Recent content by s_Fanous

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.
  1. s_Fanous

    DoT setup but still seeing traffic on port #53

    So how do I revert back to the original /etc/dnsmasq.conf? Rename my /jffs/config/dnsmasq.conf to a different name and then restart router? Anything available that doesn't require a router restart? BTW, apologies for not mentioning this earlier but thank you so much to everyone that has been...
  2. s_Fanous

    DoT setup but still seeing traffic on port #53

    Don't remember now why I went the route of dnsmasq.conf vs the .add file Interestingly my /etc/dnsmasq.conf file does somehow contain some of my customizations (It has my server lines for pandora.com)!!! Is that normal?
  3. s_Fanous

    DoT setup but still seeing traffic on port #53

    Because I need to add more stuff on top of the default file (Most obvious ones to me right now are) Enforce MAC to IP Address assignment using dhcp-host entries Have a couple of server lines for pandora.com to circumvent geo-blocking (server=/pandora.com/<SmartDNS>
  4. s_Fanous

    DoT setup but still seeing traffic on port #53

    [email protected]:/tmp# more resolv.conf nameserver 1.1.1.1 nameserver 1.0.0.1 nameserver 127.0.1.1 [email protected]:/tmp# more resolv.dnsmasq server=127.0.1.1
  5. s_Fanous

    DoT setup but still seeing traffic on port #53

    Ok, I think I'm getting somewhere now I checked my /jffs/config/dnsmasq.conf and found the following config line resolv-file=/tmp/resolv.conf more /tmp/resolv.conf nameserver 8.8.8.8 nameserver 8.8.4.4 nameserver 127.0.1.1 So out of curiosity, I commented out the first 2 entries in that...
  6. s_Fanous

    DoT setup but still seeing traffic on port #53

    Yes, still seeing it. Tested with both DNSFilter Disabled and Enabled. Same results. Also tested @dave14305 suggestion but no change in output. Just out of curiosity I wanted to see what was listening on port #53 on my router. Here's the output netstat -anp | grep LISTEN | grep ":53" tcp...
  7. s_Fanous

    DoT setup but still seeing traffic on port #53

    Ran the command and not a single packet captured in 2 minutes
  8. s_Fanous

    DoT setup but still seeing traffic on port #53

    Apologies, I wasn't clear. It is enabled and "Global Filter Mode" is set to Router but I don't have any clients configured. So it is effectively not enabled on any client. FTR, I have also tried with it disabled and I observe the same behavior.
  9. s_Fanous

    DoT setup but still seeing traffic on port #53

    Hi I'm running 384.17 on an RT-AC68U I used the wiki to setup DNS privacy and it works for the most part. The reason I say for the most part is that some DNS traffic is still using port #53. I use tcpdump against interface ppp0. Here's a short sample of what I see 14:41:57.223430 IP...
  10. s_Fanous

    How to open a port on the router itself (Not forward)

    I agree 100% with you. I was just wondering what would be the most accurate way to guarantee it ends up in the most efficient position on router startup. When I issued the command it got put into position 6. I guess I could just force it into position 6 and live with that :) Thanks again for...
  11. s_Fanous

    How to open a port on the router itself (Not forward)

    iptables -I INPUT "$(iptables -nvL INPUT --line -t filter | grep -m 1 "state INVALID" | awk '{$1 = $1 + 1; print $1}')" xxxxxxxxxxxxxxxxxxxxxxxxxxx Worked like a charm. I suppose I need to put this into the firewall-start script file, but have a quick question. On router startup, would there...
  12. s_Fanous

    How to open a port on the router itself (Not forward)

    It's a personal python application that I've written. It starts an HTTPS server using the LetsEncrypt certificate that is generated by the router and requires authentication/authorization. I had quickly tried iptables -A INPUT -d 192.168.1.1/32 -p tcp -m conntrack --ctstate DNAT -m tcp...
  13. s_Fanous

    How to open a port on the router itself (Not forward)

    Hi, I want to open a port on the router itself. I tried to port forward to 192.168.1.1 but that didn't work. Is it just a matter of executing some iptables commands? Not, an iptables expert but would appreciate some help/tips TIA
  14. s_Fanous

    Possibly been hacked. Need assistant from senior users.

    The exact same thing happened to me last week and I also had SSH and HTTPS WAN access :( I'm running a "modified" 380.65. Time to say good bye to the "modifications" I guess.
  15. s_Fanous

    Where does Wireless Log Get It's Info From

    /usr/sbin/wl -i eth1 assoclist AND /usr/sbin/wl -i eth2 assoclist are what I need. Thanks a lot
Top