5 CONFIG = $DEFAULTCONFIG
6 BINARY = gnunet-service-dns
7 UNIXPATH = /tmp/gnunet-service-dns.sock
9 # Access to this service can compromise all DNS queries in this
10 # system. Thus access should be restricted to the same UID.
11 # (see https://gnunet.org/gnunet-access-control-model)
15 # As there is no sufficiently restrictive access control for TCP,
16 # we never use it, even if @UNIXONLY@ is not set (just to be safe)
19 # This option should be set to YES to allow the DNS service to
20 # perform lookups against the locally configured DNS resolver.
21 # (set to "NO" if no normal ISP is locally available and thus
22 # requests for normal ".com"/".org"/etc. must be routed via
23 # the GNUnet VPN (the GNUNET PT daemon then needs to be configured
24 # to intercept and route DNS queries via mesh).
27 # Name of the virtual interface we use to intercept DNS traffic.
30 # Use RFC 3849-style documentation IPv6 address (RFC 4773 might provide an alternative in the future)
31 # FIXME: or just default to a site-local address scope as we do for VPN!?
32 IPV6ADDR = 2001:DB8::1
35 # Use RFC 3927-style link-local address
36 IPV4ADDR = 169.254.1.1
37 IPV4MASK = 255.255.0.0
39 # Enable GNUnet-wide DNS-EXIT service by setting this value to the IP address (IPv4 or IPv6)
40 # of a DNS resolver to use. Only works if "PROVIDE_EXIT" is also set to YES. Must absolutely
41 # NOT be an address of any of GNUnet's virtual tunnel interfaces. Use a well-known
42 # public DNS resolver or your ISP's resolver from /etc/resolv.conf.