# filter what we send upstream domain-needed bogus-priv filterwin2k # allow /etc/hosts and dhcp lookups via *.lan local=/lan/ domain=lan # no dhcp / dns queries from the wan except-interface=vlan1 # enable dhcp (start,end,netmask,leasetime) #dhcp-authoritative dhcp-range=$dhcp_start,$dhcp_end,$dhcp_netmask,12h dhcp-leasefile=/tmp/dhcp.leases # use /etc/ethers for static hosts; same format as --dhcp-host # [] read-ethers # other useful options: # default route(s): dhcp-option=3,192.168.1.1,192.168.1.2 # dns server(s): dhcp-option=6,192.168.1.1,192.168.1.2