OpenDNS Forums
The official support and discussion site of OpenDNS
Support
K-12 Forums
Categories
- Administrative
- Adult site blocking
- DNS-O-Matic / dynamic IPs
- Domain blocking
- Domain Name System (DNS) troubles
- Mobile instructions
- OpenDNS services
- Proxies, accelerators, and more
- Router instructions
- Satellite
- Shortcuts
- Wishlists and feature requests
-
Feeds
Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.
This discussion has been inactive for longer than 30 days, and is thus closed.
-
Hi,
I made a Cydia tweak for iPhone/iPad that allows to change DNS server on 3G and Wifi (GuizmoDNS).
It's available on all Jailbroken devices on Cydia.
You can also set a password to lock DNS manual changes (for use with FamilyShield for example).
If you want more details on this tweak, please feel free to ask !
GuizmoThankful People: barkena -
going to update for iOS5.1.1?
-
It's already compatible with iOS5.1.1
-
I tried installing it and it says not compatible iOS5.1.1.
-
AdministratorNice!
What about a switch to launch dnscrypt, too?
iOS binaries for the dnscrypt proxy are available on github, or you can recompile it just by running the iphone.sh script. But the proxy really needs a UI. -
@nit3shift : Sorry, I forgot to update the compatibility list, it should be fine now.
@jedisct1 : if it has already been ported on iOS, there shouldn't be any problem, I'll probably have time to add it by next week. -
AdministratorJust a quick tutorial for those who want to try dnscrypt on the iPhone/iPad/iPod touch:
1) Download the iOS binary here: https://github.com/opendns/dnscrypt-proxy/downloads
2) Extract the content and use ssh to copy dnscrypt-proxy to /usr/sbin/
3) copy com.opendns.osx.DNSCryptProxy.plist to /Library/StartupDaemons and make sure that the file is owned by root (chown 0:0 /Library/StartupDaemons/com.opendns.osx.DNSCryptProxy.plist).
4) Restart your device or use launchctl to manually start the service.
5) Whenever you want to use dnscrypt, just use 127.0.0.1 as a DNS resolver.Thankful People: zelus -
- CommentAuthorcindelicato
- CommentTimeMay 30th 2012
Remember there are risks to jailbreaking your iOS device. -
Life is always associated with risks...
Jailbreaking an iOS device is the smallest.Thankful People: tridentia -
jedisct1 : you seem to be the maintainer for this package.
I think it'll be cleaner to create a package on one of Cydia official repos, do you mind it I submit one ? or do you prefer do it yourself ? -
AdministratorIt would be really great it you could submit one, as I'm not very familiar with the process.
I'm planning to release a new version Monday (waiting for some server-side change to be deployed everywhere first), so don't rush packaging 0.9.4 or 0.9.5dev yet. -
Ok I'll wait the new release to submit it.
-
Administratordnscrypt 0.9.5 is available, you can package it :)Thankful People: rotblitz
-
Ok. I'm currently abroad, I'll be back tomorrow night.
I'll submit it this week-end. -
I submitted the package, it usually takes 1 or 2 days to be available.
Once it'll be accepted, I'll submit an update for GuizmoDNS supporting it. -
DNSCrypt is available on Cydia.
I didn't have much time to test, but I had segfaults every 2 or 3 requests.
After restarting my iPhone, all was fine.
I don't know yet if the problem was my iPhone, dnscrypt or something wrong with the package.
I'll do more tests, and if all goes well I'll submit GuizmoDNS update tomorrow. -
GuizmoDNS 1.0.5 now available on Cydia !
Please let me know if anything goes wrong.
GuizmoThankful People: ednometry -
I've installed your app and the DNSCrypt from Cydia, after a few reboots I got it working but how come when I use the OpenDNS test sites they just say Proxy Detected instead of you are using openDNS? How can I test to see if it's actually working? It doesn't block internetbadguys.com or redirect from craigslist.og either... and it only has a single dns entry... shouldn't it use both?
edit:
I have checked again and it stops working when I activate DNScrypt now... it works fine when I just manually enter the server addresses and it comes up correctly on the test sites but if I check the DNScrypt option... boom no connections... -
- CommentAuthormaintenance
- CommentTimeJun 14th 2012
Is your DNS entry pointing to 127.0.0.1? -
DNSCrypt is a toggle switch in this app. When you switch it on it locks in the standard open dns 208.67.220.220... and it doesn't work... I tried 127.0.0.1 but that doesn't work either.Thankful People: maintenance
-
Weird, tried it again today and now it works fine... Kudos for the hardwork this was a dollar well spent.
-
AdministratorA new version of the proxy is out. Can you check if it works fine for you and update the Cydia package?
-
I checked and the binary on github doesn't accept the "--user" option.
I recompiled it and it seems fine.
