diff options
Diffstat (limited to 'network/dnscrypt-proxy/dnscrypt-proxy.default')
-rw-r--r-- | network/dnscrypt-proxy/dnscrypt-proxy.default | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/network/dnscrypt-proxy/dnscrypt-proxy.default b/network/dnscrypt-proxy/dnscrypt-proxy.default new file mode 100644 index 0000000000..b1b70406be --- /dev/null +++ b/network/dnscrypt-proxy/dnscrypt-proxy.default @@ -0,0 +1,72 @@ +# /etc/default/dnscrypt-proxy + +# This file contains the configuration settings for dnscrypt-proxy. This file +# supports configuring and running multiple instances (see the bottom of this +# file for a sample secondary configuration). + +# CHROOTDIR should be the same path as the USER's home directory. +# For the standard dnscrypt user this should be "/run/dnscrypt". For nobody, +# this should be "/". +CHROOTDIR[0]="/run/dnscrypt" +#CHROOTDIR[0]="/" + +# The local address and (optional) port to listen on. The default port is 53. +LOCALADDRESS[0]="127.0.0.1:53" + +# The pid file for this instance. PIDFILE must always be specified for each +# instance! +PIDFILE[0]="/var/run/dnscrypt-proxy/dnscrypt-proxy-0.pid" + +# Runs the daemon as the following user and chroots to that user's home +# directory (this is a security feature -- it is best not to change this!) +USER[0]="dnscrypt" +#USER[0]="nobody" + +# If RESOLVERNAME is set, then RESOLVERADDRESS, PROVIDERNAME, and +# PROVIDERKEY will be ignored. RESOLVERNAME should be the name of a resolver +# from RESOLVERSLIST (the first column). +RESOLVERNAME[0]="opendns" + +# Specify the location of the resolver list, used if RESOLVERNAME is set. +RESOLVERSLIST[0]="/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv" + +# If RESOLVERNAME is unset, RESOLVERADDRESS, PROVIDERNAME and PROVIDERKEY are +# the settings of the remote DNSCrypt provider. +#RESOLVERADDRESS[0]="208.67.220.220:443" +#PROVIDERNAME[0]="2.dnscrypt-cert.opendns.com" +#PROVIDERKEY[0]="B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79" + +# Transparently add an OPT pseudo-RR to outgoing queries in order to enable +# the EDNS0 extension mechanism. The payload size is the size of the largest +# response we accept from the resolver before retrying over TCP. This feature +# is enabled by default, with a payload size of 1252 bytes. Any value below +# 512 disables it. +#EDNSPAYLOADSIZE[0]="1252" + +# Set the maximum number of simultaneous active requests (default 250). +#MAXACTIVEREQUESTS[0]="250" + +# Use TCP instead of UDP. This is slower than UDP, and this workaround should +# never be used except when bypassing a filter is actually required. Moreover, +# multiple queries over a single TCP connection aren't supported yet. +# Don't use this unless you have to. Defaults to off ("no"). +#TCPONLY[0]="no" + +# Load the following plugins. None are loaded by default. See +# /usr/doc/dnscrypt-proxy-@VERSION@/README-PLUGINS.markdown for more +# information. +#PLUGINS[0]="libdcplugin_example,--ips=/etc/blk-ips,--domains=/etc/blk-names \ +#libdcplugin_example_logging,/var/log/dns.log" + +# Where and what to log. The default LOGLEVEL is LOG_INFO. +#LOGLEVEL[0]="LOG_INFO" +LOGFILE[0]="/var/log/dnscrypt-proxy/dnscrypt-proxy.log" + +# A simple example configuration for a second instance +#CHROOTDIR[1]="/run/dnscrypt" +#LOCALADDRESS[1]="127.0.0.2:53" +#PIDFILE[1]="/var/run/dnscrypt-proxy/dnscrypt-proxy-1.pid" +#USER[1]="dnscrypt" +#RESOLVERNAME[1]="cloudns-can" +#RESOLVERSLIST[1]="/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv" +#LOGFILE[1]="/var/log/dnscrypt-proxy/dnscrypt-proxy-1.log" |