Not at the moment; to achieve this, you typically put it behind something like dnsproxy [1][2].
I have done this on my router, along with a couple firewall rules to prevent plaintext DNS queries leaking out of the WAN port. dnsmasq is configured to talk to dnsproxy, and dnsproxy is configured to use DNS over TLS with 1.1.1.1 [3]
dc396|6 months ago
aaronmdjones|6 months ago
I have done this on my router, along with a couple firewall rules to prevent plaintext DNS queries leaking out of the WAN port. dnsmasq is configured to talk to dnsproxy, and dnsproxy is configured to use DNS over TLS with 1.1.1.1 [3]
[1] https://github.com/AdguardTeam/dnsproxy
[2] https://openwrt.org/docs/guide-user/services/dns/dot_dnsmasq...
[3] https://news.ycombinator.com/item?id=44429118