I know that dnsmasq likes to do it's ip filtering in the user-space, but I'd rather be able to specify ip's for it to bind to, that show up in netstat. Maybe I'm just a little anal about that stuff, but it just doesn't look right to me :) (Yahp, I've even added iptables rules in my never ending effort to be crazy ^.~)
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2007q2/001322.html Shows some options to get the dns server part binding to an ip via the kernel. The dhcp server will still look like it's listening on all ip's (as will the dns forwarder; and possibly tftp server?). $ netstat -anlpA inet <snip> udp 0 0 127.0.0.1:53 0.0.0.0:* 30768/dnsmasq udp 0 0 192.168.1.1:53 0.0.0.0:* 30768/dnsmasq udp 0 0 0.0.0.0:67 0.0.0.0:* 30768/dnsmasq udp 0 0 0.0.0.0:5353 0.0.0.0:* 30768/dnsmasq [Internet interface ip]:5353 is where forwarded dns queries get sent back to. I'd like "0.0.0.0:67" to show 192.168.1.1:67 and 0.0.0.0:5353 to show a.x.y.z:5353 (a.x.y.z being my internet/external ip). There was a patch somewhere in this list, that has been added to the code a few versions back that allowed multiple instances of dnsmasq to bind to 0.0.0.0. I'd just prefer if there was a 'listen-dns; listen-dnsforward; listen-dhcp' (and maybe a 'listen-tftp') option that couples with 'bind-interface' to give my desired results. I'm going to be doing some looking over the code in an effort to include this functionality in a patch, but if someone else has done the work already, or if I've somehow missed an available option in my conf file please let me know :) -- Robert A.M. Diamond <[email protected]> http://robshouse.no-ip.info What if everything is an illusion and nothing exists? In that case, I definitely overpaid for my carpet. -- Woody Allen, "Without Feathers"
