2014-04-28 23:49:52 +00:00
|
|
|
# if you don't want dnsmasq on your system you
|
|
|
|
# can tell a localhost "unbound" DNS server to
|
|
|
|
# forward .onion requests into Tor.
|
2013-10-13 19:38:45 +00:00
|
|
|
#
|
2014-04-28 23:49:52 +00:00
|
|
|
# courtesy of tg of secushare.org
|
2013-10-13 19:38:45 +00:00
|
|
|
# see the unbound.conf(5) man page for more.
|
|
|
|
|
|
|
|
server:
|
|
|
|
# The following line will configure unbound to perform cryptographic
|
|
|
|
# DNSSEC validation using the root trust anchor.
|
|
|
|
auto-trust-anchor-file: "/var/lib/unbound/root.key"
|
|
|
|
do-not-query-localhost: no
|
|
|
|
harden-dnssec-stripped: no
|
|
|
|
private-domain: "onion"
|
|
|
|
|
|
|
|
forward-zone:
|
|
|
|
name: "onion"
|
|
|
|
forward-addr: 127.0.0.1@9053
|
|
|
|
forward-first: no
|