From fd00dc985ab32f6aa5398dcd91e0c986c0d1a840 Mon Sep 17 00:00:00 2001
From: Minoplhy <kraneberru@disroot.org>
Date: Fri, 1 Jan 2021 19:14:50 +0700
Subject: [PATCH] Create kresd.conf

---
 configuration/kresd.conf | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 configuration/kresd.conf

diff --git a/configuration/kresd.conf b/configuration/kresd.conf
new file mode 100644
index 0000000..341d390
--- /dev/null
+++ b/configuration/kresd.conf
@@ -0,0 +1,25 @@
+-- SPDX-License-Identifier: CC0-1.0
+-- vim:syntax=lua:set ts=4 sw=4:
+-- Refer to manual: https://knot-resolver.readthedocs.org/en/stable/
+
+verbose(true)
+-- Network interface configuration
+net.listen('127.0.0.1', 5353, { kind = 'dns' })
+net.listen('::1', 5353, { kind = 'dns', freebind = true })
+
+-- Load useful modules
+modules = {
+	'hints > iterate',  -- Load /etc/hosts and allow custom root hints
+	'stats',            -- Track internal statistics
+	'predict',          -- Prefetch expiring/frequent records
+}
+
+-- Cache size
+cache.size = 100 * MB
+
+-- policy help : https://knot-resolver.readthedocs.io/en/stable/modules-policy.html
+-- This is Just a Blocklist
+policy.add(policy.rpz(policy.DENY, '/etc/knot-resolver/list/energized-ultimate.rpz',true))
+policy.add(policy.rpz(policy.DENY, '/etc/knot-resolver/list/denylist.rpz',true))
+policy.add(policy.rpz(policy.PASS, '/etc/knot-resolver/list/allowlist.rpz',true))
+policy.add(policy.all(policy.QTRACE))