# must be within the global IPv6 range of your system!)
IPV6ADDR = 2001:DB8::1
-# Prefix for our IPv6 subnet on the TUN interface.
+# Prefix for our IPv6 subnet on the TUN interface.
IPV6PREFIX = 64
# IPv4 address to use on our TUN interface (may need to be
# Netmask for the IPv4 subnet on the TUN interface.
IPV4MASK = 255.255.255.0
-# Regular expression matching IPv4 addresses in binary (32 values of 0 or 1)
-# format for which this system is willing to serve as an exit.
-EXIT_RANGE_IPV4_REGEX = (0|1)*
+# IPv4 networks to which we are allowed to exit.
+# The format is "(network[/netmask][:[!]SPORT-DPORT];)*"
+EXIT_RANGE_IPV4_POLICY = 0.0.0.0/0:!25;
-# Regular expression matching IPv4 addresses in binary (128 values of 0 or 1)
-# format for which this system is willing to serve as an exit.
-EXIT_RANGE_IPV6_REGEX = (0|1)*
+# IPv6 networks to which we are allowed to exit.
+# The format is "(network[/netmask][:[!]SPORT-DPORT];)*"
+EXIT_RANGE_IPV6_POLICY = ::/0:!25;
# Name of the (virtual) tunnel interface the exit daemon will manage
# Set this to YES to allow exiting this system via IPv6 to the Internet
EXIT_IPV6 = NO
+# This option should be set to YES to allow the DNS service to
+# perform lookups against the locally configured DNS resolver.
+# (set to "NO" if no normal ISP is locally available and thus
+# requests for normal ".com"/".org"/etc. must be routed via
+# the GNUnet VPN (the GNUNET PT daemon then needs to be configured
+# to intercept and route DNS queries via mesh).
+# Set this to YES to allow using this system for DNS queries.
+EXIT_DNS = NO
+
+# Set this to an IPv4 or IPv6 address of a DNS resolver to use for DNS queries
+DNS_RESOLVER = 8.8.8.8
+
# For IPv4-services offered by this peer, we need to at least enable IPv4
ENABLE_IPV4 = YES
projects / oweals / gnunet.git / blobdiff