From 6ba2cd38949660836c13e7dc2db004935a877ff3 Mon Sep 17 00:00:00 2001
From: Nathan Woodburn <github@nathan.woodburn.au>
Date: Sat, 16 Dec 2023 16:20:03 +1100
Subject: [PATCH] feat: Add info on providers to readme

---
 README.md          | 11 ++++++++-
 content/index.html | 14 ++++++------
 upstream.sh        | 56 ++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 73 insertions(+), 8 deletions(-)
 create mode 100755 upstream.sh

diff --git a/README.md b/README.md
index 4aca5be..f383811 100644
--- a/README.md
+++ b/README.md
@@ -18,8 +18,17 @@ Then setup your favourite reverse proxy to the container on port 80
 
 ## Nodes
 Load balancing to the following DNS-over-HTTPS providers:
+| Provider         | URL                                      | DoH JSON | DoH Wire | DoT | DNS |
+| ---------------- | ---------------------------------------- | -------- | -------- | --- | --- |
+| Nathan.Woodburn/ | https://doh.hnshosting.au/dns-query      | Yes      | Yes      | Yes | Yes |
+| EasyHandshake    | https://easyhandshake.com:8053/dns-query | Yes      | Yes      | No  | No  |
+| HNS DNS          | https://doh.hnsdns.com/dns-query         | Yes      | Yes      | No  | Yes |
+| HNS NS           | https://hnsns.net/dns-query              | Yes      | Yes      | No  | No  |
+| Impervious       | https://hs.dnssec.dev/dns-query          | No       | Yes      | Yes | No  | 
+
+
 - https://doh.hnshosting.au/dns-query
 - https://easyhandshake.com:8053/dns-query
 - https://doh.hnsdns.com/dns-query
-- https://hs.dnssec.dev/dns-query (Temporarily down)
+- https://hs.dnssec.dev/dns-query (Currently not enabled)
 - https://hnsns.net/dns-query
\ No newline at end of file
diff --git a/content/index.html b/content/index.html
index b25d626..9f65e9e 100644
--- a/content/index.html
+++ b/content/index.html
@@ -60,13 +60,13 @@
         <div>
             <h1 class="text-center" style="margin-bottom: 50px;">HNS DoH</h1>
             <h2 class="text-center" style="margin-bottom: 50px;">Welcome to HNS DoH, your gateway to Handshake domains.</h2>
-            <p>As the digital landscape continues to evolve, traditional Domain Name System (DNS) protocols face increasing vulnerabilities. In response to these challenges, we proudly present a revolutionary solution that combines the security of DNS over HTTPS with the decentralized and censorship-resistant nature of Handshake domains. Our service empowers you to navigate the internet with confidence, ensuring that your online presence is shielded from prying eyes and potential threats.<br><br>Harness the power of Handshake domains, a decentralized naming protocol built on blockchain technology, and elevate your internet experience to new heights. [Service Name] not only prioritizes privacy but also embraces the principles of openness and resilience, placing control back into the hands of users like never before.<br><br>Join us on a journey towards a safer, more private internet, where your Handshake domains seamlessly integrate with the robust security provided by DNS over HTTPS. Welcome to a future where privacy is not just a feature but a fundamental right.</p>
+            <p>Introducing our cutting-edge DNS over HTTPS (DoH) service, a revolutionary approach to secure and efficient internet communication. In a digital landscape where privacy and reliability are paramount, our service stands out by integrating multiple upstream providers, guaranteeing high availability.<br>By strategically harnessing the strengths of diverse DNS providers, we ensure that your online activities remain both private and swift. Say hello to a new era of accessing Handshake domains.</p>
             <h1 style="margin-top: 50px;">Upstream DNS provided by</h1>
             <ul class="list-group">
                 <li class="list-group-item"><span>Nathan.Woodburn/</span></li>
-                <li class="list-group-item"><span>easyhandshake.com/</span></li>
-                <li class="list-group-item"><span>hnsdns.com/</span></li>
-                <li class="list-group-item"><span>hnsns.net/</span></li>
