A simple DNS-over-HTTPS (DoH) proxy server written in Go. This tool acts as an intermediary between a DNS client and one or more DNS-over-HTTPS servers, forwarding DNS queries over HTTP/2 and handling responses.
- Supports both TCP and UDP for DNS queries.
- Configurable to use multiple upstream DoH servers.
- Logs all proxied requests (optional).
- HTTP/2 support for faster and more secure communication.
- Go: Make sure you have Go installed on your machine. You can download it from golang.org.
-
Clone this repository:
git clone https://git.olympuslab.net/afonso/dohproxy cd dohproxy
-
Build the Go executable:
go build dohproxy.go
Run the dohproxy
with the following options:
./dohproxy [options]
- -l: Listen address for the DNS server (default:
127.0.0.1
). - -p: Port for the DNS server (default:
53
). - -tcp: Listen on TCP.
- -udp: Listen on UDP.
- -log: Enable logging for each request proxied through an upstream.
- -u: Specify upstream DoH server URLs (can be specified multiple times).
To start the proxy on localhost
at port 5353
, listening on both TCP and UDP (uses both by default), with two upstream DoH servers and logging enabled:
./dohproxy -l 127.0.0.1 -p 5353 -tcp -udp -log -u https://dns.quad9.net/dns-query -u https://1.1.1.1/dns-query
- You need to run dohproxy as root to use lower ports (such as 53).
- At least one upstream DoH server URL is required for the proxy to function.
- If this proxy is used as your system's default DNS resolver and the upstream server URL is a domain name, at least one other DNS server must be specified as an IP address to avoid circular dependency issues.
This project is licensed under the MIT License - see the LICENSE file for details.
- Uses the miekg/dns package for DNS handling.
- Supports HTTP/2 with golang.org/x/net/http2.