keweonDNS - now with improved Certificate (iOS, Mac & Android)

MrT69

Senior Member
May 9, 2006
1,731
4,389
153
51
Königsbrunn
www.keweon.de
Hi @MrT69,
I try put ur provided Singapore DNS IP as primary DNS instead, but do u know why DNS checker website still detected it from "Germany" server 88.198.139.2, 88.198.139.3?
Is this correct?
Yep. That's correct. You allways will get some strange answers because it would make no sense when the Server are readable within this way.
Adblock Blocker nerds would develope a tiny PHP scripts and than the keweonDNS is history. A good friend is a WebDev and with him I have had hard tests. ;)

And yes, it's a tiny secret. :D
 
Last edited:

MrT69

Senior Member
May 9, 2006
1,731
4,389
153
51
Königsbrunn
www.keweon.de
Afaik, i has set dns on my Huawei router. And its working, well then its problem with ipv6, like u said.
Huawei router



Btw, im using magisk dns, but look like its not workin when connected to other router wifi (free wifi on coffee shop). Maybe u / someone can check it. Thx

That's why I'm using the DNS Changer APP outside. A lot of public hotspot and even 3/4G Provider are working with IPv6. That's the reason why it's not working outside. The currenty Module is only working with IPv4.

I know a few guys are already working on this. You need to wait or use the DNS Changer App as interim solution.
 
  • Like
Reactions: D-dy

D-dy

Senior Member
Sep 28, 2011
719
127
73
Kutaraja
That's why I'm using the DNS Changer APP outside. A lot of public hotspot and even 3/4G Provider are working with IPv6. That's the reason why it's not working outside. The currenty Module is only working with IPv4.

I know a few guys are already working on this. You need to wait or use the DNS Changer App as interim solution.
Its ok to use both dns changer without removing /disable dns module? I mean, any bad effects on internet connection? Thx

---------- Post added at 09:09 AM ---------- Previous post was at 09:07 AM ----------

Coz, sometime i need to use other vpn app to bypass some sites... ?
 
  • Like
Reactions: MrT69

madfarts

Member
Jul 15, 2018
26
16
0
Singapore
Check this post ...


---------- Post added at 10:15 AM ---------- Previous post was at 09:48 AM ----------



After a new connection(mobile data/wifi) is established android pings some address to check whether the connection has internet connectivity or not. And as the module is active the ping fails(the address might be blocked) as no data packet can be sent by any other route except the ones set by the module ;) and so the cross sign is displayed. Don't be bothered by the cross sign, be assured that even a tiny bit of your data isn't going anywhere it's not supposed to ;)
I just tried turning back on the magisk module and the internet working fine with no exclamation wifi icon. ;)
 
Last edited:
  • Like
Reactions: bhaskarjy0ti

bhaskarjy0ti

Senior Member
Jan 7, 2018
124
99
0
Using magisk module and its doing very well. Also very easy to set up. Just a quick question do I still need to use the root certificate in tandem with module?
Root certificate is included within the modules. No need to install it separately.

---------- Post added at 10:13 AM ---------- Previous post was at 10:08 AM ----------

Its ok to use both dns changer without removing /disable dns module? I mean, any bad effects on internet connection? Thx

---------- Post added at 09:09 AM ---------- Previous post was at 09:07 AM ----------

Coz, sometime i need to use other vpn app to bypass some sites... ?
Yes of course you can use other vpn with the module. I do it too ?
 
  • Like
Reactions: D-dy and ttocs99

MrT69

Senior Member
May 9, 2006
1,731
4,389
153
51
Königsbrunn
www.keweon.de
Bcoz my country blocked that site, like reddit.

Ahh... OK. I can't open this.
Of cause I can open it but then they would block the entire system. That would make no sense.

At the moment it seems every county will pass access to my DNS.
I don't have any confirmation from Iran until now. If they would pass it that would be great.

Actually I'm working on a bypass for Provider based DNS lock. No clue if this will work because without any knowledge about there infrastructure it's just a try and error game.
 

cutesniper22

Senior Member
Jul 21, 2012
72
4
28
Hi @MrT69,
May I know tat those blacklist or whitelist that send to you, how do u filter these lists?
For example: If you whitelist based on the given list, do you whitelist the entire website (including those ads/privacy/malware within it?) or whitelist the webpage only which allow it to be surfed through? same as blacklist..
Sorry for noob question...
 

kanno_miho

Senior Member
Jul 24, 2007
94
21
0
Do you mean the recent update of magisk module ?
And can you access internet through wifi even it shows the cross sign?
only the icon problem. internet is ok. I still can surf and download.

and yes. the recent update of the module. I want to roll back and can't the the previous version. :(
 

MrT69

Senior Member
May 9, 2006
1,731
4,389
153
51
Königsbrunn
www.keweon.de
Hi @MrT69,
May I know tat those blacklist or whitelist that send to you, how do u filter these lists?
For example: If you whitelist based on the given list, do you whitelist the entire website (including those ads/privacy/malware within it?) or whitelist the webpage only which allow it to be surfed through? same as blacklist..
Sorry for noob question...

This is in the meantime a complex thing. I hope that I can explain it well.

The very fist start of this Project was at 2003. I started with hosts files and I started to manually filter out the wrong things. During the time the whitelist increased in the meantime up to a few Gigabyte.

The first thing I do is to import the list into my Database server. Than I will compare them and write the rest into a separate Database. I will extract this and double check it manually. I have a few domains within my head and check if there are still addresses which needs to be blocked.

