Skip to content
jamiees2 edited this page Dec 31, 2014 · 5 revisions

SNI (Simple Setup)

Use this setup if all your multimedia players are SNI-capable. (This is usually the case.)

Requires a U.S. based server (a 128 MB low end VPS is enough) and preferrably a local Dnsmasq DNS forwarder. DD-WRT routers or a Raspberry Pi will do. You can run Dnsmasq on the remote server as well but please be aware of the security and latency issues.

##Setting up config.json In SNI mode, you don't have to worry about the base_ip and the base_port options. Those options are not used, just leave them at their defaults. Make sure iptables_location points to the iptables executable and enter your VPS' IP address in public_ip. Make sure the ports 80 and 443 on your VPS are not being used by some other software like Apache2. Use netstat -tulpn to make sure.

Make sure to sync config.json across all the servers/devices, as these commands are intended to be run on different servers/devices.

Note: Instead of running multiple dnsproxy.py commands on different servers, you can instead run python dnsproxy.py -m sni anywhere and copy the configuration files between the servers/devices.

##Setting up HAproxy:

First, provision a server from any VPS provider, but make sure it is located in the country you would like your location to come from. A 128 MB VPS is enough. Run these commands on that server.

Clone the repo: git clone https://github.com/jamiees2/dnsproxy.git.

Run the generator: python dnsproxy.py -o haproxy The generator will create the file output/haproxy.conf

Install HAproxy. On Ubuntu you can do the following (as root):

apt-get update -qq && apt-get install -y software-properties-common
add-apt-repository -y ppa:vbernat/haproxy-1.5
apt-get update -qq && apt-get install -y haproxy

Copy output/haproxy.conf to /etc/haproxy.cfg.

Restart HAproxy. sudo service haproxy restart.

##Setting up DNSMasq You can set this up on the same server as haproxy, but because of serious security and latency issues, i would much rather reccomend to set this up locally instead.

First of all, generate the configuration by running python dnsproxy.py -o dnsmasq

If you are running dnsmasq on a server, like a Raspberry PI, install dnsmasq with sudo apt-get install dnsmasq. Then set it up by copying output/dnsmasq-haproxy.conf to /etc/dnsmasq.d/. If /etc/dnsmasq.d/ doesn't exist, you might want to copy it to /etc/dnsmasq.conf instead.

If you would like to setup dnsmasq on your router, assuming it is running DD-WRT, you can simply append the contents to the DNSMasq textbox under Services->DNSMasq.

##Setting up the hosts file (Optional, only neccessary if you didn't bother setting up dnsmasq) You can also use a hosts file, which will only work locally though.

Generate it with python dnsproxy.py -o hosts. Append the contents of output/hosts-haproxy.txt to /etc/hosts or to %SystemRoot%\system32\drivers\etc\hosts, depending if your local computer is Linux or Windows.

Test your new setup with http://trick77.com/dns-unblocking-setup-tester/

Clone this wiki locally