mirror of
https://gitea.blesmrt.net/mikaela/shell-things.git
synced 2024-12-23 11:12:48 +01:00
unbound: replace forwards.conf with dns-over-tls.conf
Simultaneously rm puntcat, their DNS appears to be down at the moment and I didn't find their own homepage.
This commit is contained in:
parent
6ed44de3d1
commit
ffbbe9e522
39
etc/unbound/unbound.conf.d/dns-over-tls.conf
Normal file
39
etc/unbound/unbound.conf.d/dns-over-tls.conf
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
# cp of forwards.conf updated to DNS over TLS time with a lot took from
|
||||||
|
# https://www.ctrl.blog/entry/unbound-tls-forwarding.html
|
||||||
|
|
||||||
|
server:
|
||||||
|
# Debian ca-certificates location
|
||||||
|
tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
|
||||||
|
# ctrl.blog says this is the Fedora location
|
||||||
|
#tls-cert-bundle: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
|
||||||
|
|
||||||
|
# Forward queries to
|
||||||
|
forward-zone:
|
||||||
|
name: "."
|
||||||
|
forward-tls-upstream: yes
|
||||||
|
## Quad9 - warning: uncommenting others simultaneously will break
|
||||||
|
## malicious domain blocking.
|
||||||
|
forward-addr: 2620:fe::fe@853#dns.quad9.net
|
||||||
|
forward-addr: 9.9.9.9@853#dns.quad9.net
|
||||||
|
forward-addr: 2620:fe::9@853#dns.quad9.net
|
||||||
|
forward-addr: 149.112.112.112@853#dns.quad9.net
|
||||||
|
## Google - warning: for-profit business
|
||||||
|
#forward-addr: 2001:4860:4860::8888@853#dns.google
|
||||||
|
#forward-addr: 2001:4860:4860::8844@853#dns.google
|
||||||
|
#forward-addr: 8.8.8.8@853#dns.google
|
||||||
|
#forward-addr: 8.8.4.4@853#dns.google
|
||||||
|
## censurfridns.dk (Copenhagen?)
|
||||||
|
#forward-addr: 2001:67c:28a4::@853#anycast.censurfridns.dk
|
||||||
|
#forward-addr: 91.239.100.100@853#anycast.censurfridns.dk
|
||||||
|
## DNS.WATCH (German) - PROBLEM: NO DOT AS OF 2019-07-22 but in hope
|
||||||
|
## they will have it I am leaving these here.
|
||||||
|
#forward-addr: 2001:1608:10:25::1c04:b12f@853#resolver1.dns.watch
|
||||||
|
#forward-addr: 2001:1608:10:25::9249:d69b@853#resolver2.dns.watch
|
||||||
|
#forward-addr: 84.200.69.80@853#resolver1.dns.watch
|
||||||
|
#forward-addr: 84.200.70.40@853#resolver2.dns.watch
|
||||||
|
## Cloudflare DNS - didn't exist in 2015 for forwards.conf
|
||||||
|
## warning: for-profit business (and too big in my opinion)
|
||||||
|
#forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
|
||||||
|
#forward-addr: 1.1.1.1@853#cloudflare-dns.com
|
||||||
|
#forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
|
||||||
|
#forward-addr: 1.0.0.1@853#cloudflare-dns.com
|
@ -1,4 +1,4 @@
|
|||||||
# Forward queries to
|
# Legacy file, use dns-over-tls.conf instead!
|
||||||
forward-zone:
|
forward-zone:
|
||||||
name: "."
|
name: "."
|
||||||
# Trex DNS64/NAT64 <http://www.trex.fi/2011/dns64.html>
|
# Trex DNS64/NAT64 <http://www.trex.fi/2011/dns64.html>
|
||||||
@ -17,6 +17,3 @@ forward-zone:
|
|||||||
forward-addr: 2001:1608:10:25::9249:d69b
|
forward-addr: 2001:1608:10:25::9249:d69b
|
||||||
forward-addr: 84.200.69.80
|
forward-addr: 84.200.69.80
|
||||||
forward-addr: 84.200.70.40
|
forward-addr: 84.200.70.40
|
||||||
# puntCAT
|
|
||||||
forward-addr: 2a00:1508:0:4::9
|
|
||||||
forward-addr: 109.69.8.51
|
|
||||||
|
Loading…
Reference in New Issue
Block a user