From 1bbffca294904b2db7942a22b4b5c6fe6e7313fc Mon Sep 17 00:00:00 2001 From: T3slider Date: Sun, 5 Oct 2014 23:38:01 +0700 Subject: network/dnscrypt-proxy: Updated for version 1.4.1. Signed-off-by: Willy Sudiarto Raharjo --- network/dnscrypt-proxy/named.conf | 153 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 153 insertions(+) create mode 100644 network/dnscrypt-proxy/named.conf (limited to 'network/dnscrypt-proxy/named.conf') diff --git a/network/dnscrypt-proxy/named.conf b/network/dnscrypt-proxy/named.conf new file mode 100644 index 0000000000..b416855f26 --- /dev/null +++ b/network/dnscrypt-proxy/named.conf @@ -0,0 +1,153 @@ +options { + directory "/var/named"; + /* + * If there is a firewall between you and nameservers you want + * to talk to, you might need to uncomment the query-source + * directive below. Previous versions of BIND always asked + * questions using port 53, but BIND 8.1 uses an unprivileged + * port by default. + */ + // query-source address * port 53; + forwarders { 127.0.0.1 port 55; }; + forward only; + dnssec-enable yes; + dnssec-validation auto; + dnssec-lookaside auto; + allow-transfer { "none"; }; + allow-query { 127.0.0.1; }; + listen-on { 127.0.0.1; }; +}; + +// +// a caching only nameserver config +// +zone "." IN { + type hint; + file "caching-example/named.root"; +}; + +zone "localhost" IN { + type master; + file "caching-example/localhost.zone"; + allow-update { none; }; +}; + +zone "0.0.127.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +// RFC 1918. These shouldn't be necessary but empty-zones-enable isn't +// working properly... +zone "10.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "16.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "17.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "18.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "19.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "20.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "21.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "22.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "23.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "24.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "25.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "26.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "27.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "28.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "29.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "30.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "31.172.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +zone "168.192.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; + +logging { + category edns-disabled { null; }; +}; -- cgit v1.2.3