Шлюз в интернет
eth0 (192.168.1.5) wlan0 (10.42.0.1) раздаёт интернет в локальную сеть.Запускаю его
dnscrypt-proxy -R cisco --local-address=127.0.0.1
[INFO] - [cisco] does not support DNS Security Extensions
[WARNING] - [cisco] logs your activity - a different provider might be better a choice if privacy is a concern
[NOTICE] Starting dnscrypt-proxy 1.6.1
[INFO] Generating a new session key pair
[INFO] Done
[INFO] Server certificate #1517943461 received
[INFO] This certificate is valid
[INFO] Chosen certificate #1517943461 is valid from [2018-02-07] to [2019-02-07]
[INFO] Server key fingerprint is 240B:11B7:AD02:FAC0:6285:1E88:6EAA:44E7:AE5B:AD2F:921F:9577:514D:E226:D552:6836
[NOTICE] Proxying from 127.0.0.1:53 to 208.67.220.220:443Если я правильно понимаю,то должен это сделать через правила iptables и функцию OUTPUT
resolv.conf
nameserver 127.0.0.1dnsmasq.conf
no-resolv
no-hosts
server=127.0.0.1#1053
server=127.0.0.1#2053
listen-address=127.0.0.1netstat -vnalp | grep \:53
[root@localhost linux-x86_64]# netstat -vnalp | grep \:53
netstat: no support for `AF INET (sctp)' on this system.
netstat: no support for `AF INET (sctp)' on this system.
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 8524/dnscrypt-proxy
tcp 0 0 10.42.0.1:53 0.0.0.0:* LISTEN 890/dnsmasq
udp 0 0 0.0.0.0:53490 0.0.0.0:* 3639/plugin-contain
udp 0 0 0.0.0.0:5353 0.0.0.0:* 735/avahi-daemon: r
udp 0 0 127.0.0.1:53 0.0.0.0:* 8524/dnscrypt-proxy
udp 0 0 10.42.0.1:53 0.0.0.0:* 890/dnsmasq
netstat: no support for `AF IPX' on this system.
netstat: no support for `AF AX25' on this system.
netstat: no support for `AF X25' on this system.
netstat: no support for `AF NETROM' on this system.
Подскажите с правилами или в какую сторону двигаться.
