Because my ISP using a dns transparent, some website are blocked, to fix this problem im using a dnscrypt in my computer, but it is annoying, because i have to start dnscrypt and it use more resource on my computer, so i have to find a way to make dnscrypt to run on my router, after searching on google, theres a way to run dnscrypt on my tplink router with opwnrt firmware, and today i’m trying to flash my TP-Link WDR-3600 wireless router to OpenWRT and setup dncsrypt to run on it
Here’s the step i take
- Download the openwrt firmware for wdr 3600 ini here and find openwrt-15.05-ar71xx-generic-tl-wdr3600-v1-squashfs-factory.bin
- Rename it so the filename is not too long
- Login to router and do factory reset
- Go to upgrade firmware, select the file that already downloaded, and then upgrade
- It will take a while, after finish, refresh your network and then login to router using this address http://192.168.1.1
- Dont forget to change the password, in default theres no password
- Done flashing to openwrt
- Let’s install dnscrypt
- Go to System>Software
- Find dnscrypt, if theres no dnscrypt package, update the page first
- After dnscrypt installed Login to the router using ssh
- Edit
1/etc/config/dnscrypt-proxy using vi or other editor
-
1
2
3
4
5
6config dnscrypt-proxy
option address '127.0.0.1'
option port '5353'
# option resolver 'cisco'
# option resolvers_list '/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv'
# option ephemeral_keys '1' - edit the config as necesary
- Go to System>Startup
- put this code before exit 0
-
1
2
3/etc/init.d/dnscrypt-proxy enable
sleep 10
/etc/init.d/dnscrypt-proxy start - Using ssh again and edit
1/etc/config/dhcp
-
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18config dnsmasq
option domainneeded 1
option boguspriv 1
option filterwin2k 0
option localise_queries 1
option rebind_protection 1
option rebind_localhost 1
option local '/lan/'
option domain 'lan'
option expandhosts 1
option nonegcache 0
option authoritative 1
option readethers 1
option leasefile '/tmp/dhcp.leases'
# option resolvfile '/tmp/resolv.conf.auto'
option noresolv 1
list server '127.0.0.1#5353'
list server '/pool.ntp.org/208.67.222.222' - Restart your router or restart the dnsmasq using /etc/init.d/dnsmasq restart
- Done and Good Luck!