diff options
Diffstat (limited to 'src/service/dns/dns.conf.in')
-rw-r--r-- | src/service/dns/dns.conf.in | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/src/service/dns/dns.conf.in b/src/service/dns/dns.conf.in new file mode 100644 index 000000000..39f260813 --- /dev/null +++ b/src/service/dns/dns.conf.in | |||
@@ -0,0 +1,34 @@ | |||
1 | [dns] | ||
2 | START_ON_DEMAND = @START_ON_DEMAND@ | ||
3 | HOSTNAME = localhost | ||
4 | BINARY = gnunet-service-dns | ||
5 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-dns.sock | ||
6 | @UNIXONLY@ PORT = 2122 | ||
7 | # Access to this service can compromise all DNS queries in this | ||
8 | # system. Thus access should be restricted to the same UID. | ||
9 | # (see https://gnunet.org/gnunet-access-control-model) | ||
10 | UNIX_MATCH_UID = YES | ||
11 | UNIX_MATCH_GID = YES | ||
12 | |||
13 | # As there is no sufficiently restrictive access control for TCP, | ||
14 | # we never use it, even if @UNIXONLY@ is not set (just to be safe) | ||
15 | @UNIXONLY@ PORT = 0 | ||
16 | |||
17 | # Name of the virtual interface we use to intercept DNS traffic. | ||
18 | IFNAME = gnunet-dns | ||
19 | |||
20 | # Use RFC 3849-style documentation IPv6 address (RFC 4773 might provide an alternative in the future) | ||
21 | # FIXME: or just default to a site-local address scope as we do for VPN!? | ||
22 | IPV6ADDR = 2001:DB8::1 | ||
23 | IPV6PREFIX = 126 | ||
24 | |||
25 | # Use RFC 3927-style link-local address | ||
26 | IPV4ADDR = 169.254.1.1 | ||
27 | IPV4MASK = 255.255.0.0 | ||
28 | |||
29 | # Enable GNUnet-wide DNS-EXIT service by setting this value to the IP address (IPv4 or IPv6) | ||
30 | # of a DNS resolver to use. Only works if "PROVIDE_EXIT" is also set to YES. Must absolutely | ||
31 | # NOT be an address of any of GNUnet's virtual tunnel interfaces. Use a well-known | ||
32 | # public DNS resolver or your ISP's resolver from /etc/resolv.conf. | ||
33 | DNS_EXIT = 8.8.8.8 | ||
34 | |||