X-Git-Url: https://git.cyclocoop.org/?a=blobdiff_plain;ds=sidebyside;f=etc%2Funbound%2Funbound.conf;fp=etc%2Funbound%2Funbound.conf;h=1498f5921acac275d87569bf8fe8679efc56d15a;hb=750477542776680c76994067340fcbea31f8b118;hp=0000000000000000000000000000000000000000;hpb=a34a5ff2b077d249462b1626b706d8dc21347f5a;p=lhc%2Fateliers.git

diff --git a/etc/unbound/unbound.conf b/etc/unbound/unbound.conf
new file mode 100644
index 0000000..1498f59
--- /dev/null
+++ b/etc/unbound/unbound.conf
@@ -0,0 +1,106 @@
+server:
+	access-control: 0.0.0.0/0 deny
+	access-control: 127.0.0.0/8 allow_snoop
+	#access-control: ::0/0 refuse
+	#access-control: ::1 allow
+	#access-control: ::ffff:127.0.0.1 allow
+	#add-holddown: 2592000 # 30 days
+	auto-trust-anchor-file: "/var/lib/unbound/root.key"
+	#cache-max-ttl: 86400
+	#cache-min-ttl: 0
+	chroot: ""
+	#del-holddown: 2592000 # 30 days
+	directory: "/etc/unbound"
+	#dlv-anchor-file: "dlv.isc.org.key"
+	#do-daemonize: yes
+	do-ip4: yes
+	do-ip6: no
+	#do-not-query-address: 127.0.0.1/8
+	#do-not-query-address: ::1
+	#do-not-query-localhost: yes
+	do-tcp: yes
+	do-udp: yes
+	#domain-insecure: ""
+	#edns-buffer-size: 4096
+	#extended-statistics: no
+	#harden-dnssec-stripped: yes
+	#harden-glue: yes
+	#harden-large-queries: no
+	#harden-referral-path: no
+	#harden-short-bufsize: no
+	hide-identity: yes
+	hide-version: yes
+	identity: ""
+	#incoming-num-tcp: 10
+	#infra-cache-lame-size: 10k
+	infra-cache-numhosts: 10000
+	#infra-cache-slabs: 4
+	#infra-host-ttl: 900
+	#infra-lame-ttl: 900
+	#interface-automatic: no
+	interface: 127.0.0.1
+	#jostle-timeout: 200
+	#keep-missing: 31622400 # 366 days
+	#key-cache-size: 4m
+	#key-cache-slabs: 4
+	#log-time-ascii: no
+	#logfile: ""
+	module-config: "iterator"
+	#msg-buffer-size: 65552
+	msg-cache-size: 4m
+	#msg-cache-slabs: 4
+	#neg-cache-size: 1m
+	#num-queries-per-thread: 1024
+	#num-threads: 1
+	outgoing-interface: OUTGOING_INTERFACE
+	#outgoing-num-tcp: 10
+	outgoing-port-avoid: "3200-3208"
+	#outgoing-port-permit: 32768
+	#outgoing-range: 4096
+	#pidfile: "/run/unbound.pid"
+	port: 53
+	#prefetch-key: no
+	#prefetch: no
+	#private-address: 10.0.0.0/8
+	#private-address: 172.16.0.0/12
+	#private-address: 192.168.0.0/16
+	#private-address: 192.254.0.0/16
+	#private-address: fd00::/8
+	#private-address: fe80::/10
+	#private-domain: "example.com"
+	root-hints: "named.cache"
+	rrset-cache-size: 4m
+	#rrset-cache-slabs: 4
+	#so-rcvbuf: 0
+	#statistics-cumulative: no
+	#statistics-interval: 0
+	#target-fetch-policy: "3 2 1 0 0"
+	#trust-anchor-file: ""
+	#trust-anchor: "jelte.nlnetlabs.nl. DS 42860 5 1 14D739EB566D2B1A5E216A0BA4D17FA9B038BE4A"
+	#trust-anchor: "nlnetlabs.nl. DNSKEY 257 3 5 AQPzzTWMz8qSWIQlfRnPckx2BiVmkVN6LPupO3mbz7FhLSnm26n6iG9N Lby97Ji453aWZY3M5/xJBSOS2vWtco2t8C0+xeO1bc/d6ZTy32DHchpW 6rDH1vp86Ll+ha0tmwyy9QP7y2bVw5zSbFCrefk8qCUBgfHm9bHzMG1U BYtEIQ=="
+	#trusted-keys-file: ""
+	#unwanted-reply-threshold: 10000000
+	#use-caps-for-id: no
+	use-syslog: yes
+	username: "unbound"
+	val-bogus-ttl: 60
+	#val-clean-additional: yes
+	#val-log-level: 1
+	#val-nsec3-keysize-iterations: "1024 150 2048 500 4096 2500"
+	#val-override-date: ""
+	#val-permissive-mode: no
+	#val-sig-skew-max: 86400
+	#val-sig-skew-min: 3600
+	verbosity: 1
+	version: ""
+python:
+	#python-script: "/etc/unbound/ubmodule-tst.py"
+remote-control:
+	control-cert-file: "/etc/unbound/unbound_control.pem"
+	control-enable: yes
+	control-interface: 127.0.0.1
+	#control-interface: ::1
+	control-key-file:  "/etc/unbound/unbound_control.key"
+	control-port: 9953
+	server-cert-file:  "/etc/unbound/unbound_server.pem"
+	server-key-file:   "/etc/unbound/unbound_server.key"