+                <li class="list-group-item"><span>EasyHandshake</span></li>
+                <li class="list-group-item"><span>HNS DNS</span></li>
+                <li class="list-group-item"><span>HNS NS</span></li>
             </ul>
         </div>
     </section>
@@ -76,19 +76,19 @@
             <li class="list-group-item">
                 <div>
                     <h5 class="display-5">DNS over HTTPS</h5>
-                    <p>For DNS over HTTPS you should use either<br>- https://hnsdoh.com<br>- https://hnsdoh.com/dns-query</p>
+                    <p>For DNS over HTTPS you should use either<br>- https://hnsdoh.com/dns-query<br>(Some devices require the format https://hnsdoh.com)</p>
                 </div>
             </li>
             <li class="list-group-item">
                 <div>
                     <h5 class="display-5">DNS over TLS</h5>
-                    <p>For DNS over TLS you can use a lower&nbsp;availability server below<br>- doh.hnshosting.au (Powered by Woodburn)</p>
+                    <p>For DNS over TLS you can use a lower&nbsp;availability server below<br>- doh.hnshosting.au (Powered by Nathan.Woodburn/)<br>- hs.dnssec.dev (Powered by Impervious)</p>
                 </div>
             </li>
             <li class="list-group-item">
                 <div>
                     <h5 class="display-5">Plain DNS</h5>
-                    <p>As a last resort you can use any of plain DNS below<br>- 194.50.5.26 (powered by Woodburn)<br>- 194.50.5.27 (powered by Woodburn)<br>- 194.50.5.28 (powered by Woodburn)<br>-&nbsp;139.144.68.241 (powered by HNSDNS)<br>- 139.144.68.242 (powered by HNSDNS)<br>- 2a01:7e01:e002:c300:: (powered by HNSDNS)<br>- 2a01:7e01:e002:c500:: (powered by HNSDNS)</p>
+                    <p>As a last resort you can use any of plain DNS below<br>- 194.50.5.26 (powered by Nathan.Woodburn/)<br>- 194.50.5.27 (powered by Nathan.Woodburn/)<br>- 194.50.5.28 (powered by Nathan.Woodburn/)<br>-&nbsp;139.144.68.241 (powered by HNS DNS)<br>- 139.144.68.242 (powered by HNS DNS)<br>- 2a01:7e01:e002:c300:: (powered by HNS DNS)<br>- 2a01:7e01:e002:c500:: (powered by HNS DNS)</p>
                 </div>
             </li>
         </ul>
diff --git a/upstream.sh b/upstream.sh
new file mode 100755
index 0000000..b21d3bb
--- /dev/null
+++ b/upstream.sh
@@ -0,0 +1,56 @@
+#!/bin/bash
+
+# This script is used to test an upstream server.
+
+
+# Also can test with
+# So test using https://dohjs.org/
+# Get name of server from command line
+SERVER=$1
+
+# Test Domains
+TXTDOMAIN="test.apihns"
+HTTPDOMAIN="nathan.woodburn"
+
+# Test DNS over HTTPS via GET request
+GetStandard=$(curl --silent -H 'accept: application/dns-json' 'https://'$SERVER'/dns-query?name='$TXTDOMAIN'&type=TXT')
+# Verify that the response is not empty and has an answer of TXT with content "Test"
+test=$(jq -e '.Answer[] | select(.type == 16)' <<< $GetStandard)
+if [ $test ]; then
+    echo "DNS over HTTPS GET plain request test passed with content:"
+    echo $test | jq .
+else
+    echo "DNS over HTTPS GET plain request test failed"
+fi
+
+
+# Test using curl
+curltest=$(curl --silent --doh-url https://$SERVER/dns-query http://$HTTPDOMAIN)
+# Verify that the response is not empty and has text "Nathan.Woodburn/"
+if [[ $curltest == *"Nathan.Woodburn/"* ]]; then
+    echo "DNS over HTTPS curl test passed"
+else
+    echo "DNS over HTTPS curl test failed"
+fi
+
+# Test DoT
+# Get the IP address of the server
+IP=$(dig +short $SERVER)
+# Test using kdig
+kdigtest=$(kdig +tls-ca +tls-host=$SERVER $TXTDOMAIN @$IP TXT)
+# Verify that the response is not empty and has text "Test"
+if [[ $kdigtest == *"Test"* ]]; then
+    echo "DNS over TLS kdig test passed"
+else
+    echo "DNS over TLS kdig test failed"
+fi
+
+# Plain DNS
+# Test using dig
+digtest=$(dig $TXTDOMAIN @$SERVER TXT)
+# Verify that the response is not empty and has text "Test"
+if [[ $digtest == *"Test"* ]]; then
+    echo "Plain DNS dig test passed"
+else
+    echo "Plain DNS dig test failed"
+fi
\ No newline at end of file