Dnsmasq listening on WAN port?
I'm not sure if I got the right service, but the DNS service is listening on the WAN interface.. and I would like to know why? It doesn't make any sense. Further, is there anything I can change to stop it listening on the WAN interface?
It binds to all interfaces.
With a proper set of firewall rules that's a moot point. You shouldn't allow traffic to hit the WAN IP on port 53 (or any other port not running a public service).
That said, you can set this manually using the Advanced Options box on the DNS Forwarder page.
That will force it to listen only on 192.168.1.1. Multiple listen-address lines can be used.
Aha that basically takes dnsmasq configuration options. Thanks!
Although the pertinent question still remains, why would you allow it to listen on the WAN by default?