From e6e497dd719196a20a9d62b5f23e65bb12508109 Mon Sep 17 00:00:00 2001 From: quindecim Date: Fri, 6 Dec 2019 16:25:30 -0500 Subject: [PATCH] Synced with the main template --- config/example-dnscrypt-proxy.toml | 31 +++++++++++++++++++++++++++++ config/example-forwarding-rules.txt | 8 ++++++++ 2 files changed, 39 insertions(+) diff --git a/config/example-dnscrypt-proxy.toml b/config/example-dnscrypt-proxy.toml index 21313e0..f082e31 100644 --- a/config/example-dnscrypt-proxy.toml +++ b/config/example-dnscrypt-proxy.toml @@ -340,6 +340,37 @@ cache_neg_max_ttl = 600 +################################## +# Local DoH server # +################################## + +[local_doh] + +## dnscrypt-proxy can act as a local DoH server. By doing so, web browsers +## requiring a direct connection to a DoH server in order to enable some +## features will enable these, without bypassing your DNS proxy. + +## Addresses that the local DoH server should listen to + +# listen_addresses = ['127.0.0.1:3000'] + + +## Path of the DoH URL. This is not a file, but the part after the hostname +## in the URL. By convention, `/dns-query` is frequently chosen. +## For each `listen_address` the complete URL to access the server will be: +## `https://` (ex: `https://127.0.0.1/dns-query`) + +# path = "/dns-query" + + +## Certificate file and key - Note that the certificate has to be trusted. +## See the documentation (wiki) for more information. + +# cert_file = "localhost.pem" +# cert_key_file = "localhost.pem" + + + ############################### # Query logging # ############################### diff --git a/config/example-forwarding-rules.txt b/config/example-forwarding-rules.txt index 177321c..3faef29 100644 --- a/config/example-forwarding-rules.txt +++ b/config/example-forwarding-rules.txt @@ -10,5 +10,13 @@ ## In order to enable this feature, the "forwarding_rules" property needs to ## be set to this file name inside the main configuration file. +## Blocking IPv6 may prevent local devices from being discovered. +## If this happens, set `block_ipv6` to `false` in the main config file. + +## Forward *.lan and *.local to 192.168.1.1 +# lan 192.168.1.1 +# local 192.168.1.1 + ## Forward queries for example.com and *.example.com to 9.9.9.9 and 8.8.8.8 # example.com 9.9.9.9,8.8.8.8 +