What's new

Dnscrypt from opendns

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Check the dmesg output, just in case it might carry additional details.
 
That's strange. Mine is starting in one minute, works well.

I'm not using any dyndns services.

Hello ryzhov_al - am getting same error like before - once I ran the command can't get access to the internet.

Jun 5 19:34:20 dnsmasq-dhcp[573]: read /etc/ethers - 0 addresses
Jun 5 19:34:21 dnscrypt-proxy[590]: Starting dnscrypt-proxy 1.4.0
Jun 5 19:34:21 dnscrypt-proxy[590]: Initializing libsodium for optimal performance
Jun 5 19:34:21 dnscrypt-proxy[590]: Generating a new key pair
Jun 5 19:34:21 kernel: nf_conntrack_rtsp v0.6.21 loading
Jun 5 19:34:21 kernel: nf_nat_rtsp v0.6.21 loading
Jun 5 19:34:21 admin: sh /opt/S50asuslighttpd.1 firewall-start
Jun 5 19:34:22 admin: sh /opt/S50downloadmaster.1 firewall-start
Jun 5 19:34:23 admin: sh /opt/S50asuslighttpd.1 start
Jun 5 19:34:25 rc_service: udhcpc 458:notify_rc stop_upnp
Jun 5 19:34:25 miniupnpd[575]: shutting down MiniUPnPd
Jun 5 19:34:25 rc_service: udhcpc 458:notify_rc start_upnp
Jun 5 19:34:25 miniupnpd[1029]: HTTP listening on port 57907
Jun 5 19:34:25 miniupnpd[1029]: Listening for NAT-PMP/PCP traffic on port 5351
Jun 5 19:34:25 ddns: clear ddns cache file for server/hostname change
Jun 5 19:34:26 ddns update: ez-ipupdate: starting...
Jun 5 19:34:26 nmbd[422]: [2014/06/05 19:34:26, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(113)
Jun 5 19:34:29 admin: sh /opt/S50downloadmaster.1 start
Jun 5 19:34:41 nmbd[422]: [2014/06/05 19:34:41, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(392)
Jun 5 19:34:49 transmission-daemon[1741]: RPC Server Adding address to whitelist: 127.0.0.1 (rpc-server.c:828)
Jun 5 19:34:49 transmission-daemon[1741]: RPC Server Adding address to whitelist: *.*.*.* (rpc-server.c:828)
Jun 5 19:34:49 transmission-daemon[1741]: RPC Server Serving RPC and Web requests on port 127.0.0.1:9091/transmission/ (rpc-server.c:1035)
Jun 5 19:34:49 transmission-daemon[1741]: RPC Server Whitelist enabled (rpc-server.c:1039)
Jun 5 19:35:10 watchdog: start ddns.
Jun 5 19:35:10 rc_service: watchdog 355:notify_rc start_ddns
Jun 5 19:35:10 ddns update: ez-ipupdate: starting...
Jun 5 19:35:18 nmbd[1842]: [2014/06/05 19:35:18, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(392)
Jun 5 19:35:40 ddns update: error connecting to ns1.asuscomm.com:80
Jun 5 19:35:40 ddns update: asusddns_update: 1
Jun 5 19:35:55 dnsmasq-dhcp[573]: DHCPINFORM(br0)
Jun 5 19:35:55 dnsmasq-dhcp[573]: DHCPACK(br0)
Jun 5 19:36:10 watchdog: start ddns.
Jun 5 19:36:10 rc_service: watchdog 355:notify_rc start_ddns
Jun 5 19:36:10 ddns update: ez-ipupdate: starting...
Jun 5 19:36:40 ddns update: error connecting to ns1.asuscomm.com:80
Jun 5 19:36:40 ddns update: asusddns_update: 1
Jun 5 19:37:10 watchdog: start ddns.
Jun 5 19:37:10 rc_service: watchdog 355:notify_rc start_ddns
Jun 5 19:37:10 ddns update: ez-ipupdate: starting...
Jun 5 19:37:40 ddns update: error connecting to ns1.asuscomm.com:80
Jun 5 19:37:40 ddns update: asusddns_update: 1
 
Looks like we are having the same issue, do what Merlin said to see if it helps a dmesg


Hello ryzhov_al - am getting same error like before - once I ran the command can't get access to the internet.

