how to make dnsmasq and ipset affect router?

[saccleo]

i have put config in dnsmasq.conf as discribed below:
server=/bin.entware.net/8.8.8.8
ipset=/bin.entware.net/proxy

after i using some cmd like 'nslook or ping' through ssh tty, no ip appears in ipset proxy.
but other clients in local lan through the router, that works fine, correct address appears in proxy set.

how can i get that works for the router?

 

[dave14305]

The router won’t use dnsmasq for DNS lookups by default. There is a setting on Tools / Other Settings to change this behavior. Wan: Use local caching DNS server as system resolver (default: No).

 

[Xentrk]

i have put config in dnsmasq.conf as discribed below:
server=/bin.entware.net/8.8.8.8
ipset=/bin.entware.net/proxy

after i using some cmd like 'nslook or ping' through ssh tty, no ip appears in ipset proxy.
but other clients in local lan through the router, that works fine, correct address appears in proxy set.

how can i get that works for the router?

Be sure to restart dnsmasq after making entries:

service restart_dnsmasq

You can check out the x3mRouting project if you want scripts that will create the ipset lists, give you the option to route to different interfaces and create the cron job that backups the ipset list so it can be restored on system boot.

Call the script from nat-start so it starts at system boot:

sh /jffs/scripts/x3mRouting/load_DNSMASQ_ipset_iface.sh 2 HULU_WEB hulu.com,hulustream.com,akamaihd.net

2 = OpenVPN Client 2 Interface
HULU_WEB = ipset name
followed by the list of domain names separated by commas.

 

[Dabombber]

The router won’t use dnsmasq for DNS lookups by default. There is a setting on Tools / Other Settings to change this behavior. Wan: Use local caching DNS server as system resolver (default: No).

Another option is to manually specify the DNS server in your commands/scripts so that it works regardless of the local resolver setting.

nslookup bin.entware.net 127.0.0.1

One thing to watch out for in scripts is the format of the built-in nslookup differs from entware's, the following should work with either.

IP="$(nslookup "$DOMAIN" '127.0.0.1' | awk 'NR>2&&/^Address/{print $(NF==2?2:3);exit}')"

 

[saccleo]

The router won’t use dnsmasq for DNS lookups by default. There is a setting on Tools / Other Settings to change this behavior. Wan: Use local caching DNS server as system resolver (default: No).

After I change that option to Yes, it works!

Thanks a lot for help.

 

[saccleo]

Another option is to manually specify the DNS server in your commands/scripts so that it works regardless of the local resolver setting.

nslookup bin.entware.net 127.0.0.1

One thing to watch out for in scripts is the format of the built-in nslookup differs from entware's, the following should work with either.

IP="$(nslookup "$DOMAIN" '127.0.0.1' | awk 'NR>2&&/^Address/{print $(NF==2?2:3);exit}')"

en, that's also works, thanks a lot!

 

[saccleo]

Be sure to restart dnsmasq after making entries:

service restart_dnsmasq

You can check out the x3mRouting project if you want scripts that will create the ipset lists, give you the option to route to different interfaces and create the cron job that backups the ipset list so it can be restored on system boot.

Call the script from nat-start so it starts at system boot:

sh /jffs/scripts/x3mRouting/load_DNSMASQ_ipset_iface.sh 2 HULU_WEB hulu.com,hulustream.com,akamaihd.net

2 = OpenVPN Client 2 Interface
HULU_WEB = ipset name
followed by the list of domain names separated by commas.

It is a little difficult for me to understand x3mrouting project, need some time.
I want to make the traffic to the IPs in proxy IPSET redired to special local port, and then be proxied.
Do I need to do some work with mangle table?

 

[Xentrk]

It is a little difficult for me to understand x3mrouting project, need some time.
I want to make the traffic to the IPs in proxy IPSET redired to special local port, and then be proxied.
Do I need to do some work with mangle table?

Here is a link to the how-to-article on the Wiki on how to specify local port.
https://github.com/RMerl/asuswrt-merlin/wiki/Policy-based-Port-routing-(manual-method)