DNSProtect is a local DNS Server built for security and privacy.
Create a config file in your first run running
docker run -it -v ${pwd}:/usr/src/dnsprotect/config jmbrito/dnsprotect setup -o ./config/myconfig.jsonThe default configuration should work fine, if you need to customize something, feel free. After all questions, you should see a myconfig.json in the directory you ran the command.
Start the DNS server:
docker run -it -v ${pwd}:/usr/src/dnsprotect/config -p 53:8000 -e PORT=8000 jmbrito/dnsprotect start -c ./config/myconfig.json -w 1Now that you have everything running, you can simply set your DNS Server from your PC to localhost and everything should start working.
Privacy
- Force DoH(Force DNS-over-HTTPS in all DNS queries)
- Force DoT (Force DNS-over-TLS in all DNS queries)
- Domain Black List (used for adblock and no tracking)
- Domain Whitelist (allow only selected domains to be reached and block all else)
- DNSSEC
- Change Mode: Force all queries to ask for DNSSEC
- Block Mode: Set to block all queries that dont ask for DNSSEC or all responses that dont ask answer with DNSSEC
- FUTURE: Handshake.org DNS Name Resolution
- FUTURE: Accept DoH and DoT requests
- FUTURE: DNS-over-QUIC
- FUTURE: DNS-over-DTLS
- FUTURE: DNSCrypt and Anonymized DNSCrypt
- FUTURE DNS-over-blockchain (https://ens.domains/)
- FUTURE: DNS over Tor
Performance
- Query Cache (Use Redis to cache DNS query results respecting TTLs for fast dns resolutions)
- Multi-threading for receiving requests
- Multiple forward servers (Forward Load Balancing)
- Random Balance Strategy
- Round Robin Strategy
- FUTURE: Sticky Sessions
Development
- DNS Overrides (Override DNS resolutions for you selected IPs)
- FUTURE: Monitoring (Prometheus)
- FUTURE NAT64