Jun 5 19:34:20 dnsmasq-dhcp[573]: read /etc/ethers - 0 addresses
Jun 5 19:34:21 dnscrypt-proxy[590]: Starting dnscrypt-proxy 1.4.0
Jun 5 19:34:21 dnscrypt-proxy[590]: Initializing libsodium for optimal performance
Jun 5 19:34:21 dnscrypt-proxy[590]: Generating a new key pair
Jun 5 19:34:21 kernel: nf_conntrack_rtsp v0.6.21 loading
Jun 5 19:34:21 kernel: nf_nat_rtsp v0.6.21 loading
Jun 5 19:34:21 admin: sh /opt/S50asuslighttpd.1 firewall-start
Jun 5 19:34:22 admin: sh /opt/S50downloadmaster.1 firewall-start
Jun 5 19:34:23 admin: sh /opt/S50asuslighttpd.1 start
Jun 5 19:34:25 rc_service: udhcpc 458:notify_rc stop_upnp
Jun 5 19:34:25 miniupnpd[575]: shutting down MiniUPnPd
Jun 5 19:34:25 rc_service: udhcpc 458:notify_rc start_upnp
Jun 5 19:34:25 miniupnpd[1029]: HTTP listening on port 57907
Jun 5 19:34:25 miniupnpd[1029]: Listening for NAT-PMP/PCP traffic on port 5351
Jun 5 19:34:25 ddns: clear ddns cache file for server/hostname change
Jun 5 19:34:26 ddns update: ez-ipupdate: starting...
Jun 5 19:34:26 nmbd[422]: [2014/06/05 19:34:26, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(113)
Jun 5 19:34:29 admin: sh /opt/S50downloadmaster.1 start
Jun 5 19:34:41 nmbd[422]: [2014/06/05 19:34:41, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(392)
Jun 5 19:34:49 transmission-daemon[1741]: RPC Server Adding address to whitelist: 127.0.0.1 (rpc-server.c:828)
Jun 5 19:34:49 transmission-daemon[1741]: RPC Server Adding address to whitelist: *.*.*.* (rpc-server.c:828)
Jun 5 19:34:49 transmission-daemon[1741]: RPC Server Serving RPC and Web requests on port 127.0.0.1:9091/transmission/ (rpc-server.c:1035)
Jun 5 19:34:49 transmission-daemon[1741]: RPC Server Whitelist enabled (rpc-server.c:1039)
Jun 5 19:35:10 watchdog: start ddns.
Jun 5 19:35:10 rc_service: watchdog 355:notify_rc start_ddns
Jun 5 19:35:10 ddns update: ez-ipupdate: starting...
Jun 5 19:35:18 nmbd[1842]: [2014/06/05 19:35:18, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(392)
Jun 5 19:35:40 ddns update: error connecting to ns1.asuscomm.com:80
Jun 5 19:35:40 ddns update: asusddns_update: 1
Jun 5 19:35:55 dnsmasq-dhcp[573]: DHCPINFORM(br0)
Jun 5 19:35:55 dnsmasq-dhcp[573]: DHCPACK(br0)
Jun 5 19:36:10 watchdog: start ddns.
Jun 5 19:36:10 rc_service: watchdog 355:notify_rc start_ddns
Jun 5 19:36:10 ddns update: ez-ipupdate: starting...
Jun 5 19:36:40 ddns update: error connecting to ns1.asuscomm.com:80
Jun 5 19:36:40 ddns update: asusddns_update: 1
Jun 5 19:37:10 watchdog: start ddns.
Jun 5 19:37:10 rc_service: watchdog 355:notify_rc start_ddns
Jun 5 19:37:10 ddns update: ez-ipupdate: starting...
Jun 5 19:37:40 ddns update: error connecting to ns1.asuscomm.com:80
Jun 5 19:37:40 ddns update: asusddns_update: 1
 
My Dmesg after installing the script, everything else works the same as before, no conection if I dont change the DNS.

