On Mon, Oct 31, 2022 at 03:59:56PM +0100, Matus UHLAR - fantomas via Dnsmasq-discuss wrote: > Hello, > > I have upgraded my router which included upgrading dnsmasq 2.80 to 2.86. > > (Turris OS 5.4.4 based on openwrt 19 to 6.0.1 based on OpenWrt 21.02.05) > > in the current version, dnsmasq returns REFUSED for external lookups: > > uhlar@fhome% dig +nocmd +noquestion +nostats fantomas.fantomas.sk @gw.lan > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 13206 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 1232 > ; EDE: 14 (Not Ready) > > local lookups work correctly. > > when I run dnsmasq with "-d" alias "--no-daemon" option, resolving works: > > root@turris:/srv/tos6# /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c > -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid -d > dnsmasq: started, version 2.86 cachesize 150 > dnsmasq: DNS service limited to local subnets > dnsmasq: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN > DHCP DHCPv6 no-Lua TFTP conntrack ipset auth cryptohash DNSSEC no-ID > loop-detect inotify dumpfile > dnsmasq: UBus support enabled: connected to system bus > [deleted] > dnsmasq-dhcp: read /etc/ethers - 24 addresses > > > uhlar@fhome% dig +nocmd +noquestion +nostats fantomas.fantomas.sk @gw.lan > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46495 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 1232 > ;; ANSWER SECTION: > fantomas.fantomas.sk. 28383 IN A 195.80.174.185 > > > If I run dnsmasq manually with exactly the same config file but without -d, > same problem appears: > > root@turris:/srv/tos6# /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c > -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid > > uhlar@fhome% dig +nocmd +noquestion +nostats fantomas.fantomas.sk @gw.lan > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 21530 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 1232 > ; EDE: 14 (Not Ready) > > even after multiple attempts. > > > I have tried to play with config options without success, running with > --log-debug option, no change (and no logs that would explain). > running with --keep-in-foreground caused no change either. > > Any idea what could be the problem?
Manual page says about the debug mode, among others, "don't change user id". Idea / shoot in the dark: The configuration file has 'user=foo' and user `foo` not allowed to connect to upstream name server. Groeten Geert Stappers P.S. Thanks for https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q4/016668.html When time permits, I'll do two things: Reply to it and update "monthly posting" -- Silence is hard to parse _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss