Here in Thailand, the ISPs run transparent/selective proxies and hijack DNS regardless of settings on client or on router. Played around with dnsmasq for a while and although DHCP was simple to get going, I am not sure about the exact syntax and location for putting my desired DNS servers. I googled around for a bit and thought that it was either:#/etc/dnsmasq-resolvnameserver xxx.xxx.xx.xxor#/etc/dnsmasq-resolvserver=xxx.xxx.xx.xxUnfortunately, these don't seem to do the trick, because when I open resolve.conf the servers are added but are commented out and the default 127.0.0.1 is active.
#/etc/resolve.configserver xxx.xxx.xx.xx
Thanks for the incredibly speedy response. That makes sense. I guess I had it backwards. (I had thought that dnsmasq-resolv copied to resolve.config.)If I understand you, I should simply add my preferred DNS server address to resolve.config.Like this?#/etc/resolve.configserver xxx.xxx.xx.xx
Also - can a specific port be specified?
Internet access is now working, but I think I'm still getting hijacked.
-Q, --query-port=<query_port>
Send outbound DNS queries from, and listen for their replies on, the specific UDP port <query_port> instead of using random ports. NOTE that using this option will make dnsmasq less secure against DNS spoofing attacks but it may be faster and use less resources. Setting this option to zero makes dnsmasq use a single port allocated to it by the OS: this was the default behaviour in versions prior to 2.43.
#/etc/dnsmasq.config
query-port=58
nslookup check.unblock-us.com 208.122.23.22
Server: 208.122.23.22
Address: 208.122.23.22#53
Name: check.unblock-us.com
Address: 184.106.248.229
May 18 19:04:35 ClineNAS daemon.info dnsmasq[1147]: forwarded b._dns-sd._udp.CLINENET to 208.122.23.22
May 18 19:04:36 ClineNAS daemon.info dnsmasq[1147]: query[PTR] b._dns-sd._udp.0.2.168.192.in-addr.arpa from 192.168.2.133
May 18 19:04:36 ClineNAS daemon.info dnsmasq[1147]: forwarded b._dns-sd._udp.0.2.168.192.in-addr.arpa to 208.122.23.22
May 18 19:04:36 ClineNAS daemon.info dnsmasq[1147]: query[PTR] db._dns-sd._udp.0.2.168.192.in-addr.arpa from 192.168.2.133
May 18 19:04:36 ClineNAS daemon.info dnsmasq[1147]: forwarded db._dns-sd._udp.0.2.168.192.in-addr.arpa to 208.122.23.22
May 18 19:04:36 ClineNAS daemon.info dnsmasq[1147]: query[PTR] r._dns-sd._udp.0.2.168.192.in-addr.arpa from 192.168.2.133
May 18 19:04:36 ClineNAS daemon.info dnsmasq[1147]: forwarded r._dns-sd._udp.0.2.168.192.in-addr.arpa to 208.122.23.22
May 18 19:04:36 ClineNAS daemon.info dnsmasq[1147]: query[PTR] dr._dns-sd._udp.0.2.168.192.in-addr.arpa from 192.168.2.133
May 18 19:04:36 ClineNAS daemon.info dnsmasq[1147]: forwarded dr._dns-sd._udp.0.2.168.192.in-addr.arpa to 208.122.23.22
May 18 19:04:36 ClineNAS daemon.info dnsmasq[1147]: query[PTR] lb._dns-sd._udp.0.2.168.192.in-addr.arpa from 192.168.2.133
May 18 19:04:36 ClineNAS daemon.info dnsmasq[1147]: forwarded lb._dns-sd._udp.0.2.168.192.in-addr.arpa to 208.122.23.22
- Ok great. I only started messing with the config files, because I knew that I might need to specify a port. Apparently this can be done:
-Q, --query-port=<query_port>
Send outbound DNS queries from, and listen for their replies on, the specific UDP port <query_port> instead of using random ports. NOTE that using this option will make dnsmasq less secure against DNS spoofing attacks but it may be faster and use less resources. Setting this option to zero makes dnsmasq use a single port allocated to it by the OS: this was the default behaviour in versions prior to 2.43.