[Dnsmasq-discuss] disable wan ping from inside

Mayk Eskilla meskilla at outlook.com
Tue Oct 14 14:01:23 BST 2014


hello simon and dnsmasq list subscribers,

I use dnsmasq in my dd-wrt router firmware, and after setting it up to my best knowledge I observed the following:

*) ping requests to my WAN IP are unanswered when they originate from a WAN IP (expected behaviour)
*) ping requests to my WAN IP are resolved, when the originate from a LAN IP (that is rather odd)
*) browsing a connected dyn-DNS URL does connect me directly to the webinterface, even with remote access disabled. (rather confusing, as you are in fact resolved to the *internal* web interface, but it doesn't tell you that form reading the browser URL)

Can I tweak dnsmasq with additional config paramters in order to disable those features?

Attached are the dnsmasq configurations resulting out of dd-wrt gui setup:

cat /tmp/dnsmasq.conf
interface=br0
resolv-file=/tmp/resolv.dnsmasq
all-servers
domain=MYLANDOMAIN
dhcp-leasefile=/tmp/dnsmasq.leases
dhcp-lease-max=50
dhcp-option=lan,3,192.168.1.1
dhcp-range=lan,192.168.1.10,192.168.1.50,255.255.255.0,1440m
stop-dns-rebind

cat /tmp/dnsmasq.leases 
86400 <MAC1> 192.168.1.22 <HOSTNAME1> *
86400 <MAC2> 192.168.1.44 <HOSTNAME2> *

cat /tmp/resolv.dnsmasq 
nameserver <PROVIDER DNS IP 1>
nameserver <PROVIDER DNS IP 2>

Regards,

Mayk 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20141014/550ada73/attachment.html>


More information about the Dnsmasq-discuss mailing list