dnsmasq.conf
· 3.8 KiB · Text
Bruto
bogus-priv # Block fake private IP responses
no-resolv # Ignore /etc/resolv.conf for upstream DNS
dns-forward-max=150 # Limit parallel DNS queries to 150
clear-on-reload # Clear cache when dnsmasq reloads
domain-needed # Ignore queries without a domain name
no-negcache # Do not cache negative (non-existent) DNS responses
no-poll # Do not poll /etc/resolv.conf for changes
strict-order # Use upstream DNS servers in the order they are listed
# AdGuard DNS 封鎖廣告和追蹤器。
# server=94.140.14.14 # AdGuard DNS (primary) - Standard DNS with no filtering
# server=94.140.15.15 # AdGuard DNS (secondary) - Standard DNS with no filtering
# AdGuard DNS 封鎖廣告、追蹤器、成人內容,並在可能的情況下啟用安全搜尋和安全模式。
# server=94.140.14.15 # AdGuard DNS (primary) - Filters ads and trackers
# server=94.140.15.16 # AdGuard DNS (secondary) - Filters ads and trackers
# server=1.0.0.1 # Cloudflare DNS (secondary)
# server=1.1.1.1 # Cloudflare DNS (primary)
server=8.8.8.8 # Use Google DNS as an upstream server
server=168.95.1.1 # Use Hinet DNS as an upstream server
server=8.8.4.4 # Use Google DNS as an upstream server
listen-address=127.0.0.1,192.168.88.1 # Listen on localhost and the specific network interface
# cache-size=1000 # Set DNS cache size to 1000 entries
cache-size=5000 # Cache up to 5000 DNS entries for high traffic
all-servers # Forward DNS queries to all upstream servers
log-queries # Log all DNS queries
log-dhcp # Log all DHCP requests and responses
# log-facility=/var/log/dnsmasq.log # Save logs to /var/log/dnsmasq.log
log-facility=/dev/null # Disable logging by sending logs to /dev/null
dhcp-range=192.168.88.100,192.168.88.200,24h # DHCP range with a 24-hour lease
dhcp-option=1,255.255.255.0 # Subnet mask: 255.255.255.0
dhcp-option=3,192.168.88.1 # Default gateway: 192.168.88.1
dhcp-option=6,192.168.88.1 # DNS server: 192.168.88.1
dhcp-option=15,local # DNS domain name: local
dhcp-lease-max=151 # Maximum number of DHCP leases: 151
dhcp-leasefile=/var/lib/misc/dnsmasq.leases # File to store DHCP lease information
dhcp-host=00:0c:29:aa:bb:cc,192.168.88.10,infinite # Static IP for Application Server
dhcp-host=00:0c:29:dd:ee:ff,192.168.88.11,infinite # Static IP for Version Control Server
dhcp-host=00:0c:29:11:22:33,192.168.88.12,infinite # Static IP for Database Server
dhcp-host=00:0c:29:44:55:66,192.168.88.13,infinite # Static IP for Web Proxy
address=/example.com/192.168.88.10 # Route all requests for example.com to 192.168.88.10
address=/test.local/127.0.0.1 # Map test.local to localhost
address=/ads.example.com/0.0.0.0 # Block ads.example.com by pointing to an invalid IP
address=/#/192.168.88.1 # Redirect all unknown domains to 192.168.88.1
txt-record=example.com,"v=spf1 include:_spf.google.com ~all"
txt-record=_acme-challenge.example.com,"abcdef1234567890"
txt-record=test.local,"Test TXT Record for Internal Use"
host-record=example.com,192.168.88.10 # Map example.com to 192.168.88.10
host-record=server.local,192.168.88.20,192.168.88.30 # Map server.local to two IPs for load balancing
host-record=test.local,fe80::1 # Map test.local to IPv6 address fe80::1
srv-host=_sip._udp.example.com,sipserver.example.com,5060,10,60
srv-host=_sip._udp.example.com,backup.example.com,5060,20,30
srv-host=_ldap._tcp.example.com,ldap.example.com,389,5,50
srv-host=_xmpp._tcp.example.com,xmppserver.local,5222,10,100
| 1 | bogus-priv # Block fake private IP responses |
| 2 | no-resolv # Ignore /etc/resolv.conf for upstream DNS |
| 3 | dns-forward-max=150 # Limit parallel DNS queries to 150 |
| 4 | clear-on-reload # Clear cache when dnsmasq reloads |
| 5 | domain-needed # Ignore queries without a domain name |
| 6 | no-negcache # Do not cache negative (non-existent) DNS responses |
| 7 | no-poll # Do not poll /etc/resolv.conf for changes |
| 8 | strict-order # Use upstream DNS servers in the order they are listed |
| 9 | |
| 10 | # AdGuard DNS 封鎖廣告和追蹤器。 |
| 11 | # server=94.140.14.14 # AdGuard DNS (primary) - Standard DNS with no filtering |
| 12 | # server=94.140.15.15 # AdGuard DNS (secondary) - Standard DNS with no filtering |
| 13 | |
| 14 | # AdGuard DNS 封鎖廣告、追蹤器、成人內容,並在可能的情況下啟用安全搜尋和安全模式。 |
| 15 | # server=94.140.14.15 # AdGuard DNS (primary) - Filters ads and trackers |
| 16 | # server=94.140.15.16 # AdGuard DNS (secondary) - Filters ads and trackers |
| 17 | |
| 18 | # server=1.0.0.1 # Cloudflare DNS (secondary) |
| 19 | # server=1.1.1.1 # Cloudflare DNS (primary) |
| 20 | |
| 21 | server=8.8.8.8 # Use Google DNS as an upstream server |
| 22 | server=168.95.1.1 # Use Hinet DNS as an upstream server |
| 23 | server=8.8.4.4 # Use Google DNS as an upstream server |
| 24 | |
| 25 | listen-address=127.0.0.1,192.168.88.1 # Listen on localhost and the specific network interface |
| 26 | # cache-size=1000 # Set DNS cache size to 1000 entries |
| 27 | cache-size=5000 # Cache up to 5000 DNS entries for high traffic |
| 28 | all-servers # Forward DNS queries to all upstream servers |
| 29 | |
| 30 | log-queries # Log all DNS queries |
| 31 | log-dhcp # Log all DHCP requests and responses |
| 32 | # log-facility=/var/log/dnsmasq.log # Save logs to /var/log/dnsmasq.log |
| 33 | log-facility=/dev/null # Disable logging by sending logs to /dev/null |
| 34 | |
| 35 | dhcp-range=192.168.88.100,192.168.88.200,24h # DHCP range with a 24-hour lease |
| 36 | dhcp-option=1,255.255.255.0 # Subnet mask: 255.255.255.0 |
| 37 | dhcp-option=3,192.168.88.1 # Default gateway: 192.168.88.1 |
| 38 | dhcp-option=6,192.168.88.1 # DNS server: 192.168.88.1 |
| 39 | dhcp-option=15,local # DNS domain name: local |
| 40 | dhcp-lease-max=151 # Maximum number of DHCP leases: 151 |
| 41 | dhcp-leasefile=/var/lib/misc/dnsmasq.leases # File to store DHCP lease information |
| 42 | |
| 43 | dhcp-host=00:0c:29:aa:bb:cc,192.168.88.10,infinite # Static IP for Application Server |
| 44 | dhcp-host=00:0c:29:dd:ee:ff,192.168.88.11,infinite # Static IP for Version Control Server |
| 45 | dhcp-host=00:0c:29:11:22:33,192.168.88.12,infinite # Static IP for Database Server |
| 46 | dhcp-host=00:0c:29:44:55:66,192.168.88.13,infinite # Static IP for Web Proxy |
| 47 | |
| 48 | address=/example.com/192.168.88.10 # Route all requests for example.com to 192.168.88.10 |
| 49 | address=/test.local/127.0.0.1 # Map test.local to localhost |
| 50 | address=/ads.example.com/0.0.0.0 # Block ads.example.com by pointing to an invalid IP |
| 51 | address=/#/192.168.88.1 # Redirect all unknown domains to 192.168.88.1 |
| 52 | |
| 53 | txt-record=example.com,"v=spf1 include:_spf.google.com ~all" |
| 54 | txt-record=_acme-challenge.example.com,"abcdef1234567890" |
| 55 | txt-record=test.local,"Test TXT Record for Internal Use" |
| 56 | |
| 57 | host-record=example.com,192.168.88.10 # Map example.com to 192.168.88.10 |
| 58 | host-record=server.local,192.168.88.20,192.168.88.30 # Map server.local to two IPs for load balancing |
| 59 | host-record=test.local,fe80::1 # Map test.local to IPv6 address fe80::1 |
| 60 | |
| 61 | srv-host=_sip._udp.example.com,sipserver.example.com,5060,10,60 |
| 62 | srv-host=_sip._udp.example.com,backup.example.com,5060,20,30 |
| 63 | srv-host=_ldap._tcp.example.com,ldap.example.com,389,5,50 |
| 64 | srv-host=_xmpp._tcp.example.com,xmppserver.local,5222,10,100 |
| 65 |