @10.8.0.1 google.com
	# Unbound configuration file for Debian.
	# See the unbound.conf(5) man page.
	# See /usr/share/doc/unbound/examples/unbound.conf for a commented
	# reference config file.

	server:
	# The following line will configure unbound to perform cryptographic
	# DNSSEC validation using the root trust anchor.
	auto-trust-anchor-file: "/var/lib/unbound/root.key"
	server:
	# access-control: 10.8.0.0/24 allow
	logfile: "/var/log/unbound.log"
	log-time-ascii: yes
	module-config: "iterator"
	do-not-query-localhost: no
	interface: 127.0.0.1
	interface: 10.8.0.1
	access-control: 127.0.0.1 allow
	access-control: 10.8.0.1/24 allow
	forward-zone:
	name: "."
	forward-addr: 127.0.0.1@40
	forward-first: no

	remote-control:
	control-enable: no
	#! /bin/sh
	### BEGIN INIT INFO
	# Provides: dnscrypt-proxy
	# Required-Start: $local_fs $network
	# Required-Stop: $local_fs
	# Default-Start: 2 3 4 5
	# Default-Stop: 0 1 6
	# Short-Description: dnscrypt-proxy
	# Description: dnscrypt-proxy secure DNS client
	### END INIT INFO
	PATH=/usr/sbin:/usr/bin:/sbin:/bin
	DAEMON=/usr/local/sbin/dnscrypt-proxy
	NAME=dnscrypt-proxy
	case "$1" in
	start)
	echo "Starting $NAME"

	/usr/local/sbin/dnscrypt-proxy --local-address=127.0.0.1:40 --edns-payload-size=4096 --pidfile=/run/dnscrypt/dnscrypt-proxy.pid --logfile=/var/log/dnscrypt-proxy.log --user=dnscrypt -R opendns --daemonize

	;;
	stop)
	echo "Stopping $NAME"
	pkill -f $DAEMON
	;;
	restart)
	$0 stop
	$0 start
	;;
	*)
	echo "Usage: /etc/init.d/dnscrypt-proxy {start\|stop\|restart}"
	exit 1
	;;
	esac
	iptables -A INPUT -s 10.8.0.0/24 -p tcp -m tcp --dport 53 -j ACCEPT
	iptables -A INPUT -s 10.8.0.0/24 -p udp -m udp --dport 53 -j ACCEPT