tart_kernel
Linux version 2.6.22.19 (root@asus) (gcc version 4.2.4) #1 Fri May 9 17:16:26 EDT 2014
CPU revision is: 00019749
Determined physical RAM map:
memory: 07fff000 @ 00000000 (usable)
memory: 08000000 @ 87fff000 (usable)
On node 0 totalpages: 589823
Normal zone: 1024 pages used for memmap
Normal zone: 0 pages reserved
Normal zone: 130048 pages, LIFO batch:31
HighMem zone: 3583 pages used for memmap
HighMem zone: 455168 pages, LIFO batch:31
Built 1 zonelists. Total pages: 585216
Kernel command line: root=/dev/mtdblock2 noinitrd console=ttyS0,115200
Primary instruction cache 32kB, physically tagged, 4-way, linesize 32 bytes.
Primary data cache 32kB, 4-way, linesize 32 bytes.
Synthesized TLB refill handler (20 instructions).
Synthesized TLB load handler fastpath (32 instructions).
Synthesized TLB store handler fastpath (32 instructions).
Synthesized TLB modify handler fastpath (31 instructions).
PID hash table entries: 2048 (order: 11, 8192 bytes)
CPU: BCM5300 rev 1 pkg 0 at 600 MHz
Using 300.000 MHz high precision timer.
console [ttyS0] enabled
Dentry cache hash table entries: 65536 (order: 6, 262144 bytes)
Inode-cache hash table entries: 32768 (order: 5, 131072 bytes)
Memory: 238608k/131068k available (2572k kernel code, 22624k reserved, 515k data, 196k init, 131072k highmem)
Calibrating delay loop... 299.82 BogoMIPS (lpj=1499136)
Mount-cache hash table entries: 512
NET: Registered protocol family 16
PCI: Initializing host
PCI: Reset RC
PCI: Initializing host
PCI: Reset RC
PCI: Fixing up bus 0
PCI/PCIe coreunit 0 is set to bus 1.
PCI: Fixing up bridge
PCI: Setting latency timer of device 0000:01:00.0 to 64
PCI: Fixing up bridge
PCI: Setting latency timer of device 0000:01:00.1 to 64
PCI: Enabling device 0000:01:00.1 (0004 -> 0006)
PCI: Fixing up bus 1
PCI/PCIe coreunit 1 is set to bus 2.
PCI: Fixing up bridge
PCI: Setting latency timer of device 0000:02:00.0 to 64
PCI: Fixing up bridge
PCI: Setting latency timer of device 0000:02:00.1 to 64
PCI: Enabling device 0000:02:00.1 (0004 -> 0006)
PCI: Fixing up bus 2
NET: Registered protocol family 2
Time: MIPS clocksource has been installed.
IP route cache hash table entries: 4096 (order: 2, 16384 bytes)
TCP established hash table entries: 16384 (order: 5, 131072 bytes)
TCP bind hash table entries: 16384 (order: 4, 65536 bytes)
TCP: Hash tables configured (established 16384 bind 16384)
TCP reno registered
highmem bounce pool size: 64 pages
squashfs: version 3.2-r2 (2007/01/15) Phillip Lougher
io scheduler noop registered (default)
HDLC line discipline: version $Revision: 4.8 $, maxframe=4096
N_HDLC line discipline registered.
Serial: 8250/16550 driver $Revision: 1.90 $ 4 ports, IRQ sharing disabled
serial8250: ttyS0 at MMIO 0xb8000300 (irq = 8) is a 16550A
serial8250: ttyS1 at MMIO 0xb8000400 (irq = 8) is a 16550A
PPP generic driver version 2.4.2
MPPE/MPPC encryption/compression module registered
NET: Registered protocol family 24
PPPoL2TP kernel driver, V0.18.3
PPTP driver version 0.8.5
Physically mapped flash: Found 1 x16 devices at 0x0 in 16-bit bank
Amd/Fujitsu Extended Query Table at 0x0040
Physically mapped flash: CFI does not contain boot bank location. Assuming top.
number of CFI chips: 1
cfi_cmdset_0002: Disabling erase-suspend-program due to code brokenness.
Flash device: 0x2000000 at 0x1c000000
Creating 5 MTD partitions on "Physically mapped flash":
0x00000000-0x00040000 : "pmon"
0x00040000-0x01fe0000 : "linux"
0x001757f4-0x01a00000 : "rootfs"
0x01fe0000-0x02000000 : "nvram"
0x01a60000-0x01fe0000 : "jffs2"
Found an serial flash with 0 0KB blocks; total size 0MB
sflash: found no supported devices
dev_nvram_init: _nvram_init
sdhci: Secure Digital Host Controller Interface driver
sdhci: Copyright(c) Pierre Ossman
u32 classifier
OLD policer on
Netfilter messages via NETLINK v0.30.
nf_conntrack version 0.5.0 (2048 buckets, 16384 max)
ipt_time loading
ip_tables: (C) 2000-2006 Netfilter Core Team
net/ipv4/netfilter/tomato_ct.c [May 9 2014 17:16:26]
ipt_account 0.1.21 : Piotr Gasidlo <quaker@barbara.eu.org>, http://code.google.com/p/ipt-account/
NET: Registered protocol family 1
NET: Registered protocol family 10
ip6_tables: (C) 2000-2006 Netfilter Core Team
NET: Registered protocol family 17
802.1Q VLAN Support v1.8 Ben Greear <greearb@candelatech.com>
All bugs added by David S. Miller <davem@redhat.com>
VFS: Mounted root (squashfs filesystem) readonly.
Freeing unused kernel memory: 196k freed
Warning: unable to open an initial console.
ctf: module license 'Proprietary' taints kernel.
et_module_init: passivemode set to 0x0
et_module_init: et_txq_thresh set to 0x400
PCI: Setting latency timer of device 0000:00:01.0 to 64
bcm_robo_enable_switch: EEE is disabled
eth0: Broadcom BCM47XX 10/100/1000 Mbps Ethernet Controller 6.30.163.2002 (r382208)
wl_module_init: passivemode set to 0x0
PCI: Enabling device 0000:01:01.0 (0000 -> 0002)
PCI: Setting latency timer of device 0000:01:01.0 to 64
eth1: Broadcom BCM4331 802.11 Wireless Controller 6.30.163.2002 (r382208)
PCI: Enabling device 0000:02:01.0 (0000 -> 0002)
PCI: Setting latency timer of device 0000:02:01.0 to 64
eth2: Broadcom BCM4331 802.11 Wireless Controller 6.30.163.2002 (r382208)
Algorithmics/MIPS FPU Emulator v1.5
JFFS2 version 2.2. (NAND) © 2001-2006 Red Hat, Inc.
usbcore: registered new interface driver usbfs
usbcore: registered new interface driver hub
usbcore: registered new device driver usb
SCSI subsystem initialized
Initializing USB Mass Storage driver...
usbcore: registered new interface driver usb-storage
USB Mass Storage support registered.
ufsd: driver (8.6 U86_r187446_b122, LBD=ON, acl, ioctl, rwm, ws, sd) loaded at c0286000
NTFS (with native replay) support included
optimized: speed
Build_for__asus_n66u_2011-10-27_U86_r187446_b122

ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
PCI: Setting latency timer of device 0000:00:04.1 to 64
ehci_hcd 0000:00:04.1: EHCI Host Controller
ehci_hcd 0000:00:04.1: new USB bus registered, assigned bus number 1
ehci_hcd 0000:00:04.1: EHCI Fastpath: New EHCI driver starting
ehci_hcd 0000:00:04.1: irq 6, io mem 0x18004000
ehci_hcd 0000:00:04.1: USB 0.0 started, EHCI 1.00
usb usb1: configuration #1 chosen from 1 choice
hub 1-0:1.0: USB hub found
hub 1-0:1.0: 2 ports detected
ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
PCI: Setting latency timer of device 0000:00:04.0 to 64
ohci_hcd 0000:00:04.0: OHCI Host Controller
ohci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 2
ohci_hcd 0000:00:04.0: irq 6, io mem 0x18009000
usb usb2: configuration #1 chosen from 1 choice
hub 2-0:1.0: USB hub found
hub 2-0:1.0: 2 ports detected
usbcore: registered new interface driver usblp
drivers/usb/class/usblp.c: v0.13: USB Printer Device Class driver
usbcore: registered new interface driver asix
usb 1-1: new high speed USB device using ehci_hcd and address 2
usb 1-1: configuration #1 chosen from 1 choice
hub 1-1:1.0: USB hub found
hub 1-1:1.0: 4 ports detected
usbcore: registered new interface driver cdc_ether
usbcore: registered new interface driver rndis_host
cdc_ncm: 04-Aug-2011
usbcore: registered new interface driver cdc_ncm
usb 1-1.4: new high speed USB device using ehci_hcd and address 3
usb 1-1.4: configuration #1 chosen from 1 choice
scsi0 : SCSI emulation for USB Mass Storage devices
scsi 0:0:0:0: Direct-Access Multi Flash Reader 1.00 PQ: 0 ANSI: 0
sd 0:0:0:0: [sda] Attached SCSI removable disk
sd 0:0:0:0: Attached scsi generic sg0 type 0
br0: starting userspace STP failed, staring kernel STP
vlan1: add 33:33:00:00:00:01 mcast address to master interface
vlan1: add 01:00:5e:00:00:01 mcast address to master interface
vlan1: dev_set_promiscuity(master, 1)
device eth0 entered promiscuous mode
device vlan1 entered promiscuous mode
device eth1 entered promiscuous mode
device eth2 entered promiscuous mode
br0: port 3(eth2) entering listening state
br0: port 2(eth1) entering listening state
br0: port 1(vlan1) entering listening state
br0: port 3(eth2) entering learning state
br0: port 2(eth1) entering learning state
br0: port 1(vlan1) entering learning state
vlan1: add 33:33:00:00:00:02 mcast address to master interface
br0: topology change detected, propagating
br0: port 3(eth2) entering forwarding state
br0: topology change detected, propagating
br0: port 2(eth1) entering forwarding state
br0: topology change detected, propagating
br0: port 1(vlan1) entering forwarding state
nf_conntrack_rtsp v0.6.21 loading
nf_nat_rtsp v0.6.21 loading
tun: Universal TUN/TAP device driver, 1.6
tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
device tun21 entered promiscuous mode
 
