Crates.io | rust-doh-proxy |
lib.rs | rust-doh-proxy |
version | 0.5.4 |
source | src |
created_at | 2020-01-11 13:32:14.897116 |
updated_at | 2020-06-14 15:49:28.748832 |
description | Rust DNS over HTTPS proxy application |
homepage | |
repository | https://github.com/aaronriekenberg/rust-doh-proxy |
max_upload_size | |
id | 197478 |
size | 113,403 |
Simple and super useful DNS over HTTPS proxy server. Mostly an exercise to learn more async/await in Rust, but stable enough that I'm using this as the only DNS server on my home network.
In short this app listens on normal/legacy DNS UDP and TCP sockets on the local network. It proxies to an upstream DNS over HTTPS server and caches the results. Also supports simple forward and reverse host/IP mappings to allow authorative lookups on a local domain.
Tech Stack:
After building with cargo, you can run the app as follows. Since this is using env_logger need to set RUST_LOG variable to get log output:
RUST_LOG=info ./target/debug/rust-doh-proxy ./config/config.json
If all is well you will see these logs that the app is listening on 127.0.0.1:10053.
[INFO rust_doh_proxy::doh::udpserver] listening on udp 127.0.0.1:10053
[INFO rust_doh_proxy::doh::tcpserver] listening on tcp 127.0.0.1:10053
Then you can use dig for example to make a DNS query to the app:
dig -p 10053 @127.0.0.1 google.com
Normally DNS uses a privileged port 53. In this example this app is using unprivileged port 10053 to run as a normal user. The listen address and port are configurable in the configuration json file.
To use this app as a DNS server that serves requests on port 53, I use nftables on linux with a redirect rule to redirect incoming requests on port 53 to port 10053.
See config directory for examples.
See systemd directory for an example user unit file.
Using cross to compile for x86_64 Linux on MacOS:
cross build --target x86_64-unknown-linux-gnu --release