Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
ignoramous 3 days ago

> How recently was this experience

The email I shared here? 27th Aug 2025.

> perhaps they'd appreciate your input

The folks who run F-Droid are very welcoming, no doubt. But the email asked us to direct queries to legal at f-droid.org, and for us, legal is something we have no time/energy/capability to pursue (unless there's explicit offer of help, viz. "window for response", that I am hearing only for the first-time and from this blog post).

> notability of your project (kudos and thanks)

Rethink DNS + Firewall? Barely at 10% of installs as the most popular project in the domain (NetGuard), but thanks! (:

3np 3 days ago | parent [-]

Cheers! 10% is nothing to scoff at!

...While I have your ear: IME ReThink DNS often runs into bootstrapping problems since 1) preconfigured DNS servers are referenced by hostname, not IP 2) I can't find a way to separately configure server address and TLS name (making it impossible to configure DoH/DoT servers via IP).

So users often run into "catch 22" where they need existing DNS to resolve their DNS server... When roaming it may work fine for a bit until the local cache drops it, and so on.

Allowing to separately configure TLS hostname for TLS-enabled protocols, and having a preseeded list of IPs for bundled provider endpoints, would mean ReThink DNS could work reliably even in absense of existing DNS.

cf tls_auth_name for stubby. https://dnsprivacy.org/dns_privacy_daemon_-_stubby/configuri...

ignoramous a day ago | parent [-]

> ReThink DNS often runs into bootstrapping problems

Rethink, the Android app, has a preset list of 5 bootstrap resolvers that you can choose from Configure -> Network -> Fallback DNS. If set to None or System (the default), Android-designated DNS upstream is used (or Quad9 plain DNS is used if it goes missing). You can also set Fallback DNS to Cloudflare (one.one.one.one), Google (dns.google), Quad9 (dns11.quad9.net), or Rethink (zero.rethinkdns.com). Unlike None / System, these use DoH.

> can't find a way to separately configure ... TLS name

You mean, send a different SNI? As in, for domain fronting? If so: https://github.com/celzero/firestack/issues/18

> having a preseeded list of IPs for bundled provider endpoints

This capability exists though we don't expose it via the UI. For instance, ALL preset DNS upstreams (DoH, DoT, ODoH, DNSCrypt), including Fallback DNS, that ship with Rethink, are seeded with IPs at compile time. Given bootstrap DNS (aka Fallback DNS) is already DoH + seeded, the "catch 22" scenario you outline shouldn't come to pass. If it has, then that's a bug we need to fix.