## This file is for my own configuration that I wish to not get ## accidentally overwritten by package upgrades. This is based on Debian ## Testing (Jessie) dnsmasq.conf on 2014-12-23 08:50+0200 # Send everything to unbound listening on port 5353 no-resolv server=127.0.0.1#2000 # unbound # Be better netizen # Never forward plain names (without a dot or domain part) domain-needed # Never forward addresses in the non-routed address spaces. bogus-priv # DNSSEC validation and caching: conf-file=/usr/share/dnsmasq-base/trust-anchors.conf dnssec # Check that unsigned reply is OK (takes extra queries) dnssec-check-unsigned # Debugging, log all DNS queries #log-queries # Filter useless Windows-originated requests # don't use with Kerberos, SIP, XMPP or Google Talk #filterwin2k # Enable dnsmasq's built-in TFTP server #enable-tftp # Set the root directory for files available via FTP. #tftp-root=/var/ftpd # Make the TFTP server more secure: with this set, only files owned by # the user dnsmasq is running as will be send over the net. #tftp-secure # This option stops dnsmasq from negotiating a larger blocksize for TFTP # transfers. It will slow things down, but may rescue some broken TFTP # clients. #tftp-no-blocksize