Forwarder listening on port 53/tcp on all interfaces
even if it's configured explicitly to listen on particular interfaces
How to reproduce:
Configure forwarder
bind it to certain nic
check netstat output and/or external scan output
Forwarder listening on port 53/tcp on all interfaces
even if it's configured explicitly to listen on particular interfaces
How to reproduce:
Configure forwarder
bind it to certain nic
check netstat output and/or external scan output
After adding the bind-interfacesparameter to the configuration, movng the configuration file from /etc/dnsmasq.conf to /etc/dnsmasq.d/vyos.conf and switching to systemd, this is the result:
cpo@CR2# netstat -a | grep domain tcp 0 0 localhost:domain *:* LISTEN tcp 0 0 lo.CR2.mucI.xxx:domain *:* LISTEN tcp 0 0 eth0.CR2.mucI.xx:domain *:* LISTEN tcp6 0 0 localhost:domain [::]:* LISTEN tcp6 0 0 fe80::250:56ff:f:domain [::]:* LISTEN udp 0 0 localhost:domain *:* udp 0 0 lo.CR2.mucI.xxx:domain *:* udp 0 0 eth0.CR2.mucI.xx:domain *:* udp6 0 0 localhost:domain [::]:* udp6 0 0 fe80::250:56ff:f:domain [::]:*
Nope, this is the output after binding it to eth0 only. It always binds to the loopback interface!
Dnsmasq automatically adds the loopback (local) interface to the list of interfaces to use when the --interface option is used.
Already triggered CI builds su it will be in tonights version.
https://ci.vyos.net/job/vyatta-op/91/changes
https://ci.vyos.net/job/vyatta-cfg-system/285/changes