On 28.03.24 14:28, Chris Green wrote:
... and another system, also running dnsmasq version 2.90:-chris@t470$ nmap 192.168.1.128 | grep 53 53/tcp open domain chris@t470 So why are they acting differently and, possibly more to the point, how do I make dnsmasq listen only on the loopback address?
Hi Chris, you are just probing for port 53, without information about the process handling that port, so it could be another resolver on the same machine (e.g. systemd-resolved, or a dnsmasq instance controlled by NetworkManager) that hogs port 53. You may want to consider using something like sudo ss -tulpn sport = 53 to see what is actually listening. For listening on 127.0.0.1 only, you probably should consider to explicitly state that as listen-address: (quoting https://dnsmasq.org/docs/dnsmasq-man.html) -a, --listen-address=<ipaddr> Listen on the given IP address(es). Both --interface and --listen-address options may be given, in which case the set of both interfaces and addresses is used. Note that if no --interface option is given, but --listen-address is, dnsmasq will not automatically listen on the loopback interface. To achieve this, its IP address, 127.0.0.1, must be explicitly given as a --listen-address option. Kind regards, Buck _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
