summaryrefslogtreecommitdiff
path: root/network/dnscrypt-proxy/named.conf
diff options
context:
space:
mode:
Diffstat (limited to 'network/dnscrypt-proxy/named.conf')
-rw-r--r--network/dnscrypt-proxy/named.conf153
1 files changed, 153 insertions, 0 deletions
diff --git a/network/dnscrypt-proxy/named.conf b/network/dnscrypt-proxy/named.conf
new file mode 100644
index 0000000000..b416855f26
--- /dev/null
+++ b/network/dnscrypt-proxy/named.conf
@@ -0,0 +1,153 @@
+options {
+ directory "/var/named";
+ /*
+ * If there is a firewall between you and nameservers you want
+ * to talk to, you might need to uncomment the query-source
+ * directive below. Previous versions of BIND always asked
+ * questions using port 53, but BIND 8.1 uses an unprivileged
+ * port by default.
+ */
+ // query-source address * port 53;
+ forwarders { 127.0.0.1 port 55; };
+ forward only;
+ dnssec-enable yes;
+ dnssec-validation auto;
+ dnssec-lookaside auto;
+ allow-transfer { "none"; };
+ allow-query { 127.0.0.1; };
+ listen-on { 127.0.0.1; };
+};
+
+//
+// a caching only nameserver config
+//
+zone "." IN {
+ type hint;
+ file "caching-example/named.root";
+};
+
+zone "localhost" IN {
+ type master;
+ file "caching-example/localhost.zone";
+ allow-update { none; };
+};
+
+zone "0.0.127.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+// RFC 1918. These shouldn't be necessary but empty-zones-enable isn't
+// working properly...
+zone "10.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "16.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "17.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "18.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "19.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "20.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "21.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "22.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "23.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "24.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "25.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "26.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "27.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "28.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "29.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "30.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "31.172.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+zone "168.192.in-addr.arpa" IN {
+ type master;
+ file "caching-example/named.local";
+ allow-update { none; };
+};
+
+logging {
+ category edns-disabled { null; };
+};