shell-things/etc/unbound/unbound.conf.d/00-insecure-domains.conf

38 lines
1.0 KiB
Plaintext
Raw Normal View History

# Domains to be sent through plaintext DNS for getting hijacked by devices
# that tend to cause headache.
# Uses Google DNS, because I don't use it for anything else and don't plan
# to for the foreseeable future, so it is easier to spot from logs.
# Is it secure? Google likely also knows I have these devices on my network
# thanks to Android.
server:
# Quad9 says pointless performance impact on forwarders.
# https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#disable-qname-minimization
qname-minimisation: no
forward-zone:
2023-02-21 18:08:54 +01:00
name: "mywifiext.net"
forward-tls-upstream: no
forward-addr: 8.8.8.8
forward-zone:
2023-02-21 18:08:54 +01:00
name: "tplinkrepeater.net"
forward-tls-upstream: no
forward-addr: 8.8.8.8
forward-zone:
name: "router.asus.com"
forward-tls-upstream: no
forward-addr: 8.8.8.8
forward-zone:
name: "norwegianwifi.com"
forward-tls-upstream: no
forward-addr: 8.8.8.8
# Can I refer to subdomain as a zone?
forward-zone:
2023-02-21 18:08:54 +01:00
name: "http.badssl.com"
forward-tls-upstream: no
forward-addr: 8.8.8.8