server:
	# Debian ca-certificates location
	#tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
	# Fedora
	#tls-cert-bundle: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
	# Use system certificates no matter where they are
	tls-system-cert: yes
	# Quad9 says pointless performance impact on forwarders.
	# https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#disable-qname-minimization
	qname-minimisation: no

forward-zone:
	name: "."
	forward-tls-upstream: yes
	# Unfiltered
	#forward-addr: 194.242.2.2@853#dns.mullvad.net
	#forward-addr: 2a07:e340::2@853#dns.mullvad.net
	# Adblock and tracking protection
	#forward-addr: 194.242.2.3@853#adblock.dns.mullvad.net
	#forward-addr: 2a07:e340::3@853#adblock.dns.mullvad.net
	# Above + malware protection
	forward-addr: 194.242.2.4@853#base.dns.mullvad.net
	forward-addr: 2a07:e340::4@853#base.dns.mullvad.net
	# Above + social media blocking
	#forward-addr: 194.242.2.5@853#extended.dns.mullvad.net
	#forward-addr: 2a07:e340::5@853#extended.dns.mullvad.net
	# Blocking for ads, trackers, malware, adult, gambling
	#forward-addr: 194.242.2.6@853#family.dns.mullvad.net
	#forward-addr: 2a07:e340::6@853#family.dns.mullvad.net
	# Blocking all of the above
	#forward-addr: 194.242.2.9@853#all.dns.mullvad.net
	#forward-addr: 2a07:e340::9@853#all.dns.mullvad.net

# vim: filetype=unbound.conf