Bug#869814: listens on *:67 regardless of configuration

Wed, 26 Jul 2017 10:10:15 -0700 

Package: dnsmasq
Version: 2.76-5
Severity: normal

Hi,

I am running dnsmasq to provide DNS and DHCP services to some virtual
machines. Now, I want dnsmasq to listen *only* on the specified
interfaces. My configuration file thus reads:


------------ cut
log-queries=extra
log-facility=/var/log/dnsmasq.log

interface=docker0,virbr0
except-interface=lo,ovsbr0
bind-interfaces

server=10.99.1.1

rebind-localhost-ok

dhcp-range=172.17.42.10,172.17.42.253
dhcp-range=192.168.122.10,192.168.122.250

dhcp-host=fe:c9:3f:13:28:8a,192.168.122.10,stretch1
dhcp-host=fe:c9:3f:13:28:8b,192.168.122.11,stretch2
------------ cut


According to the documentation, that should make dnsmasq to open sockets
only on those two interfaces, for *any* services. But instead, I get
something like this (11322 is the PID of dnsmasq):


# lsof -p 11322 |grep -E 'UDP|TCP'
dnsmasq 11322 dnsmasq    4u     IPv4 13538201      0t0      UDP *:bootps 
dnsmasq 11322 dnsmasq    6u     IPv4 13538204      0t0      UDP 
172.17.42.1:domain 
dnsmasq 11322 dnsmasq    7u     IPv4 13538205      0t0      TCP 
172.17.42.1:domain (LISTEN)
dnsmasq 11322 dnsmasq    8u     IPv4 13538206      0t0      UDP mirror:domain 
dnsmasq 11322 dnsmasq    9u     IPv4 13538207      0t0      TCP mirror:domain 
(LISTEN)
dnsmasq 11322 dnsmasq   10u     IPv6 13538208      0t0      UDP 
[fe80::bc9d:d8ff:fe13:394f]:domain 
dnsmasq 11322 dnsmasq   11u     IPv6 13538209      0t0      TCP 
[fe80::bc9d:d8ff:fe13:394f]:domain (LISTEN)
# 

As you can see, the interface restriction for DNS works, but the
it does not work for DHCP. I tried adding a 'no-dhcp-interface'
statement to my configuration, but it had no effect.

This prevents a second dnsmasq server from starting on the same machine.


Cheers,
--Toni++



-- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages dnsmasq depends on:
ii  dnsmasq-base         2.76-5+b1
ii  init-system-helpers  1.48
ii  netbase              5.4

dnsmasq recommends no packages.

Versions of packages dnsmasq suggests:
ii  resolvconf  1.79

-- Configuration Files:
/etc/default/dnsmasq changed [not included]
/etc/dnsmasq.conf changed [not included]

-- no debconf information

Reply via email to