diff options
author | davidovski <david@davidovski.xyz> | 2022-06-27 23:09:07 +0100 |
---|---|---|
committer | davidovski <david@davidovski.xyz> | 2022-06-27 23:09:07 +0100 |
commit | f6332a43c35387c4a2dea1746be5fd092890ae0e (patch) | |
tree | d6599f63de04096f3fc21a98e0b3bb39d55a3531 /repo/dnsmasq/dnsmasq.conf.patch | |
parent | f13e0cac13f90f7f57bce3b26b2e6383de6e4ad2 (diff) |
added lf and iptables
Diffstat (limited to 'repo/dnsmasq/dnsmasq.conf.patch')
-rw-r--r-- | repo/dnsmasq/dnsmasq.conf.patch | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/repo/dnsmasq/dnsmasq.conf.patch b/repo/dnsmasq/dnsmasq.conf.patch new file mode 100644 index 0000000..e3d7df4 --- /dev/null +++ b/repo/dnsmasq/dnsmasq.conf.patch @@ -0,0 +1,38 @@ +--- a/dnsmasq.conf.example ++++ b/dnsmasq.conf.example +@@ -21,8 +21,8 @@ + #bogus-priv + + # Uncomment these to enable DNSSEC validation and caching: +-# (Requires dnsmasq to be built with DNSSEC option.) +-#conf-file=%%PREFIX%%/share/dnsmasq/trust-anchors.conf ++# (Requires dnsmasq-dnssec package to be installed) ++#conf-file=/usr/share/dnsmasq/trust-anchors.conf + #dnssec + + # Replies which are not DNSSEC signed may be legitimate, because the domain +@@ -96,9 +96,13 @@ + + # If you want dnsmasq to change uid and gid to something other + # than the default, edit the following lines. +-#user= +-#group= ++#user=dnsmasq ++#group=dnsmasq + ++# Serve DNS and DHCP only to networks directly connected to this machine. ++# Any interface= line will override it. ++local-service ++ + # If you want dnsmasq to listen for DHCP and DNS requests only on + # specified interfaces (and the loopback) give the name of the + # interface (eg eth0) here. +@@ -671,7 +675,7 @@ + #conf-dir=/etc/dnsmasq.d,.bak + + # Include all files in a directory which end in .conf +-#conf-dir=/etc/dnsmasq.d/,*.conf ++conf-dir=/etc/dnsmasq.d/,*.conf + + # If a DHCP client claims that its name is "wpad", ignore that. + # This fixes a security hole. see CERT Vulnerability VU#598349 |