Modified from OpenWrt Wiki
- opkg update
- opkg install dnscrypt-proxy
- The init script that comes with the optware dnscrypt-proxy package relies on rc.common and function.sh to read config files. However, that didn’t seem to work in my hands. So I’m not using /etc/config/dnscrypt-proxy for configuration. Instead, the options are configured in the init.d script and passed as command line arguments to the binary.
Make a simple init.d script
Start dnscrypt-proxy, enable autostart
Call the init.d script from one of the dd-wrt startup files. (I call it from /jffs/etc/config/dnscrypt-proxy.prewall) However, it looks like the .prewall script gets called multiple times so you must make sure your init.d script doesn’t start multiple processes.
Set DNSMasq to run through DNSCrypt-proxy
Configure DNSMasq – all these options can be entered in the dd-wrt GUI. The address line for pool.ntp.org tells DNSMasq to use that IP for that domain, reducing a time delay that might be critical for DNScrypt’s functionality.
bogus-priv no-resolv no-poll expand-hosts server=127.0.0.1#5353 address=/pool.ntp.org/220.127.116.11