Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
Is your feature request related to a problem? Please describe.
In isolated/air-gapped network environments without direct internet access, DNS traffic needs to be tunneled through an HTTP proxy. The DNSCrypt-Proxy plugin supports the http_proxy parameter natively, but it cannot be configured through the OPNsense GUI. The only workaround is to manually add the parameter to the Jinja2 template /usr/local/opnsense/service/templates/OPNsense/Dnscryptproxy/dnscrypt-proxy.toml, which gets overwritten on every plugin update and must be reapplied each time.
Describe the solution you'd like
I would like an input field in Services → DNSCrypt-Proxy → Configuration analogous to the existing SOCKS5 proxy field, which adds the http_proxy parameter to dnscrypt-proxy.toml.
Describe alternatives you've considered
Manually adding the http_proxy entry directly to the Jinja2 template after the SOCKS5 proxy block:
http_proxy = 'http://<proxy-host>:<port>'
This works but is not persistent across plugin updates.
Additional context
The http_proxy parameter is documented in the official dnscrypt-proxy configuration reference:
https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Configuration
This feature would benefit users in corporate environments where internet access is only available through an HTTP forwarding proxy chain (e.g. Fortigate → Squid → Internet).
Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
Is your feature request related to a problem? Please describe.
In isolated/air-gapped network environments without direct internet access, DNS traffic needs to be tunneled through an HTTP proxy. The DNSCrypt-Proxy plugin supports the
http_proxyparameter natively, but it cannot be configured through the OPNsense GUI. The only workaround is to manually add the parameter to the Jinja2 template/usr/local/opnsense/service/templates/OPNsense/Dnscryptproxy/dnscrypt-proxy.toml, which gets overwritten on every plugin update and must be reapplied each time.Describe the solution you'd like
I would like an input field in
Services → DNSCrypt-Proxy → Configurationanalogous to the existing SOCKS5 proxy field, which adds thehttp_proxyparameter todnscrypt-proxy.toml.Describe alternatives you've considered
Manually adding the
http_proxyentry directly to the Jinja2 template after the SOCKS5 proxy block:This works but is not persistent across plugin updates.
Additional context
The
http_proxyparameter is documented in the official dnscrypt-proxy configuration reference:https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Configuration
This feature would benefit users in corporate environments where internet access is only available through an HTTP forwarding proxy chain (e.g. Fortigate → Squid → Internet).