From c8dcba24a38db8856fa099b206b29d286fb08514 Mon Sep 17 00:00:00 2001 From: Mikaela Suomalainen Date: Thu, 20 Aug 2015 15:22:22 +0300 Subject: [PATCH] major cleaning --- etc/NetworkManager/NetworkManager.conf | 10 -- etc/apt/preferences.d/no-dnsmasq | 3 - etc/conf.d/dnscrypt-proxy | 7 -- etc/dhcp/dhcpd.conf | 111 ------------------ etc/gai.conf | 65 ---------- etc/network/interfaces | 41 ------- etc/nsswitch.conf | 4 - etc/pdnsd.conf | 38 ------ etc/resolvconf/resolv.conf.d/head | 5 - etc/resolvconf/resolv.conf.d/tail | 3 - etc/unbound/README.md | 1 - etc/unbound/arch/unbound.conf | 26 ---- etc/unbound/debian/unbound.conf.d/alone.conf | 21 ---- .../debian/unbound.conf.d/forwards.conf | 1 - 14 files changed, 336 deletions(-) delete mode 100644 etc/NetworkManager/NetworkManager.conf delete mode 100644 etc/apt/preferences.d/no-dnsmasq delete mode 100644 etc/conf.d/dnscrypt-proxy delete mode 100644 etc/dhcp/dhcpd.conf delete mode 100644 etc/gai.conf delete mode 100644 etc/network/interfaces delete mode 100644 etc/nsswitch.conf delete mode 100644 etc/pdnsd.conf delete mode 100644 etc/resolvconf/resolv.conf.d/head delete mode 100644 etc/resolvconf/resolv.conf.d/tail delete mode 100644 etc/unbound/README.md delete mode 100644 etc/unbound/arch/unbound.conf delete mode 100644 etc/unbound/debian/unbound.conf.d/alone.conf delete mode 120000 etc/unbound/debian/unbound.conf.d/forwards.conf diff --git a/etc/NetworkManager/NetworkManager.conf b/etc/NetworkManager/NetworkManager.conf deleted file mode 100644 index 57d3dbca..00000000 --- a/etc/NetworkManager/NetworkManager.conf +++ /dev/null @@ -1,10 +0,0 @@ -[main] -plugins=ifupdown,keyfile,ofono -#dns=dnsmasq - -[ifupdown] -managed=true - -## Disable NM for this MAC address -#[keyfile] -#unmanaged-devices=mac:XX:XX:XX:XX:XX:XX diff --git a/etc/apt/preferences.d/no-dnsmasq b/etc/apt/preferences.d/no-dnsmasq deleted file mode 100644 index f287dcc4..00000000 --- a/etc/apt/preferences.d/no-dnsmasq +++ /dev/null @@ -1,3 +0,0 @@ -Package: dnsmasq -Pin: release * -Pin-Priority: -1 diff --git a/etc/conf.d/dnscrypt-proxy b/etc/conf.d/dnscrypt-proxy deleted file mode 100644 index 978b3047..00000000 --- a/etc/conf.d/dnscrypt-proxy +++ /dev/null @@ -1,7 +0,0 @@ -DNSCRYPT_LOCALIP=127.0.0.2 -DNSCRYPT_LOCALPORT=53 -DNSCRYPT_USER=nobody -DNSCRYPT_PROVIDER_NAME=2.dnscrypt-cert.opendns.com -DNSCRYPT_PROVIDER_KEY=B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79 -DNSCRYPT_RESOLVERIP=208.67.220.220 -DNSCRYPT_RESOLVERPORT=443 diff --git a/etc/dhcp/dhcpd.conf b/etc/dhcp/dhcpd.conf deleted file mode 100644 index 515160b6..00000000 --- a/etc/dhcp/dhcpd.conf +++ /dev/null @@ -1,111 +0,0 @@ -# -# Sample configuration file for ISC dhcpd for Debian -# -# - -# The ddns-updates-style parameter controls whether or not the server will -# attempt to do a DNS update when a lease is confirmed. We default to the -# behavior of the version 2 packages ('none', since DHCP v2 didn't -# have support for DDNS.) -#ddns-update-style none; - -# option definitions common to all supported networks... -#option dhcp6.domain-name "mikaela.info"; -#option dhcp6.domain-name-servers 2001:4860:4860::8888, 2001:4860:4860::8844; -#option dhcp6.domain-search "mikaela.info"; - -option domain-name "example.org"; -option domain-name-servers 2001:4860:4860::8888, 2001:4860:4860::8844; -option domain-search "mikaela.info" -#default-lease-time 600; -#max-lease-time 7200; - -# If this DHCP server is the official DHCP server for the local -# network, the authoritative directive should be uncommented. -#authoritative; - -# Use this