# Lines with a '#' at the beginning are comments ignored by Deadwood's
# text file parser.

# If you wish to use this program to cache from other recursive servers
# instead of doing its own recursion, uncomment the following lines
#
# Please note that each upstream_servers entry takes up space in Deadwood's
# cache and that maximum_cache_elements will need to be increased to store
# a large number of these entries.
#upstream_servers = {}
#upstream_servers["."]="8.8.8.8, 8.8.4.4" # Servers we connect to

# It is also possible to use other root servers or to blacklist
# a phising website.  However, to do this, root_servers needs to be
# defined.  For example, to blacklist the domain "phish.example.com":
#root_servers = {}
# ICANN DNS root servers (Deadwood default if both root_servers and 
# upstream_servers are not defined)
#root_servers["."]="198.41.0.4, 199.9.14.201, 192.33.4.12, 199.7.91.13,"
#root_servers["."]+="192.203.230.10, 192.5.5.241, 192.112.36.4, "
#root_servers["."]+="198.97.190.53, 192.36.148.17, 192.58.128.30, "
#root_servers["."]+="193.0.14.129, 199.7.83.42, 202.12.27.33"
#root_servers["phish.example.com."]="10.254.254.254"
# Please note that each root_servers entry takes up space in Deadwood's
# cache and that maximum_cache_elements will need to be increased to store
# a large number of these entries.

# The IP this program has 
bind_address="127.0.0.1"

# The IPs allowed to connect and use the cache
recursive_acl = "127.0.0.1/16"

# The file containing a hard-to-guess secret
random_seed_file = "secret.txt" 

# This is the file Deadwood uses to read the cache to and from disk
cache_file = "dw_cache_bin"

# This is a list of IPs that, if we get them in a DNS reply, we convert
# the reply in to a "not there" answer.  
#ip_blacklist = "10.222.33.44, 10.222.3.55"

# By default, for security reasons, Deadwood does not allow IPs in the
# 192.168.x.x, 172.[16-31].x.x, 10.x.x.x, 127.x.x.x, 169.254.x.x,
# 224.x.x.x, or 0.0.x.x range.  If using Deadwood to resolve names
# on an internal network, uncomment the following line:
#filter_rfc1918 = 0

# We can have given names resolve to bogus IPv4 addresses.  Here, we
# have the name "maradns.foo" resolve to "10.10.10.10" and "kabah.foo"
# resolve to "10.11.11.11", regardless of what real values these DNS
# records may have.  Note that a given name can only resolve to a
# single IP, and that the records have a fixed TTL of 30 seconds.
ip4 = {}
ip4["maradns.foo."] = "10.10.10.10"
ip4["kabah.foo."] = "10.11.11.11"

# We can also use a similar syntax to have bogus IPv6 addresses.
# We don't use standard notation for IPv6 addresses.  Instead, we
# we use 32-character hex addresses (case insensitive); to make
# it easier to count long strings of "0"s, the "_" acts like a 0
ip6 = {}
ip6["maradns.foo."] = "fd4d617261444e530000000000001234"
ip6["kabah.foo."] = "FD4D617261444E53__00__00__002345"