Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dnsmasq listening on WAN port?

    DHCP and DNS
    2
    3
    2.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yaxattax
      last edited by

      I'm not sure if I got the right service, but the DNS service is listening on the WAN interface.. and I would like to know why? It doesn't make any sense. Further, is there anything I can change to stop it listening on the WAN interface?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        It binds to all interfaces.

        With a proper set of firewall rules that's a moot point. You shouldn't allow traffic to hit the WAN IP on port 53 (or any other port not running a public service).

        That said, you can set this manually using the Advanced Options box on the DNS Forwarder page.

        listen-address=192.168.1.1
bind-interfaces

        That will force it to listen only on 192.168.1.1. Multiple listen-address lines can be used.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • Y
          yaxattax
          last edited by

          Aha that basically takes dnsmasq configuration options. Thanks!

          Although the pertinent question still remains, why would you allow it to listen on the WAN by default?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.