to send dhcp log messages to a different log file (you also -# have to hack syslog.conf to complete the redirection). -log-facility local7; - -# No service will be given on this subnet, but declaring it helps the -# DHCP server to understand the network topology. - -#subnet 10.152.187.0 netmask 255.255.255.0 { -#} - -# This is a very basic subnet declaration. - -#subnet 10.254.239.0 netmask 255.255.255.224 { -# range 10.254.239.10 10.254.239.20; -# option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org; -#} - -# This declaration allows BOOTP clients to get dynamic addresses, -# which we don't really recommend. - -#subnet 10.254.239.32 netmask 255.255.255.224 { -# range dynamic-bootp 10.254.239.40 10.254.239.60; -# option broadcast-address 10.254.239.31; -# option routers rtr-239-32-1.example.org; -#} - -# A slightly different configuration for an internal subnet. -#subnet 10.5.5.0 netmask 255.255.255.224 { -# range 10.5.5.26 10.5.5.30; -# option domain-name-servers ns1.internal.example.org; -# option domain-name "internal.example.org"; -# option routers 10.5.5.1; -# option broadcast-address 10.5.5.31; -# default-lease-time 600; -# max-lease-time 7200; -#} - -# Hosts which require special configuration options can be listed in -# host statements. If no address is specified, the address will be -# allocated dynamically (if possible), but the host-specific information -# will still come from the host declaration. - -#host passacaglia { -# hardware ethernet 0:0:c0:5d:bd:95; -# filename "vmunix.passacaglia"; -# server-name "toccata.fugue.com"; -#} - -# Fixed IP addresses can also be specified for hosts. These addresses -# should not also be listed as being available for dynamic assignment. -# Hosts for which fixed IP addresses have been specified can boot using -# BOOTP or DHCP. Hosts for which no fixed address is specified can only -# be booted with DHCP, unless there is an address range on the subnet -# to which a BOOTP client is connected which has the dynamic-bootp flag -# set. -#host fantasia { -# hardware ethernet 08:00:07:26:c0:a5; -# fixed-address fantasia.fugue.com; -#} - -# You can declare a class of clients and then do address allocation -# based on that. The example below shows a case where all clients -# in a certain class get addresses on the 10.17.224/24 subnet, and all -# other clients get addresses on the 10.0.29/24 subnet. - -#class "foo" { -# match if substring (option vendor-class-identifier, 0, 4) = "SUNW"; -#} - -#shared-network 224-29 { -# subnet 10.17.224.0 netmask 255.255.255.0 { -# option routers rtr-224.example.org; -# } -# subnet 10.0.29.0 netmask 255.255.255.0 { -# option routers rtr-29.example.org; -# } -# pool { -# allow members of "foo"; -# range 10.17.224.10 10.17.224.250; -# } -# pool { -# deny members of "foo"; -# range 10.0.29.10 10.0.29.230; -# } -#} diff --git a/etc/gai.conf b/etc/gai.conf deleted file mode 100644 index 6c0f06a1..00000000 --- a/etc/gai.conf +++ /dev/null @@ -1,65 +0,0 @@ -# Configuration for getaddrinfo(3). -# -# So far only configuration for the destination address sorting is needed. -# RFC 3484 governs the sorting. But the RFC also says that system -# administrators should be able to overwrite the defaults. This can be -# achieved here. -# -# All lines have an initial identifier specifying the option followed by -# up to two values. Information specified in this file replaces the -# default information. Complete absence of data of one kind causes the -# appropriate default information to be used. The supported commands include: -# -# reload -# If set