Skip to content

Commit

Permalink
qzeleza#241 кэш DNSCrypt
Browse files Browse the repository at this point in the history
  • Loading branch information
AltGrF13 authored and AltGrF13 committed Dec 11, 2024
1 parent 6ad6f3b commit 7a0736f
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions opt/bin/libs/vpn
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2409,11 +2409,11 @@ cmd_dns_crypt_on() {
dns_cache_enabled=$(get_config_value DNS_CACHE_ENABLED)
ready "Шифрование DNS"
{
# оставляем кеш выключенным за счет работы механизма кеширвоания dnsmasq
sed -i "s/\(^cache.=.\).*$/\1false/g" '/opt/etc/dnscrypt-proxy.toml'
#sed -i "s/\(^cache_min_ttl.=.\).*$/\10/g" '/opt/etc/dnscrypt-proxy.toml'
#sed -i "s/\(^cache_max_ttl.=.\).*$/\10/g" '/opt/etc/dnscrypt-proxy.toml'
# из-за отключенного кэша можем повысить безопасность
# кэш
sed -i "s/\(^cache.=.\).*$/\1true/g" '/opt/etc/dnscrypt-proxy.toml'
sed -i "s/\(^cache_min_ttl.=.\).*$/\115/g" '/opt/etc/dnscrypt-proxy.toml'
sed -i "s/\(^cache_max_ttl.=.\).*$/\1129600/g" '/opt/etc/dnscrypt-proxy.toml'
# требование безопасности к серверам
sed -i "s/\(^require_dnssec.=.\).*$/\1true/g" '/opt/etc/dnscrypt-proxy.toml'
# пока нет поддержки IPv6
sed -i "s/\(^block_ipv6.=.\).*$/\1true/g" '/opt/etc/dnscrypt-proxy.toml'
Expand Down

0 comments on commit 7a0736f

Please sign in to comment.