Skip to content

Instantly share code, notes, and snippets.

@soderlind
Last active September 7, 2024 05:45
Show Gist options
  • Save soderlind/6a440cd3c8e017444097cf2c89cc301d to your computer and use it in GitHub Desktop.
Save soderlind/6a440cd3c8e017444097cf2c89cc301d to your computer and use it in GitHub Desktop.
macOS DoH! (DNS over HTTPS) using cloudflared
1) Install cloudflared using homebrew:
brew install cloudflare/cloudflare/cloudflared
2) Create /usr/local/etc/cloudflared/config.yaml, with the following content
proxy-dns: true
proxy-dns-upstream:
- https://1.1.1.1/dns-query
- https://1.0.0.1/dns-query
3) Activate cloudflared as a service
sudo cloudflared service install
4) Test
dig +short @127.0.0.1 github.com AA
5) If OK, change DNS on your mac to 127.0.0.1 (System Preferences->Network->Advanced->DNS)
@fAS6NWnn7xA429U2
Copy link

New Issue: Tunnelblick will only update the WiFi DNS, not the Ethernet DNS.

I've set the priority to Ethernet-first in the Mac settings, turned off WiFi, and even set it to inactive, but Tunnelblick will not switch to Ethernet.

Is there a way to alter Tunnelblick's network priority or more ideally, have it interact with Ethernet only?

@hzbd
Copy link

hzbd commented Oct 6, 2019

Just a new open doh&dot service:

dns.containpi.com

@chinmaythosar
Copy link

https://apps.apple.com/in/app/privatedns/id1547063327 for iOS/iPadOS

Currently working on macOS app. :)

@GennadySpb
Copy link

Works for me with config like:

resolver:
  enabled: true
  port: 53
  address: 127.0.0.1
  upstreams:
    - https://1.1.1.1/dns-query
    - https://1.0.0.1/dns-query

@war59312
Copy link

Have a typo.

/usr/local/etc/cloudflared/config.yml is the correct file. Drop the a.

Should be:

logDirectory: /var/log/cloudflared

proxy-dns: true
proxy-dns-upstream:
  - https://1.1.1.1/dns-query
  - https://1.0.0.1/dns-queryy≈

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment