RedXen/dns-docker
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add host port exposure for IP passthrough instead of overlay IP

Browse Source
This commit is contained in:
caskd 2020-03-09 17:56:58 +01:00
parent 76fe7241af
commit d3e5f962fe
No known key found for this signature in database
GPG Key ID: 79DB21404E300A27
2 changed files with 18 additions and 2 deletions

4
build/unbound.conf
View File

@ -18,6 +18,10 @@ server:
cache-min-ttl: 60 cache-min-ttl: 60
cache-max-ttl: 960 cache-max-ttl: 960
harden-glue: yes harden-glue: yes
remote-control:
control-enable: yes
control-use-cert: no
control-interface: 0.0.0.0
forward-zone: forward-zone:
name: "." name: "."
forward-tls-upstream: yes forward-tls-upstream: yes

16
dns.yml
View File

@ -7,6 +7,10 @@ x-logging: &json-log
max-file: '5' max-file: '5'
networks: networks:
tig_monitoring:
external: true
#host:
# external: true
backend: backend:
driver: overlay driver: overlay
attachable: true attachable: true
@ -29,7 +33,15 @@ services:
volumes: volumes:
- "/etc/hosts:/etc/hosts:ro" - "/etc/hosts:/etc/hosts:ro"
ports: ports:
- "53:5353/tcp" - target: 5353
- "53:5353/udp" # Potentially vulnerable without any ratelimits, see https://www.us-cert.gov/ncas/alerts/TA14-017A published: 53
protocol: tcp
mode: host
- target: 5353
published: 53
protocol: udp # Potentially vulnerable without any ratelimits, see https://www.us-cert.gov/ncas/alerts/TA14-017A
mode: host
networks: networks:
#- host
- backend - backend
- tig_monitoring