to yes, each getaddrinfo(3) call will check whether this file -# changed and if necessary reload. This option should not really be -# used. There are possible runtime problems. The default is no. -# -# label -# Add another rule to the RFC 3484 label table. See section 2.1 in -# RFC 3484. The default is: -# -label ::1/128 0 -label ::/0 1 -label 2002::/16 2 -label ::/96 3 -label ::ffff:0:0/96 4 -label fec0::/10 5 -label fc00::/7 6 -#label 2001:0::/32 7 -# -# This default differs from the tables given in RFC 3484 by handling -# (now obsolete) site-local IPv6 addresses and Unique Local Addresses. -# The reason for this difference is that these addresses are never -# NATed while IPv4 site-local addresses most probably are. Given -# the precedence of IPv6 over IPv4 (see below) on machines having only -# site-local IPv4 and IPv6 addresses a lookup for a global address would -# see the IPv6 be preferred. The result is a long delay because the -# site-local IPv6 addresses cannot be used while the IPv4 address is -# (at least for the foreseeable future) NATed. We also treat Teredo -# tunnels special. -# -# precedence -# Add another rule to the RFC 3484 precedence table. See section 2.1 -# and 10.3 in RFC 3484. The default is: -# -#precedence ::1/128 50 -#precedence ::/0 40 -#precedence 2002::/16 30 -#precedence ::/96 20 -#precedence ::ffff:0:0/96 10 -# -# For sites which prefer IPv4 connections change the last line to -# -#precedence ::ffff:0:0/96 100 - -# -# scopev4 -# Add another rule to the RFC 6724 scope table for IPv4 addresses. -# By default the scope IDs described in section 3.2 in RFC 6724 are -# used. Changing these defaults should hardly ever be necessary. -# The defaults are equivalent to: -# -#scopev4 ::ffff:169.254.0.0/112 2 -#scopev4 ::ffff:127.0.0.0/104 2 -#scopev4 ::ffff:0.0.0.0/96 14 diff --git a/etc/network/interfaces b/etc/network/interfaces deleted file mode 100644 index 25a21915..00000000 --- a/etc/network/interfaces +++ /dev/null @@ -1,41 +0,0 @@ -# interfaces(5) file used by ifup(8) and ifdown(8) - -auto lo -iface lo inet loopback - -auto eth0 -allow-hotplug eth0 -iface eth0 inet static -address 172.16.1. -netmask 255.255.0.0 -gateway 172.16.0.1 -## dns-nameservers is provided by resolvconf so you can specify nameservers -## there. Remember to install dnsmasq to get over the limit of being able -## to use only three DNS servers at time! -dns-nameservers ::1 8.8.8.8 8.8.4.4 -dns-search DOMAIN.TLD - -iface eth0 inet6 auto - -## if radvd is announcing prefixes, IPs from them must be in this file -## see also https://www.sixxs.net/tools/grh/ula/ - -## radvd globally routable address -#iface eth0 inet6 static -#address RANGE::1 -#netmask 64 - -## radvd ULA -#iface eth0 inet6 static -#address RANGE::1 -#netmask64 - -## Manually adding IPv6 addresses: ip -6 addr add IPv6_ADDREsS/64 dev eth0 - -## REMEMBER TO CHANGE -## managed=false -## to -## managed=true -## in /etc/NetworkManager/NetworkManager.conf under "[ifupdown]" ! -## And restart it! -## service network-manager restart diff --git a/etc/nsswitch.conf b/etc/nsswitch.conf deleted file mode 100644 index 6ef6e3ba..00000000 --- a/etc/nsswitch.conf +++ /dev/null @@ -1,4 +0,0 @@ -# https://wiki.archlinux.org/index.php/Avahi#Hostname_resolution -# hosts: files dns myhostname -hosts: files mdns_minimal [NOTFOUND=return] dns myhostname - diff --git a/etc/pdnsd.conf b/etc/pdnsd.conf deleted file mode 100644 index be54f8bf..00000000 --- a/etc/pdnsd.conf +++ /dev/null @@ -1,38 +0,0 @@ -# https://wiki.archlinux.org/index.php?title=DNSCrypt&oldid=373568#Example:_configuration_for_pdnsd -global { - perm_cache=16384; - cache_dir="/var/cache/pdnsd"; - run_as="pdnsd"; - server_ip = 127.0.0.1; - status_ctl = on; - query_method=udp_tcp; - min_ttl=15m; # Retain cached entries at least 15 minutes. - max_ttl=1w; # One week. - timeout=10; # Global timeout option (10 seconds). - neg_domain_pol=on; - udpbufsize=1024; # Upper limit on the size of UDP messages. -} - -server { - label = "dnscrypt-proxy"; - ip = 127.0.0.2; - port = 53; - timeout = 4; - uptest = query; - interval = 15m; - proxy_only=on; -} - -source { - owner=localhost; - file="/etc/hosts"; -} - - -rr { - name=localhost; - reverse=on; - a=127.0.0.1; - owner=localhost; - soa=localhost,root.localhost,42,86400,900,86400,86400; -} diff --git a/etc/resolvconf/resolv.conf.d/head b/etc/resolvconf/resolv.conf.d/head deleted file mode 100644 index 1ca08b42..00000000 --- a/etc/resolvconf/resolv.conf.d/head +++ /dev/null @@ -1,5 +0,0 @@ -## Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) -## DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN - -## Local DNS cache (dnsmasq) -nameserver ::1 diff --git a/etc/resolvconf/resolv.conf.d/tail b/etc/resolvconf/resolv.conf.d/tail deleted file mode 100644 index 3bc7014e..00000000 --- a/etc/resolvconf/resolv.conf.d/tail +++ /dev/null @@ -1,3 +0,0 @@ -# According to manual page for resolv.conf, the last search/domain entry -# wins -search DOMAIN.TLD diff --git a/etc/unbound/README.md b/etc/unbound/README.md deleted file mode 100644 index dbe0c142..00000000 --- a/etc/unbound/README.md +++ /dev/null @@ -1 +0,0 @@ -This has been only tested with Pidora 2014 diff --git a/etc/unbound/arch/unbound.conf b/etc/unbound/arch/unbound.conf deleted file mode 100644 index 6e087e3d..00000000 --- a/etc/unbound/arch/unbound.conf +++ /dev/null @@ -1,26 +0,0 @@ -server: - use-syslog: yes - username: "unbound" - directory: "/etc/unbound" - trust-anchor-file: trusted-key.key - access-control: 127.0.0.0/8 allow - access-control: ::1 allow - -forward-zone: - name: "." - # Google - forward-addr: 2001:4860:4860::8888 - forward-addr: 2001:4860:4860::8844 - forward-addr: 8.8.8.8 - forward-addr: 8.8.4.4 - # censurfridns.dk - forward-addr: 2001:67c:28a4:: - forward-addr: 91.239.100.100 - # DNS.WATCH - forward-addr: 2001:1608:10:25::1c04:b12f - forward-addr: 2001:1608:10:25::9249:d69b - forward-addr: 84.200.69.80 - forward-addr: 84.200.70.40 - # puntCAT - forward-addr: 2a00:1508:0:4::9 - forward-addr: 109.69.8.51 diff --git a/etc/unbound/debian/unbound.conf.d/alone.conf b/etc/unbound/debian/unbound.conf.d/alone.conf deleted file mode 100644 index fbd9fa86..00000000 --- a/etc/unbound/debian/unbound.conf.d/alone.conf +++ /dev/null @@ -1,21 +0,0 @@ -# When there is no dnsmasq - -server: - # perform cryptographic DNSSEC validation using the root trust anchor. - # this should be in /etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf - auto-trust-anchor-file: "/var/lib/unbound/root.key" - #interface: 127.0.0.1 - access-control: 127.0.0.0/8 allow - #interface: ::1 - access-control: ::1 allow - port: 53 - # logging - chroot: "" - use-syslog: yes - log-time-ascii: yes - log-queries: yes - # 0 - 5, default 1, query information 3 - verbosity: 1 - # more cache memory, rrset=msg*2 - rrset-cache-size: 500m - msg-cache-size: 250m diff --git a/etc/unbound/debian/unbound.conf.d/forwards.conf b/etc/unbound/debian/unbound.conf.d/forwards.conf deleted file mode 120000 index 34d068ed..00000000 --- a/etc/unbound/debian/unbound.conf.d/forwards.conf +++ /dev/null @@ -1 +0,0 @@ -../../forwards.conf \ No newline at end of file