paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Unbound] Trust all addresses - do not expose Unbound!

master
André 2018-10-12 10:56:17 +02:00
parent ee5142557e
commit 3db6af5c90
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
data/conf/unbound/unbound.conf
View File

@ -8,20 +8,22 @@ server:
do-udp: yes do-udp: yes
do-tcp: yes do-tcp: yes
do-daemonize: no do-daemonize: no
access-control: 0.0.0.0/0 allow
access-control: 10.0.0.0/8 allow access-control: 10.0.0.0/8 allow
access-control: 172.16.0.0/12 allow access-control: 172.16.0.0/12 allow
access-control: 192.168.0.0/16 allow access-control: 192.168.0.0/16 allow
access-control: fc00::/7 allow access-control: fc00::/7 allow
access-control: fe80::/10 allow access-control: fe80::/10 allow
access-control: ::0/0 allow
directory: "/etc/unbound" directory: "/etc/unbound"
username: unbound username: unbound
auto-trust-anchor-file: trusted-key.key auto-trust-anchor-file: trusted-key.key
private-address: 10.0.0.0/8 #private-address: 10.0.0.0/8
private-address: 172.16.0.0/12 #private-address: 172.16.0.0/12
private-address: 192.168.0.0/16 #private-address: 192.168.0.0/16
private-address: 169.254.0.0/16 #private-address: 169.254.0.0/16
private-address: fc00::/7 #private-address: fc00::/7
private-address: fe80::/10 #private-address: fe80::/10
root-hints: "/etc/unbound/root.hints" root-hints: "/etc/unbound/root.hints"
hide-identity: yes hide-identity: yes
hide-version: yes hide-version: yes