I am getting the following repeating error:
Dec 31 19:03:46 rc_service: watchdog 597:notify_rc start_ddns
Dec 31 19:03:46 ddns update: ez-ipupdate: starting...
Dec 31 19:04:01 ddns update: error connecting to updates.dnsomatic.com:80
Dec 31 19:04:01 ddns update: asusddns_update: 1
Dec 31 19:04:06 dnscrypt-proxy[1609]: Refetching server certificates
Dec 31 19:04:06 dnscrypt-proxy[1609]: Server certificate #xxxxxxxx received
Dec 31 19:04:06 dnscrypt-proxy[1609]: This certificate has not been activated yet
Dec 31 19:04:06 dnscrypt-proxy[1609]: No useable certificates found
Dec 31 19:04:16 watchdog: start ddns.
 
I am getting the following repeating error:
The same deadlock:
1) NTP can't resolve DNS server name to update system time,
2) dnscrypt-proxy can't provide name resolving because certificate is not vaild without right system time.

My script fixes /etc/hosts to prevent deadlock and it works for me. While in deadlock, please show how /etc/hosts looks like:
Code:
cat /etc/hosts
 
Try providing an IP instead of a hostname for the NTP server.
 
The same deadlock:
1) NTP can't resolve DNS server name to update system time,
2) dnscrypt-proxy can't provide name resolving because certificate is not vaild without right system time.

My script fixes /etc/hosts to prevent deadlock and it works for me. While in deadlock, please show how /etc/hosts looks like:
Code:
cat /etc/hosts

I will get back to you this evening with the info. Thanks!

Sent from my Galaxy S4 using Tapatalk
 
Try providing an IP instead of a hostname for the NTP server.

In the router gui I currently have something like ntp.pool.org.
I will try to find a IP this evening and give it another shot.
Cheers!

