1 files changed, 34 insertions, 0 deletions
diff --git a/src/service/dns/dns.conf.in b/src/service/dns/dns.conf.in
new file mode 100644
index 000000000..39f260813
--- /dev/null
+++ b/src/service/dns/dns.conf.in
@@ -0,0 +1,34 @@
+[dns]
+START_ON_DEMAND = @START_ON_DEMAND@
+HOSTNAME = localhost
+BINARY = gnunet-service-dns
+UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-dns.sock
+@UNIXONLY@ PORT = 2122
+# Access to this service can compromise all DNS queries in this
+# system.  Thus access should be restricted to the same UID.
+# (see https://gnunet.org/gnunet-access-control-model)
+UNIX_MATCH_UID = YES
+UNIX_MATCH_GID = YES
+# As there is no sufficiently restrictive access control for TCP,
+# we never use it, even if @UNIXONLY@ is not set (just to be safe)
+@UNIXONLY@ PORT = 0
+# Name of the virtual interface we use to intercept DNS traffic.
+IFNAME = gnunet-dns
+# Use RFC 3849-style documentation IPv6 address (RFC 4773 might provide an alternative in the future)
+# FIXME: or just default to a site-local address scope as we do for VPN!?
+IPV6ADDR = 2001:DB8::1
+IPV6PREFIX = 126
+# Use RFC 3927-style link-local address
+IPV4ADDR = 169.254.1.1
+IPV4MASK = 255.255.0.0
+# Enable GNUnet-wide DNS-EXIT service by setting this value to the IP address (IPv4 or IPv6)
+# of a DNS resolver to use.  Only works if "PROVIDE_EXIT" is also set to YES.  Must absolutely
+# NOT be an address of any of GNUnet's virtual tunnel interfaces.  Use a well-known
+# public DNS resolver or your ISP's resolver from /etc/resolv.conf.
+DNS_EXIT = 8.8.8.8

diff --git a/src/service/dns/dns.conf.in b/src/service/dns/dns.conf.in new file mode 100644 index 000000000..39f260813 --- /dev/null +++ b/src/service/dns/dns.conf.in
@@ -0,0 +1,34 @@
	1	[dns]
	2	START_ON_DEMAND = @START_ON_DEMAND@
	3	HOSTNAME = localhost
	4	BINARY = gnunet-service-dns
	5	UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-dns.sock
	6	@UNIXONLY@ PORT = 2122
	7	# Access to this service can compromise all DNS queries in this
	8	# system. Thus access should be restricted to the same UID.
	9	# (see https://gnunet.org/gnunet-access-control-model)
	10	UNIX_MATCH_UID = YES
	11	UNIX_MATCH_GID = YES
	12
	13	# As there is no sufficiently restrictive access control for TCP,
	14	# we never use it, even if @UNIXONLY@ is not set (just to be safe)
	15	@UNIXONLY@ PORT = 0
	16
	17	# Name of the virtual interface we use to intercept DNS traffic.
	18	IFNAME = gnunet-dns
	19
	20	# Use RFC 3849-style documentation IPv6 address (RFC 4773 might provide an alternative in the future)
	21	# FIXME: or just default to a site-local address scope as we do for VPN!?
	22	IPV6ADDR = 2001:DB8::1
	23	IPV6PREFIX = 126
	24
	25	# Use RFC 3927-style link-local address
	26	IPV4ADDR = 169.254.1.1
	27	IPV4MASK = 255.255.0.0
	28
	29	# Enable GNUnet-wide DNS-EXIT service by setting this value to the IP address (IPv4 or IPv6)
	30	# of a DNS resolver to use. Only works if "PROVIDE_EXIT" is also set to YES. Must absolutely
	31	# NOT be an address of any of GNUnet's virtual tunnel interfaces. Use a well-known
	32	# public DNS resolver or your ISP's resolver from /etc/resolv.conf.
	33	DNS_EXIT = 8.8.8.8
	34