Shibby + DNSCrypt + DNSMasq for redirection = Will it work?

Discussion in 'Tomato Firmware' started by LasVegas, Aug 11, 2014.

  1. LasVegas

    LasVegas Networkin' Nut Member

    Okay my goal is to use Tomato by Shibby with DNSCrypt enabled. If I use DNSMasq for certain domains with a DNS redirection service (USAccess, UnoDNS, etc.) will it work in conjunction with DNSCrypt? The other variable is using Intercept DNS port (UDP 53) with hardcoded DNS devices, like the Chromecast and Roku.

    On another note, is there a manual way to add a resolver to Shibby's dnscrypt-proxy list? I'd like to use , but it's not available as a selection.

    Tomato & DNSMasq

    Tomato & Hardcoded DNS Devices
  2. lancethepants

    lancethepants Network Guru Member

    When dnscrypt is enabled it is simply used as an upstream server. You should be able to do anything with dnsmasq that you could do with any other resolver. The list is hard-coded. It should be auto-updated when the developers compile new firmware, but they might need to do it manually.
    It sounds like you're using a more up-to-date version of shibby. There is a 'manual entry' available if the resolver you want is not in the list.
  3. LasVegas

    LasVegas Networkin' Nut Member

    I was a dip and didn't see that manual DNSCrypt setting in Shibby's firmware (121 build). I got two aspects working, DNSCrypt and DNSMasq entries for DNS redirection (Netflix, Hulu, etc.). I can't get the set-top devices with hardcoded Google DNS to bypass nor I've tried checking Intercept DNS port (UDP 53) and also tried the following in Tomatoe's firewall with no luck:

    iptables -I PREROUTING -t nat -p udp -d --dport 53 -j DNAT --to-destination [DNS redirection server]
    iptables -I PREROUTING -t nat -p udp -d --dport 53 -j DNAT --to-destination [DNS redirection server]
  4. Grimson

    Grimson Networkin' Nut Member

    Is it possible that those boxes, with hardcoded dns, use a different port for dns request?
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice