aboutsummaryrefslogtreecommitdiffstats
path: root/main/dnsmasq/dnsmasq.conf.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/dnsmasq/dnsmasq.conf.patch')
-rw-r--r--main/dnsmasq/dnsmasq.conf.patch38
1 files changed, 38 insertions, 0 deletions
diff --git a/main/dnsmasq/dnsmasq.conf.patch b/main/dnsmasq/dnsmasq.conf.patch
new file mode 100644
index 00000000000..e3d7df42adf
--- /dev/null
+++ b/main/dnsmasq/dnsmasq.conf.patch
@@ -0,0 +1,38 @@
+--- a/dnsmasq.conf.example
++++ b/dnsmasq.conf.example
+@@ -21,8 +21,8 @@
+ #bogus-priv
+
+ # Uncomment these to enable DNSSEC validation and caching:
+-# (Requires dnsmasq to be built with DNSSEC option.)
+-#conf-file=%%PREFIX%%/share/dnsmasq/trust-anchors.conf
++# (Requires dnsmasq-dnssec package to be installed)
++#conf-file=/usr/share/dnsmasq/trust-anchors.conf
+ #dnssec
+
+ # Replies which are not DNSSEC signed may be legitimate, because the domain
+@@ -96,9 +96,13 @@
+
+ # If you want dnsmasq to change uid and gid to something other
+ # than the default, edit the following lines.
+-#user=
+-#group=
++#user=dnsmasq
++#group=dnsmasq
+
++# Serve DNS and DHCP only to networks directly connected to this machine.
++# Any interface= line will override it.
++local-service
++
+ # If you want dnsmasq to listen for DHCP and DNS requests only on
+ # specified interfaces (and the loopback) give the name of the
+ # interface (eg eth0) here.
+@@ -671,7 +675,7 @@
+ #conf-dir=/etc/dnsmasq.d,.bak
+
+ # Include all files in a directory which end in .conf
+-#conf-dir=/etc/dnsmasq.d/,*.conf
++conf-dir=/etc/dnsmasq.d/,*.conf
+
+ # If a DHCP client claims that its name is "wpad", ignore that.
+ # This fixes a security hole. see CERT Vulnerability VU#598349
generated by cgit v1.2.3 (git 2.41.0) at 2024-04-20 04:06:27 +0000