--- /dev/null
+keep-in-foreground
+
+# "-" is stderr:
+log-facility=-
+
+# May also try log-queries=extra
+log-queries
+
+# No param = pidfile disabled:
+pid-file
+
+interface=lo
+listen-address=127.0.0.1
+bind-interfaces
+
+cache-size=999
+
+servers-file=/etc/dnsmasq_servers.conf
+
+# Don’t read /etc/resolv.conf and /etc/hosts:
+no-resolv
+#no-hosts
+
+# All reverse lookups for private IP ranges (ie 192.168.x.x, etc)
+# which are not found in /etc/hosts or the DHCP leases file are
+# answered with "no such domain" rather than being forwarded
+# upstream. The set of prefixes affected is the list given in
+# RFC6303.
+#bogus-priv
+
+#−T, --local-ttl=<time>
+# When replying with information from /etc/hosts or configuration
+# or the DHCP leases file dnsmasq by default sets the time-to-live
+# field to zero, meaning that the requester should not itself
+# cache the information. This is the correct thing to do in almost
+# all situations. This option allows a time-to-live (in seconds)
+# to be given for these replies. This will reduce the load on the
+# server at the expense of clients using stale data under some
+# circumstances.
+local-ttl=67
+
+#--dhcp-ttl=<time>
+# As for --local-ttl, but affects only replies with information
+# from DHCP leases. If both are given, --dhcp-ttl applies for DHCP
+# information, and --local-ttl for others. Setting this to zero
+# eliminates the effect of --local-ttl for DHCP.
+#
+#--neg-ttl=<time>
+# Negative replies from upstream servers normally contain time-to-
+# live information in SOA records which dnsmasq uses for caching.
+# If the replies from upstream servers omit this information, dns-
+# masq does not cache the reply. This option gives a default value
+# for time-to-live (in seconds) which dnsmasq uses to cache nega-
+# tive replies even in the absence of an SOA record.
+neg-ttl=67
+
+#--max-ttl=<time>
+# Set a maximum TTL value that will be handed out to clients. The
+# specified maximum TTL will be given to clients instead of the
+# true TTL value if it is lower. The true TTL value is however
+# kept in the cache to avoid flooding the upstream DNS servers.
+#
+#--max-cache-ttl=<time>
+# Set a maximum TTL value for entries in the cache.
+#
+#--min-cache-ttl=<time>
+# Extend short TTL values to the time given when caching them.
+# Note that artificially extending TTL values is in general a bad
+# idea, do not do it unless you have a good reason, and understand
+# what you are doing. Dnsmasq limits the value of this option to
+# one hour, unless recompiled.
+min-cache-ttl=67
+
+#--auth-ttl=<time>
+# Set the TTL value returned in answers from the authoritative
+# server.
--- /dev/null
+#!/bin/bash
+
+empty=true
+
+prio=0
+i=0; while test "${if[$i]}"; do
+ test x"${dns_prio[$i]}" != x"" \
+ && test "${dns_prio[$i]}" -gt "$prio" \
+ && prio="${dns_prio[$i]}"
+let i++; done
+
+i=0; while test "${if[$i]}"; do
+ if test "${dnsmasq[$i]}"; then
+ for d in ${dnsmasq[$i]}; do
+ echo "$d"
+ empty=false
+ done
+ let i++;
+ continue
+ fi
+ # This iface has no dnsmasq-extended config.
+ # Use simple DNS names instead, if those exist.
+ for d in ${dns[$i]}; do
+ p="${dns_prio[$i]}"
+ test x"$p" == x"" && p=0
+ test x"$p" == x"$prio" || continue
+ echo "server=$d"
+ empty=false
+ done
+ let i++;
+done
+
+# Use Google DNS servers if nothing else is configured
+$empty && echo "server=8.8.8.8"
+$empty && echo "server=8.8.4.4"
+
+# SIGHUP: make dnsmasq reload config
+sv h dnsmasq