DNSCrypt support for V2Ray #129
Description
Currently all DNS and all traffic flow through the v2ray tunnel because of tun2socks. This is secure however may not be wanted as most node runners use google DNS or cloudflare DNS.
A way around this is to create a packet filter rule to send only DNS traffic through the localhost port 53 ONLY when DNscrypt is enabled.
On MacOS this can be achieved by creating a pf.conf file and reading it with the MacOS pfctl command as such
# Redirect all outbound DNS (TCP + UDP) to local DNS server on 127.0.0.1:53
rdr pass on !lo0 inet proto { tcp udp } from any to any port 53 -> 127.0.0.1 port 53
# Allow everything on loopback
pass quick on lo0 all
# Default pass rule for outbound traffic
pass out all keep state
sudo pfctl -f ~/.meile-gui/pf.conf
sudo pfctl -eWindows & Linux is still TBD. Will update when testing is completed.