dnsmasq: do not forward rfc6761 excluded domains
RFC 6761 defines a number of top level domains should not be forwarded
to the Internet's domain servers since they are not responsible for
those domains.
This change adds a list of domains that will be blocked when 'boguspriv'
is used and augments that which is already blocked by dnsmasq's notion
of 'local service' using '--bogus-priv' i.e. RFC 1918 private addresses
and IPv6 prefixes as defined in RFC 6303.
To make this configurable rather than hard coded in dnsmasq's init
script, a new file /usr/share/dnsmasq/rfc6761.conf is conditionally
included.
The default file matches the RFC 6761 recommendation along with a few
other top level domains that should not be forwarded to the Internet.
Compile & run tested Archer C7 v2
Signed-off-by: 
Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Showing
- package/network/services/dnsmasq/Makefile 2 additions, 0 deletionspackage/network/services/dnsmasq/Makefile
- package/network/services/dnsmasq/files/dnsmasq.init 7 additions, 2 deletionspackage/network/services/dnsmasq/files/dnsmasq.init
- package/network/services/dnsmasq/files/rfc6761.conf 15 additions, 0 deletionspackage/network/services/dnsmasq/files/rfc6761.conf
Loading
Please register or sign in to comment