Sent from my Galaxy S4 using Tapatalk
 
Nothing more I can troubleshoot on the issue that there is no internet access for the R66U when installing the script? a placed all error and dmesg, my NTP does sync but the process fo the dnscrypt disapears, if I try to start the WAN script again, it just says its done and nothing more. I would really like to make this work on merlins firmware.
Thanks
regards.:D
 
Nothing more I can troubleshoot on the issue that there is no internet access for the R66U when installing the script? a placed all error and dmesg, my NTP does sync but the process fo the dnscrypt disapears, if I try to start the WAN script again, it just says its done and nothing more. I would really like to make this work on merlins firmware.
Thanks
regards.:D

Will be nice if others with R66U using Rmerlin build to let us know how to go it working.
PS- I have Opendns and ntp.pool.org configure within the gui
 
Hi ryzhov_al, Merlin, nothing else we can do to help troubleshoot the dnscrypt with no Entware installed? we placed the dmesg and the log of the routers, Thanks for all your efforts and great work!
 
Hi ryzhov_al, Merlin, nothing else we can do to help troubleshoot the dnscrypt with no Entware installed? we placed the dmesg and the log of the routers, Thanks for all your efforts and great work!

I never used dnscrypt so I can't help you, sorry.
 
Hi ryzhov_al, Merlin, nothing else we can do to help troubleshoot the dnscrypt with no Entware installed? we placed the dmesg and the log of the routers, Thanks for all your efforts and great work!
Yes, and logs says there is deadlock which I described above.

Did you tried to use IP addresses of NTP servers instead of it's DNS names?
I can't reproduce this bug, sorry.
 
Yes, and logs says there is deadlock which I described above.

Did you tried to use IP addresses of NTP servers instead of it's DNS names?
I can't reproduce this bug, sorry.

ryzhov - thanks for you response / help, maybe because you don't use DDNS that might be why you couldn't reproduce the error, my issue was always failed to connect and update asus ddns

thanks
 
Hi! did not try that, because my NTP syncs,

I just updated to Merlins 43 on the R66U, ando this is my logs, you can see that the date changes from December 31 to Jan 7. But same issues, no internet access unless I bypass the router as DNS server. Even on first reboot you can see that it does not have the correct time when dnscrypt starts, it starts Dec 31... after it syncs time I ran the WAN script in th jffs, it starts again the dnscrypt but keeps having the same issue, and the NTP time is correct, The only difference is that my country Venezuela is -430, and the router says its -400 for Caracas. the router always has 30 minutes ahead of my PC time. Thanks for taking a look. Regards.

