Skip to content

2.0.9b2
Compare
Choose a tag to compare
@jedisct1 jedisct1 released this 09 Apr 11:36
· 1591 commits to master since this release
2.0.9b2
This tag was signed with the committer’s verified signature.
jedisct1 Frank Denis
GPG key ID: 62F25B592B6F76DA
Learn about vigilant mode.
aa53896

New in beta 2:

  • Patterns can now be prefixed with = to do exact matching: =example.com matches example.com but will not match www.example.com.
  • Patterns are now fully supported by the cloaking module.
  • A new option was added to use a specific cipher suite instead of the server's provided one. Using RSA+ChaChaPoly over ECDSA+AES-GCM has shown to decrease CPU usage and latency when connecting to Cloudflare, especially on Mips and ARM systems.
  • The ephemeral keys mode of dnscrypt-proxy v1.x was reimplemented: this creates a new unique key for every single query.

In beta 1:

  • Whitelists have been implemented: one a name matches a pattern in the whitelist, rules from the name-based and IP-based blacklists will be bypassed. Whitelists support the same patterns as blacklists, as well as time-based rules, so that some website can be normally blocked, but accessible on specific days or times of the day.
  • Lists are now faster to load, and large lists require significantly less memory than before.
  • New options have been added to disable TLS session tickets as well as use a specific cipher suite. See the example configuration file for a recommended configuration to speed up DoH servers on ARM such as Android devices and Raspberry Pi.
  • The -service install command now remembers what the current directory was when the service was installed, in order to later load configuration files with relative paths.
  • DoH: The "Cache-Control: max-age" header is now ignored.
Assets 25
Loading