wisicn/dnsmasq.conf

## dnsmasq.conf
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# General Configure
#Don't read /etc/resolv.conf. Get upstream servers only from the command line or the dnsmasq configuration file.
no-resolv
#Don't poll /etc/resolv.conf for changes.
no-poll
#upstream server is  google
server=8.8.8.8
server=8.8.4.4
#CN TLD is 114.114.114.114
server=/cn/114.114.114.114
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#fake private FQDN to forward to private DNS
server=/google.com/1.2.3.4
server=/www.google.com/2.3.4.5
#fake A record, will be useful if you need setup vhost
address=/0.docs.google.com/5.6.7.8
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#Advanced DNS

#Bogus private reverse lookups. All reverse lookups for private IP ranges (ie 192.168.x.x, etc) which are not found in
#/etc/hosts or the DHCP leases file are answered with "no such domain" rather than being forwarded upstream.
bogus-priv

#The filterwin2k option makes dnsmasq ignore certain DNS requests which are made by Windows boxen every few minutes. The #requests generally don't get sensible answers in the global DNS and cause trouble by triggering dial-on-demand internet #links.
filterwin2k

# Never forward plain names
domain-needed

# Don't forward request for this domain, if you want to use dnsmasq to work as local dns server for a fake FQDN in LAN
local=/example.com/
domain=example.com

#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# listen on eth0 for both DHCP and DNS service
# interface=eth0
# if you want to have VPN access to have DHCP and DNS working,
# it's better to listen on IP address instead of network interface
listen-address=192.168.1.1

#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#dhcp server
dhcp-range=192.168.68.50,192.168.68.150,24h
#tag 3 is for default route
dhcp-option=3,192.168.68.1
dhcp-boot=pxelinux.0

#(IPv4 only) Should be set when dnsmasq is definitely the only DHCP server on a network. It changes the behaviour from #strict RFC compliance so that DHCP requests on unknown leases from unknown hosts are not ignored. This allows new hosts #to get a lease without a tedious timeout under all circumstances. It also allows dnsmasq to rebuild its lease database #without each client needing to reacquire a lease, if the database is lost.
dhcp-authoritative
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#tftp server
enable-tftp
tftp-root=/var/lib/tftpboot
	#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
	# General Configure
	#Don't read /etc/resolv.conf. Get upstream servers only from the command line or the dnsmasq configuration file.
	no-resolv
	#Don't poll /etc/resolv.conf for changes.
	no-poll
	#upstream server is google
	server=8.8.8.8
	server=8.8.4.4
	#CN TLD is 114.114.114.114
	server=/cn/114.114.114.114
	#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
	#fake private FQDN to forward to private DNS
	server=/google.com/1.2.3.4
	server=/www.google.com/2.3.4.5
	#fake A record, will be useful if you need setup vhost
	address=/0.docs.google.com/5.6.7.8
	#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
	#Advanced DNS

	#Bogus private reverse lookups. All reverse lookups for private IP ranges (ie 192.168.x.x, etc) which are not found in
	#/etc/hosts or the DHCP leases file are answered with "no such domain" rather than being forwarded upstream.
	bogus-priv

	#The filterwin2k option makes dnsmasq ignore certain DNS requests which are made by Windows boxen every few minutes. The #requests generally don't get sensible answers in the global DNS and cause trouble by triggering dial-on-demand internet #links.
	filterwin2k

	# Never forward plain names
	domain-needed

	# Don't forward request for this domain, if you want to use dnsmasq to work as local dns server for a fake FQDN in LAN
	local=/example.com/
	domain=example.com

	#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
	# listen on eth0 for both DHCP and DNS service
	# interface=eth0
	# if you want to have VPN access to have DHCP and DNS working,
	# it's better to listen on IP address instead of network interface
	listen-address=192.168.1.1

	#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
	#dhcp server
	dhcp-range=192.168.68.50,192.168.68.150,24h
	#tag 3 is for default route
	dhcp-option=3,192.168.68.1
	dhcp-boot=pxelinux.0

	#(IPv4 only) Should be set when dnsmasq is definitely the only DHCP server on a network. It changes the behaviour from #strict RFC compliance so that DHCP requests on unknown leases from unknown hosts are not ignored. This allows new hosts #to get a lease without a tedious timeout under all circumstances. It also allows dnsmasq to rebuild its lease database #without each client needing to reacquire a lease, if the database is lost.
	dhcp-authoritative
	#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
	#tftp server
	enable-tftp
	tftp-root=/var/lib/tftpboot