#18991: dnsmasq does not reply to dns requests from wan over its specified port
-----------------------+------------------------
Reporter: Ingram | Owner: developers
Type: defect | Status: new
Priority: normal | Milestone:
Component: packages | Version: Trunk
Resolution: | Keywords:
-----------------------+------------------------
Comment (by Ingram):
I agree that having an open resolver is generally a bad thing. However the
firewall and recently introduced localservice option are supposed to do
protect you from that already.
The issue is not that it can't reply to requests from wan interface - it
surely can, just not from the port it is configured to run on. If someone
had dnsmasq running on port... 33333 and made a port forward 53->33333,
we'd have a working open resolver (assuming localservice is turned off).
In that case forwarding 33333->33333 wouldn't work though.
--
Ticket URL: <https://dev.openwrt.org/ticket/18991#comment:2>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology
_______________________________________________
openwrt-tickets mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets
