Entwicklungen

Unter macOS kann Safari das aktuell nicht. Man könnte zwar ein .mobileconfig Profile erstellen und einspielen, aber dann bekommen LittleSnitch bzw. LuLu ein Problem.

Alternativ kann man sich DNSCrypt installieren. Das geht mit brew. Man muss dann nur noch den DNS in den Systemeinstellungen umstellen und den Service laufen lassen oder ihn im Terminal jedesmal starten.

brew install dnscrypt-proxy
sudo brew services info dnscrypt-proxy

After starting dnscrypt-proxy, you will need to point your local DNS server to 127.0.0.1. You can do this by going to System Preferences > „Network“ and clicking the „Advanced…“ button for your interface. You will see a „DNS“ tab where you can click „+“ and enter 127.0.0.1 in the „DNS Servers“ section.

By default, dnscrypt-proxy runs on localhost (127.0.0.1), port 53, balancing traffic across a set of resolvers. If you would like to change these settings, you will have to edit the configuration file:

/usr/local/etc/dnscrypt-proxy.toml

To check that dnscrypt-proxy is working correctly, open Terminal and enter the following command. Replace en1 with whatever network interface you're using:

sudo tcpdump -i en1 -vvv 'port 443'

You should see a line in the result that looks like this:

resolver.dnscrypt.info

To restart dnscrypt-proxy after an upgrade:

sudo brew services restart dnscrypt-proxy

Or, if you don't want/need a background service you can just run:

/usr/local/opt/dnscrypt-proxy/sbin/dnscrypt-proxy -config /usr/local/etc/dnscrypt-proxy.toml