shell-things/etc/dnsmasq.d/mikaela
2014-12-27 12:28:03 +02:00

45 lines
1.3 KiB
Plaintext

## This file is for my own configuration that I wish to not get
## accidentally overwritten by package upgrades. This is based on Debian
## Testing (Jessie) dnsmasq.conf on 2014-12-23 08:50+0200
# Send everything to unbound listening on port 5353
no-resolv
server=127.0.0.1#2000 # unbound
# Be better netizen
# Never forward plain names (without a dot or domain part)
domain-needed
# Never forward addresses in the non-routed address spaces.
bogus-priv
# DNSSEC validation and caching:
conf-file=/usr/share/dnsmasq-base/trust-anchors.conf
dnssec
# Check that unsigned reply is OK (takes extra queries)
dnssec-check-unsigned
# Larger cache (default is 150)
cache-size=99999
# Debugging, log all DNS queries
#log-queries
# Filter useless Windows-originated requests
# don't use with Kerberos, SIP, XMPP or Google Talk
#filterwin2k
# Enable dnsmasq's built-in TFTP server
#enable-tftp
# Set the root directory for files available via FTP.
#tftp-root=/var/ftpd
# Make the TFTP server more secure: with this set, only files owned by
# the user dnsmasq is running as will be send over the net.
#tftp-secure
# This option stops dnsmasq from negotiating a larger blocksize for TFTP
# transfers. It will slow things down, but may rescue some broken TFTP
# clients.
#tftp-no-blocksize