Package Details: cjdnsify 20140717.r6.bc354af-2

Git Clone URL: (read-only, click to copy)
Package Base: cjdnsify
Description: Limit network access of bind-compatible programs to the local cjdns network
Upstream URL:
Licenses: GPL
Submitter: prurigro
Maintainer: prurigro
Last Packager: prurigro
Votes: 13
Popularity: 0.000000
First Submitted: 2012-02-23 08:48 (UTC)
Last Updated: 2015-11-25 23:51 (UTC)

Latest Comments

prurigro commented on 2015-11-25 23:51 (UTC)

@wlritchi: good call, I've made the change- thanks!

wlritchi commented on 2015-11-10 03:44 (UTC)

Shouldn't this package depend on cjdns rather than cjdns-git?

prurigro commented on 2013-08-21 06:05 (UTC)

New update! * The package now complies with the latest PKGBUILD standards. * The /etc/cjdnsify.conf file has been moved to /etc/default/cjdnsify * The package now uses a github repo instead of including the files itself A README now exists in the github repo, though I didn't add it to this package since it seemed more relevant to people installing cjdnsify themselves. If anyone disagrees on that note, and thinks it would be useful to have it in the package, I'd be up to debate it's inclusion as a manpage or something. Cheers!

prurigro commented on 2012-07-14 07:16 (UTC)

Hmm interesting, two things to note: some applications appear to be unable to load using the script, and a few others aren't effected by it-- firefox and wget are two that did work with it, but I suppose best practice at the moment would be to test each app/service before trusting it

prurigro commented on 2012-07-14 06:55 (UTC)

Alright! The problem was that makepkg was stripping required symbols from the force_bind library, and removing this function fixed things nicely :) Once that was good, I realized the ipv4 needed to be pointed at localhost to prevent it from functioning, and all appears to be working perfectly now :)

prurigro commented on 2012-07-11 02:06 (UTC)

OK, I've switched to a new library called force_bind which seems to work properly, but it's also made the applications I've tested with it a bit unstable (especially when you attempt an ipv4 connection using them), so it might be worth keeping that in mind

prurigro commented on 2012-07-10 08:11 (UTC)

Something's changed since I built this script, and only seems to work on non-local dns servers in /etc/resolv.conf now, meaning it no longer protects against leaking your ipv4 address on cjdns connections, but you can add the hypedns dns server to the second entry in /etc/resolv.conf and have it so that only applications launched with cjdnsify will use the hypedns dns server (rather than going system-wide or nothing). I'll look into trying to get cjdnsify to work again, if its possible, and I'll post a followup if/when I do. Until then, don't use it for its original purpose and think you're protected!