[Dnsmasq-discuss] dnsmaq on OpenWRT, configuration question

Art Greenberg art at artg.tv
Sun Jul 28 15:52:02 BST 2019


On Sun, Jul 28, 2019, at 10:41, Kevin Darbyshire-Bryant wrote:

> dnsmasq won’t be intercepting requests, it will answer requests that 
> are sent to it.  It doesn’t snoop on the wire looking for requests to 
> hijack.

So, how does DNS on my network work then? All of the machines on my network are configured via DHCP to go to the router at 192.168.2.1:53 for DNS requests. Doesn't dnsmasq see those requests, and forward on the ones it cannot answer locally to the configured servers?

> That sort of behaviour can be configured with firewall rules, ie. 
> redirect any packets sent to port 53 on this host to another host/port 
> combination.  Indeed adblock itself has this exact option to do so, 
> it’s called 'option adb_forcedns’.  It would be worth checking this is 
> set to ‘0’.

I'm not using AdBlock. Instead, I have specified the addn-hosts option in dnsmasq and those files contain blocked servers with an IP address of 0.0.0.0.
 
> Also it would be worth checking on the router that something else 
> hasn’t done this sort of redirection.

Yes. I'm new to iptables et. al. so its becoming quite the learning opportunity.
 
> adblock implements it with the following rules:

There should be no AdBlock related rules in my firewall as I'm not using it, but I'll be looking at what is there.
 
> Cheers,
> 
> Kevin D-B

-- 
Art Greenberg
art at artg.tv




More information about the Dnsmasq-discuss mailing list