flxn
commented
5 years ago Will look into this. Do you use such a solution on your own exit node? Could you provide a link to more information about this?
Open acl1704 opened 5 years ago
flxn
commented
5 years ago Will look into this. Do you use such a solution on your own exit node? Could you provide a link to more information about this?
ghost
commented
5 years ago @flxn https://trac.torproject.org/projects/tor/wiki/TorRelayGuide
Debian:
apt install unbound -y
# Allow the modification of the file
chattr -i /etc/resolv.conf
# Disable previous DNS servers
sed -i "s|nameserver|#nameserver|" /etc/resolv.conf
sed -i "s|search|#search|" /etc/resolv.conf
# Set localhost as the DNS resolver
echo "nameserver 127.0.0.1" >> /etc/resolv.conf
# Disallow the modification to prevent the file from being overwritten by the system.
# Use -i to enable modifications
chattr +i /etc/resolv.conf
Potentially add an option for exit relays to also install Unbound or other local DNS resolver in lieu of ISP or public resolvers.
Adding local DNS would be an option for mitigating https://github.com/flxn/tor-relay-configurator/issues/1