/tmp/home/root# cat /tmp/syslog.log |grep dns
Dec 31 20:00:11 dnsmasq[309]: started, version 2.69 cachesize 1500
Dec 31 20:00:11 dnsmasq[309]: warning: interface tun21 does not currently exist
Dec 31 20:00:11 dnsmasq[309]: warning: ignoring resolv-file flag because no-resolv is set
Dec 31 20:00:11 dnsmasq[309]: asynchronous logging enabled, queue limit is 5 messages
Dec 31 20:00:11 dnsmasq-dhcp[309]: DHCP, IP range 172.x.x.x -- 172.x.x.x, lease time 1d
Dec 31 20:00:11 dnsmasq[309]: using nameserver 127.0.0.1#65053
Dec 31 20:00:11 dnsmasq[309]: read /etc/hosts - 9 addresses
Dec 31 20:00:11 dnsmasq[309]: read /etc/hosts.dnsmasq - 3 addresses
Dec 31 20:00:11 dnsmasq-dhcp[309]: read /etc/ethers - 3 addresses
Dec 31 20:00:15 dnsmasq[309]: read /etc/hosts - 9 addresses
Dec 31 20:00:15 dnsmasq[309]: read /etc/hosts.dnsmasq - 3 addresses
Dec 31 20:00:15 dnsmasq-dhcp[309]: read /etc/ethers - 3 addresses
Dec 31 20:00:16 dnsmasq[309]: read /etc/hosts - 9 addresses
Dec 31 20:00:16 dnsmasq[309]: read /etc/hosts.dnsmasq - 3 addresses
Dec 31 20:00:16 dnsmasq-dhcp[309]: read /etc/ethers - 3 addresses
Dec 31 20:00:16 dnsmasq[309]: exiting on receipt of SIGTERM
Dec 31 20:00:16 dnsmasq[415]: started, version 2.69 cachesize 1500
Dec 31 20:00:16 dnsmasq[415]: warning: interface tun21 does not currently exist
Dec 31 20:00:16 dnsmasq[415]: warning: ignoring resolv-file flag because no-resolv is set
Dec 31 20:00:16 dnsmasq[415]: asynchronous logging enabled, queue limit is 5 messages
Dec 31 20:00:16 dnsmasq-dhcp[415]: DHCP, IP range 172.x.x.x -- 172.x.x.x, lease time 1d
Dec 31 20:00:16 dnsmasq[415]: using nameserver 127.0.0.1#65053
Dec 31 20:00:16 dnsmasq[415]: read /etc/hosts - 9 addresses
Dec 31 20:00:16 dnsmasq[415]: read /etc/hosts.dnsmasq - 3 addresses
Dec 31 20:00:16 dnsmasq-dhcp[415]: read /etc/ethers - 3 addresses
Dec 31 20:00:16 rc_service: service 425:notify_rc restart_dnsmasq
Dec 31 20:00:16 rc_service: waitting "restart_dnsmasq" via ...
Dec 31 20:00:16 dnsmasq[415]: exiting on receipt of SIGTERM
Dec 31 20:00:16 dnsmasq[429]: started, version 2.69 cachesize 1500
Dec 31 20:00:16 dnsmasq[429]: warning: interface tun21 does not currently exist
Dec 31 20:00:16 dnsmasq[429]: warning: ignoring resolv-file flag because no-resolv is set
Dec 31 20:00:16 dnsmasq[429]: asynchronous logging enabled, queue limit is 5 messages
Dec 31 20:00:16 dnsmasq-dhcp[429]: DHCP, IP range 172.x.x.x -- 172.x.x.x, lease time 1d
Dec 31 20:00:16 dnsmasq[429]: using nameserver 127.0.0.1#65053
Dec 31 20:00:16 dnsmasq[429]: read /etc/hosts - 10 addresses
Dec 31 20:00:16 dnsmasq[429]: read /etc/hosts.dnsmasq - 3 addresses
Dec 31 20:00:16 dnsmasq-dhcp[429]: read /etc/ethers - 3 addresses
Dec 31 20:00:16 ddns: clear ddns cache file for server/hostname change
Dec 31 20:00:16 ddns update: ez-ipupdate: starting...
Dec 31 20:00:17 dnscrypt-proxy[461]: Starting dnscrypt-proxy 1.4.0
Dec 31 20:00:17 dnscrypt-proxy[461]: Initializing libsodium for optimal performance
Dec 31 20:00:17 dnscrypt-proxy[461]: Generating a new key pair
Jun 7 14:11:11 ddns update: error connecting to updates.dnsomatic.com:80
Jun 7 14:11:11 ddns update: asusddns_update: 1
Jun 7 14:11:36 watchdog: start ddns.
Jun 7 14:11:36 rc_service: watchdog 331:notify_rc start_ddns
Jun 7 14:11:36 ddns update: ez-ipupdate: starting...
Jun 7 14:12:06 ddns update: error connecting to updates.dnsomatic.com:80
Jun 7 14:12:06 ddns update: asusddns_update: 1
Jun 7 14:12:36 watchdog: start ddns.
Jun 7 14:12:36 rc_service: watchdog 331:notify_rc start_ddns
Jun 7 14:12:36 ddns update: ez-ipupdate: starting...
Jun 7 14:13:06 ddns update: error connecting to updates.dnsomatic.com:80
Jun 7 14:13:06 ddns update: asusddns_update: 1
Jun 7 14:13:36 watchdog: start ddns.
Jun 7 14:13:36 rc_service: watchdog 331:notify_rc start_ddns
Jun 7 14:13:36 ddns update: ez-ipupdate: starting...
Jun 7 14:14:06 ddns update: error connecting to updates.dnsomatic.com:80
Jun 7 14:14:06 ddns update: asusddns_update: 1
Jun 7 14:14:36 watchdog: start ddns.
Jun 7 14:14:36 rc_service: watchdog 331:notify_rc start_ddns
Jun 7 14:14:36 ddns update: ez-ipupdate: starting...
Jun 7 14:15:06 ddns update: error connecting to updates.dnsomatic.com:80
Jun 7 14:15:06 ddns update: asusddns_update: 1
Jun 7 14:15:36 watchdog: start ddns.
Jun 7 14:15:36 rc_service: watchdog 331:notify_rc start_ddns


on:/tmp/home/root# cat /jffs/configs/dnsmasq.conf.add
### Use dnscrypt-proxy as a resolver
no-resolv
server=127.0.0.1#65053

-------------------
./wan-start

Done.

Done.

After I ran the wan script again

Jun 7 14:20:11 dnscrypt-proxy[551]: Starting dnscrypt-proxy 1.4.0
Jun 7 14:20:11 dnscrypt-proxy[551]: Initializing libsodium for optimal performance
Jun 7 14:20:11 dnscrypt-proxy[551]: Generating a new key pair
Jun 7 14:20:11 rc_service: ntp 552:notify_rc restart_upnp
Jun 7 14:20:11 miniupnpd[470]: shutting down MiniUPnPd
Jun 7 14:20:11 miniupnpd[560]: HTTP listening on port 58669
Jun 7 14:20:11 miniupnpd[560]: Listening for NAT-PMP/PCP traffic on port 5351
Jun 7 14:20:11 rc_service: ntp 552:notify_rc restart_diskmon
Jun 7 14:20:11 disk monitor: be idle
Jun 7 14:20:36 watchdog: start ddns.
Jun 7 14:20:36 rc_service: watchdog 331:notify_rc start_ddns
Jun 7 14:20:36 ddns update: ez-ipupdate: starting...
 
Hello ryzhov-al , any joy in helping us with this issue, still not able to use the dnscrpt with asus ddns

Thanks
 
my weird config

it's weird, but it works. i had a pre-existing dnsmasq.conf.add - i copied it to /jffs/configs/dnsmasq0 and dnsmasq1. dnsmasq1 has the extra lines added for dnscrypt. the script just overwrites dnsmasq.conf.add with these files via wan-start. i know it's ugly

wan-start
Code:
cp -f /jffs/configs/dnsmasq0 /jffs/configs/dnsmasq.conf.add && \
service restart_dnsmasq
sleep 4s

killall ntp
service restart_ntpc
sleep 4s

cp -f /jffs/configs/dnsmasq1 /jffs/configs/dnsmasq.conf.add && \
service restart_dnsmasq

services-start
Code:
#!/bin/sh

sleep 15s

/opt/etc/init.d/rc.unslung start

i'm also using the following to prevent leaks (not using DNSFilter atm);

firewall-start
Code:
iptables -t nat -A PREROUTING -p udp -d ! `nvram get lan_ipaddr` --dport 53 -j DNAT --to-destination `nvram get lan_ipaddr`
iptables -t nat -A PREROUTING -p tcp -d ! `nvram get lan_ipaddr` --dport 53 -j DNAT --to-destination `nvram get lan_ipaddr`

and --loglevel 5 in /opt/etc/init.d/S09dnscrypt-proxy to get rid of the hourly cert exchanges from syslog. still shows up when they fail
 
Last edited:
Hi, Sinshiva, does this work without installing entware?, are you using also DDNS? Thanks!
 
I would also like to get this to work, preferably without installing Entware, (in the end) using DNSCrypt.eu.

Unfortunately the package provided by ryzhov_al (thanks!) does not work for me either.

Sinshiva, can you share what dnsmasq0/1 look like, or at least the difference between them?

Only this additionally in dnsmasq1?

Code:
no-resolv
server=127.0.0.1#65053

If so, where did you put this line?

Code:
/jffs/bin/dnscrypt-proxy ...

What does /opt/etc/init.d/rc.unslung contain?

(my /opt links to /tmp/opt, but /tmp has no opt folder...)

For those that installed via Entware, what are the MD5/SHA1 hashes for the "hostip" and "dnscrypt-proxy" binaries?

I am not trying to question the trustworthiness of ryzhov_al, but for a tool like this (privacy/security), I think it would be nice to independently verify that the binaries have not been tampered with before/during/after the download.
 
Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top