Set WARP License key in warp-cli
warp-cli account
warp-cli set-license <your-warp-plus-license-key>
References
https://community.cloudflare.com/t/how-to-use-warp-with-linux-cli/400952
warp-cli account
warp-cli set-license <your-warp-plus-license-key>
References
https://community.cloudflare.com/t/how-to-use-warp-with-linux-cli/400952
Install warp-cli
curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list
sudo apt update
sudo apt install cloudflare-warp
Run warp-cli in proxy mode
warp-cli --accept-tos register warp-cli --accept-tos set-mode proxy warp-cli --accept-tos set-proxy-port 40040 warp-cli --accept-tos connect warp-cli --accept-tos enable-always-on
Configure xray
nano /usr/local/etc/xray/config.json
"outbounds": [ { "protocol": "socks", "settings": { "servers":[ { "address":"127.0.0.1", "port":40040 } ] }, "tag": "warp" } ],
"routing": { "domainStrategy": "AsIs", "rules": [ { "type":"field", "domain":[ "domain:google.com" ], "outboundTag": "warp" } ] },
References
https://developers.cloudflare.com/warp-client/get-started/linux
https://pkg.cloudflareclient.com/install
Get a root shell
sudo -s
check what else is possibly already listening to port 53
ss -lp 'sport = :domain'
systemctl stop systemd-resolved systemctl disable systemd-resolved
ss -lp 'sport = :domain'
Download and run dnscrypt-proxy
Download dnscrypt-proxy here: dnscrypt-proxy binaries.
cp example-dnscrypt-proxy.toml dnscrypt-proxy.toml
./dnscrypt-proxy
Change the system DNS settings
apt-get remove resolvconf
cp /etc/resolv.conf /etc/resolv.conf.backup
rm -f /etc/resolv.conf
And create a new /etc/resolv.conf
file with the following content:
nameserver 127.0.0.1 options edns0
Install the proxy as a system service
./dnscrypt-proxy -service install
./dnscrypt-proxy -service start
./dnscrypt-proxy -service stop
./dnscrypt-proxy -service restart
./dnscrypt-proxy -service uninstall
Want to check that DNS resolution works?
./dnscrypt-proxy -resolve example.com
Connect to 1.1.1.1 using DoH clients
Add cloudflare
and cloudflare-ipv6
to the server list in dnscrypt-proxy.toml
:
server_names = ['cloudflare', 'cloudflare-ipv6']
References
https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Installation-linux
https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-https/dns-over-https-client/
https://cloudflare-dns.com/dns-query
References
https://dnsprivacy.org/public_resolvers/
Download and install the cloudflared daemon
Or Download and install cloudflared
via the Cloudflare Package Repository.
Ubuntu 20.04 LTS (Focal Fossa)
# Add cloudflare gpg key sudo mkdir -p --mode=0755 /usr/share/keyrings curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null # Add this repo to your apt repositories echo 'deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared focal main' | sudo tee /etc/apt/sources.list.d/cloudflared.list # install cloudflared sudo apt-get update && sudo apt-get install cloudflared
cloudflared --version
Run without systemd
cloudflared proxy-dns #cloudflared proxy-dns --port 5553
Run with systemd
sudo tee /etc/systemd/system/cloudflared-proxy-dns.service >/dev/null <<EOF [Unit] Description=DNS over HTTPS (DoH) proxy client Wants=network-online.target nss-lookup.target Before=nss-lookup.target [Service] AmbientCapabilities=CAP_NET_BIND_SERVICE CapabilityBoundingSet=CAP_NET_BIND_SERVICE DynamicUser=yes ExecStart=/usr/local/bin/cloudflared proxy-dns [Install] WantedBy=multi-user.target EOF
sudo systemctl enable --now cloudflared-proxy-dns
sudo rm -f /etc/resolv.conf
echo nameserver 127.0.0.1 | sudo tee /etc/resolv.conf >/dev/null
Finally, verify it locally with:
dig +short @127.0.0.1 cloudflare.com AAAA
Update cloudflared
cloudflared update
References
https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-https/dns-over-https-client/
https://pkg.cloudflare.com/index.html