webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-17 06:23:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

unbound: Allow forcing to speak TLS to upstream servers only

Browse Source 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Michael Tremer
2019-11-04 12:04:48 +00:00
parent 372576e0ab
commit dea5f34914
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/initscripts/system/unbound
View File

@@ -16,6 +16,7 @@ INSECURE_ZONES=
USE_FORWARDERS=1
ENABLE_SAFE_SEARCH=off
FORCE_TCP=off
FORCE_TLS=off
# Cache any local zones for 60 seconds
LOCAL_TTL=60
@@ -184,8 +185,15 @@ write_forward_conf() {
(
config_header
# Force using TLS for upstream servers only
if [ "${FORCE_TLS}" = "on" ]; then
echo "# Force using TLS for upstream servers only"
echo "server:"
echo " tls-upstream: yes"
echo
# Force using TCP for upstream servers only
if [ "${FORCE_TCP}" = "on" ]; then
elif [ "${FORCE_TCP}" = "on" ]; then
echo "# Force using TCP for upstream servers only"
echo "server:"
echo " tcp-upstream: yes"