Date: Thu, 29 Mar 2018 00:49:47 +0000 (UTC) From: "Danilo G. Baio" <dbaio@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r465857 - in head/dns/dnscrypt-proxy2: . files Message-ID: <201803290049.w2T0nlVo012321@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dbaio Date: Thu Mar 29 00:49:47 2018 New Revision: 465857 URL: https://svnweb.freebsd.org/changeset/ports/465857 Log: dns/dnscrypt-proxy2: Improve information/texts Submitted by: tj@mrsk.me (email) Approved by: egypcio@googlemail.com (maintainer, irc) Modified: head/dns/dnscrypt-proxy2/Makefile head/dns/dnscrypt-proxy2/files/dnscrypt-proxy.in head/dns/dnscrypt-proxy2/pkg-descr head/dns/dnscrypt-proxy2/pkg-message Modified: head/dns/dnscrypt-proxy2/Makefile ============================================================================== --- head/dns/dnscrypt-proxy2/Makefile Thu Mar 29 00:26:16 2018 (r465856) +++ head/dns/dnscrypt-proxy2/Makefile Thu Mar 29 00:49:47 2018 (r465857) @@ -2,6 +2,7 @@ PORTNAME= dnscrypt-proxy PORTVERSION= 2.0.7 +PORTREVISION= 1 CATEGORIES= dns security PKGNAMESUFFIX= 2 Modified: head/dns/dnscrypt-proxy2/files/dnscrypt-proxy.in ============================================================================== --- head/dns/dnscrypt-proxy2/files/dnscrypt-proxy.in Thu Mar 29 00:26:16 2018 (r465856) +++ head/dns/dnscrypt-proxy2/files/dnscrypt-proxy.in Thu Mar 29 00:49:47 2018 (r465857) @@ -6,12 +6,16 @@ # REQUIRE: cleanvar SERVERS # BEFORE: dnsmasq local_unbound unbound named # -# These are some lines to configure dnscrypt-proxy on /etc/rc.conf: +# Options to configure dnscrypt-proxy via /etc/rc.conf: # -# dnscrypt_proxy_enable (bool): Enable service on boot. Default: NO -# dnscrypt_proxy_conf (str): Config file to use. Default: %%PREFIX%%/etc/dnscrypt-proxy.toml -# dnscrypt_proxy_uid (str): Set to "_dnscrypt-proxy" by default. +# dnscrypt_proxy_enable (bool) Enable service on boot +# Default: NO # +# dnscrypt_proxy_conf (str) Config file to use +# Default: %%PREFIX%%/etc/dnscrypt-proxy.toml +# +# dnscrypt_proxy_uid (str) User to run dnscrypt_proxy as +# Default: _dnscrypt-proxy . /etc/rc.subr Modified: head/dns/dnscrypt-proxy2/pkg-descr ============================================================================== --- head/dns/dnscrypt-proxy2/pkg-descr Thu Mar 29 00:26:16 2018 (r465856) +++ head/dns/dnscrypt-proxy2/pkg-descr Thu Mar 29 00:49:47 2018 (r465857) @@ -1,4 +1,4 @@ -A flexible DNS proxy, with support for modern encrypted DNS protocols such as +A flexible DNS proxy with support for modern encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTP/2. WWW: https://github.com/jedisct1/dnscrypt-proxy Modified: head/dns/dnscrypt-proxy2/pkg-message ============================================================================== --- head/dns/dnscrypt-proxy2/pkg-message Thu Mar 29 00:26:16 2018 (r465856) +++ head/dns/dnscrypt-proxy2/pkg-message Thu Mar 29 00:49:47 2018 (r465857) @@ -1,16 +1,14 @@ ===================================================================== -Version 2 of dnscrypt-proxy is written in Go and in FreeBSD it's -not capable to drop root privileges after binding a low port (53), -Go issue [1][2]. +Version 2 of dnscrypt-proxy is written in Go and therefore isn't capable +of dropping privileges after binding to a low port on FreeBSD. -For default dnscrypt-proxy2 is listening in port 5353 using username -_dnscrypt-proxy. +By default, the dnscrypt-proxy2 port will listen on (tcp/udp) port 5353 +as the _dnscrypt-proxy user. -You can change your rc.conf/config to use port 53 and root but it's -not recommended. +It's possible to change back to port 53, but not recommended. -It's needed some tweaks to use dnscrypt-proxy2 on port 5353 on your -machine, some examples below to redirect localhost port 53 to 5353: +Below are a few examples on how to redirect local connections from port +5353 to 53. [ipfw] @@ -34,13 +32,9 @@ machine, some examples below to redirect localhost por server: interface: 127.0.0.1 do-not-query-localhost: no - hide-identity: yes - hide-version: yes forward-zone: name: "." forward-addr: 127.0.0.1@5353 -[1] - https://github.com/jedisct1/dnscrypt-proxy/issues/199 -[2] - https://github.com/golang/go/issues/13838 =====================================================================
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201803290049.w2T0nlVo012321>