There were crashes sometimes with the previous version :
[INFO] Proxying from [127.0.0.1 (53)] to [208.67.220.220 (443)]
======== Stack trace ========
1 dnscrypt-proxy 0x00006e83 stack_trace_signal_handler + 26
2 libsystem_c.dylib 0x33ee57e3 _sigtramp + 38
3 dnscrypt-proxy 0x0000ba41 uv__run + 36
4 dnscrypt-proxy 0x0000ba41 uv__run + 36
5 dnscrypt-proxy 0x0000bb75 uv_run + 32
6 dnscrypt-proxy 0x00002bdb main + 254
7 dnscrypt-proxy 0x000024c8 start + 52
I don't know if the 0.10 fixes it, I activated the stderr/stdout log to /tmp/DNSCrypt.log, when the update will be available on Cydia, I'll update GuizmoDNS to send this log file with the support mail. -
Administrator0.10 doesn't use libuv any more, and should remove every single issue seen with libuv in the previous versions.
The binaries on github are built with the iOS 6 SDK. And getpw*() functions don't exist any more on iOS 6, thus the --user option is disabled.
Do you know how one is supposed to get a uid and gid according to a user name with the iOS 6 SDK? -
I guess this you are not supposed to use those functions due to AppStore sandbox limitations.
They removed the pwd.h from the iOS6 includes.
I tryied to copy it from iOS5.1 and it worked, so the functions exists, only the header is missing. -
AdministratorAh, lame.
Ok, let's add the required prototypes, then :) -
I had this kind of issues everytime I updated XCode, so I prefered keeping a copy of an old SDK modified for my needs.
For info, DNSCrypt 0.10 is available on Cydia. -
DNScrypt version 0.10 doesn't seem to work, whether it be standalone or with GuizmoDNS 1.0.5, it breaks DNS. DNScrypt version 0.9.5 worked just fine as standalone or along with GuizmoDNS. I can install the 0.9.5 deb to work standalone, but as soon as I install GuizmoDNS which has DNScrypt 0.10 install intergrated, Cydia starts producing errors about the inability to overwrite DNScrypt which causes Cydia to refuse to install anything else until I remove GuizmoDNS. The only way to continue using DNScrypt and have the ability to install stuff in Cydia, is installing the standalone 0.9.5 deb. Please fix this, I would like to use GuizmoDNS to manage DNScrypt.
iPhone 2G IOS 3.1.3 -
Administrator"iPhone 2G IOS 3.1.3"
The proxy really hasn't been designed to support such an old version of iOS. Current versions of XCode don't even ship with emulators for iOS < 5.0. And XCode doesn't compile code compatible with older CPUs (like, before the iPhone 3G) any more.
I'm actually quite surprised that 0.9.5 used to work on iOS 3. Maybe libevent is using some API that is nonexistent on iOS 3 and libuv didn't.
But even if older versions worked on iOS 3, they haven't been tested on it. At all. I don't know if the crypto functions are working properly on this environment. I don't know if the key pairs are secure when generated on iOS 3. So even if "it seems to work", please don't use it on iOS < 5.0 -
Indeed the actual 0.10 version on Cydia is compiled for armv7 only (iPhone 4/4S or iPads).
Version 0.9.5 was compiled for armv6 (iPhone 2G/3G or newer).
The best I can do is to compile for both armv6 and armv7, dnscrypt will at least start on your device, but as jedisct1 says, it has not been validated on iOS<5.0.
Concerning your Cydia message, check if you have the file /usr/sbin/dnscrypt-proxy still exists, if so, remove it and try again. -
Ok, now lets imagine it does work in IOS 3. Couldn't the GuizmoDNS install do a check for previous installion of DNScrypt to determine if it even needs installing? This should eliminate the Cydia problem. I am guessing this behavior happens to even those running IOS 5 and hadn't updated DNScrypt under Cydia changes, but tried to install GuizmoDNS.
Could someone develop a web service to check if DNScrypt is even being implemented? I use Dig to see if the proxy is working, but are the lookup's even being encrypted? How does one know for sure, no matter the platform? Might as well stick to VPN, eh... -
AdministratorYou can check that a query was made using dnscrypt by querying the TXT record for debug.opendns.com:
$ drill txt debug.opendns.com
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 38316
;; flags: qr rd ra ; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; debug.opendns.com. IN TXT
;; ANSWER SECTION:
debug.opendns.com. 0 IN TXT "server 1.pao"
debug.opendns.com. 0 IN TXT "flags 20 0 2f4 0"
debug.opendns.com. 0 IN TXT "id 0"
debug.opendns.com. 0 IN TXT "source 69.181.22.52:59198"
debug.opendns.com. 0 IN TXT "dnscrypt enabled (7136666E76576A38)"
That said, dnscrypt only authenticates DNS queries. If you have a VPN, you'd rather use it than dnscrypt (provided that you trust the VPN provider), as it authenticates and encrypts everything, not only DNS queries. -
iPhone 2G IOS 3.1.3 w/ DNScrypt 0.9.5 apparently works
https://www.dropbox.com/s/qfswipf7mn8xxyt/IMG_0004.PNG -
DNSCrypt 0.10-1 on Cydia should run on iPhone2G/3G.
1 to 34 of 34
This discussion has been inactive for longer than 30 days, and is thus closed.