Commit 99524905 authored by Oliver Lowe's avatar Oliver Lowe

put router service config in revision control

parent 02011800
subnet 10.0.69.0 netmask 255.255.255.0 {
option routers 10.0.69.1;
option domain-name-servers 10.0.69.1;
range 10.0.69.100 10.0.69.254;
}
# pf.conf manages the OpenBSD pf(4) device, which acts as a firewall.
# The best introduction is the pf faq:
# https://www.openbsd.org/faq/pf
# And the example ruleset at:
# https://www.openbsd.org/faq/pf/example1.html
#
# see the pf.conf(5) man page for a technical reference:
# man pf.conf
# http://man.openbsd.org/pf.conf
dbif = "em1" # dolphinbox wired interface
# Drop all traffic which doesn't match a rule. Allow all outbound
# traffic.
block all
pass out quick
pass in on egress proto tcp from any to any port ssh
pass in on $dbif
# See the unbound.conf(5) man page:
# man unbound.conf
server:
interface: 10.0.69.1 # from dolphinbox network
interface: 127.0.0.1
interface: ::1
do-not-query-localhost: no
access-control: 10.0.69.0/24 allow
access-control: 127.0.0.0/8 allow
access-control: ::1 allow
hide-identity: yes
hide-version: yes
remote-control:
control-enable: yes
control-use-cert: no
control-interface: /var/run/unbound.sock
# Use an upstream forwarder (recursive resolver) for specific zones.
# addresses given below are public resolvers valid as of 2014/03.
forward-zone:
name: "." # use for ALL queries
forward-addr: 74.82.42.42 # he.net
forward-addr: 2001:470:20::2 # he.net v6
forward-addr: 8.8.8.8 # google.com
forward-addr: 2001:4860:4860::8888 # google.com v6
forward-addr: 208.67.222.222 # opendns.com
forward-first: yes # try direct if forwarder fails
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment