Virtual Private Network for Everything. The VPN application implements a "Virtual" Virtual Private Network i.e. there is no VPN server to connect to. The VPN creates a tunnel device, and it consumes all IP packets routed via the tunnel. This model allows to implement application independent network filters, for example:
- DNS-over-HTTPS service that does not depend on the DoH capabilities of the applications
- Ad Blocking service that works without any browser plugins and extensions.
Start the vpn application with DoH URL:
$ sudo ./vpn -doh https://mozilla.cloudflare-dns.com/dns-query
The DoH proxy implements the DNS request padding strategy, defined in
RFC 8467. If your DoH server
does not support padding, you can disable it with the -nopad option.
Start the vpn application with a domain blacklist file:
$ sudo ./vpn -blacklist test.bl -i
The -i flag starts the application in interactive mode:
You can also combine ad blocker with DoH:
$ sudo ./vpn -blacklist test.bl -doh https://mozilla.cloudflare-dns.com/dns-query -i
The tunnel device management code is taken from Frank Denis' project A Dead Simple VPN.
Mac OSX configuration is from the Internet. The DNS cache flushing instructions were borrowed from help.dreamhost.com.
$ scutil --dns | grep nameserver
$ networksetup -setdnsservers Wi-Fi 192.168.192.254
$ networksetup -setdnsservers Wi-Fi empty
$ sudo killall -HUP mDNSResponder; sudo killall mDNSResponderHelper; sudo dscacheutil -flushcache
$ sudo killall -HUP mDNSResponder