The same thing is with whitelisting. I process them via my blacklist and check them again if there is a error inside. The problem is that I need to check them manually because I have only limited API access to a few providers.

I need to filter out strange and unknown addresses and e.g. check them by Virus Total. I would like to have it full automated but there unlimited API will cost 6.700 US$ per Month. I already have invented an algorithm for a full check but in addition I would need some high speed Internet Lines, a bunch of Servers and a license for an Enterprise Database. In summary to clean up the entire Internet I have calculated the costs. For this toy I expect round about 1.3 Million EUR per year.

At the moment I'm doing only an DNS check. I take the address and check it against Google, Cloudflare and Level3 DNS Servers. If it's a broken CSS or if some Videos are not working than I need to do this manually. That's sometimes a few minutes job but sometimes I need to do a deeper look. Especially when they believes they need to use dynamic Server addresses or tricky Javascript. That's not my favorite language and sometimes this Scripts drives me really crazy.

In addition I can only use public and licensed free sources. At the moment I have round about 40 Million addresses on the Blacklist. If I could use public sources and my own development I'm far over 100 Million entries. In addition is my IP Adress list. This list has extracted round about 6GB.

I can do a lot of more things. But I'm technical limited, I'm financially limited and I'm limited by time because I have a Job, Family and sometimes I need to take a sleep ?

If I get some list I will check them against my DNS. If I see they will be blocked than I remove it. If it happens that they are still blocked than I need to identify the Load Blancer. But because of the huge feedback I received actually I can't do a manually check of each site. That's the reason why it's sometimes a need to send the domain again.

Sometimes a few user set the hash tag at the end and set a comment e.g. Video or CSS is not working. This is really helfull.

Is this the answer you expect or do you want to know more details?
 
Last edited:

cutesniper22

Senior Member
Jul 21, 2012
72
4
28
This is in the meantime a complex thing. I hope that I can explain it well.

The very fist start of this Project was at 2003. I started with hosts files and I started to manually filter out the wrong things. During the time the whitelist increased in the meantime up to a few Gigabyte.

The first thing I do is to import the list into my Database server. Than I will compare them and write the rest into a separate Database. I will extract this and double check it manually. I have a few domains within my head and check if there are still addresses which needs to be blocked.

The same thing is with whitelisting. I process them via my blacklist and check them again if there is a error inside. The problem is that I need to check them annually because I have only limited API access to a few providers.

I need to filter out strange and unknown addresses and e.g. check them by Virus Total. I would like to have it full automated but there unlimited API will cost 6.700 US$ per Month. I already have invented an algorithm for a full check but in addition I would need some high speed Internet Lines, a bunch of Servers and a license for an Enterprise Database. In summary to clean up the entire Internet I have calculated the costs. For this toy I expect round about 1.3 Million EUR per year.

At the moment I'm doing only an DNS check. I take the address and check it against Google, Cloudflare and Level3 DNS Servers. If it's a broken CSS or if some Videos are not working than I need to do this manually. That's sometimes a few minutes job but sometimes I need to do a deeper look. Especially when they believes they need to use dynamic Server addresses or tricky Javascript. That's not my favorite language and sometimes this Scripts drives me really crazy.

In addition I can only use public and licensed free sources. At the moment I have round about 40 Million addresses on the Blacklist. If I could use public sources and my own development I'm far over 100 Million entries. In addition is my IP Adress list. This list has extracted round about 6GB.

I can do a lot of more things. But I'm technical limited, I'm financially limited and I'm limited by time because I have a Job, Family and sometimes I need to take a sleep

If I get some list I will check them against my DNS. If I see they will be blocked than I remove it. If it happens that they are still blocked than I need to identify the Load Blancer. But because of the huge feedback I received actually I can't do a manually check of each site. That's the reason why it's sometimes a need to send the domain again.

Sometimes a few user set the hash tag at the end and set a comment e.g. Video or CSS is not working. This is really helfull.

Is this the answer you expect or do you want to know more details?
I just worried that your whitelist filtering may accidently ignore those ads/malware ....
Thanks for your clear explanation, it is more than I expected.
 
  • Like
Reactions: MrT69

D-dy

Senior Member
Sep 28, 2011
719
127
73
Kutaraja
Why to bypass them? What's the reason??
Ahh... OK. I can't open this.
Of cause I can open it but then they would block the entire system. That would make no sense.

At the moment it seems every county will pass access to my DNS.
I don't have any confirmation from Iran until now. If they would pass it that would be great.

Actually I'm working on a bypass for Provider based DNS lock. No clue if this will work because without any knowledge about there infrastructure it's just a try and error game.
Well, no big problem. I still can use magisk-dns + vpn when needed to access blocked web site.
I think, It's still better bypassing ads (no ads, tracking, spamming etc) then Bypass blocked websites, cmiiw.
Thx for reading my post ???
 
  • Like
Reactions: MrT69

MrT69

Senior Member
May 9, 2006
1,731
4,389
153
51
Königsbrunn
www.keweon.de
Well, no big problem. I still can use magisk-dns + vpn when needed to access blocked web site.
I think, It's still better bypassing ads (no ads, tracking, spamming etc) then Bypass blocked websites, cmiiw.
Thx for reading my post ???

I love this. Important is to remove all this ads crap.
If something is not working within a proper way than I do the best to support.

But Government restrictions is a hard pain. Anyway, good to know that you have a working solutions.