I noted during external port scans that my AX86U had an open Port 53 and would respond to DNS requests on 'LAN only' hostnames (used this service https://simpledns.plus/lookup)
I also noted there were multiple DHCP error messages regarding my second WAN conenction.
I figured out that DNSMASQ was open for business on my primary WAN (which is a PPoE) and secondary WAN (which is just a direct connection)
I made the following adjustment to my /jffs/scripts/dnsmasq.conf
This then closed port 53 externally and stopped the DHCP errors in the log.
Should the default behaviour be to expose DNS and DHCP server to the WAN interfaces?
386.5_2 on AX86U
I also noted there were multiple DHCP error messages regarding my second WAN conenction.
dnsmasq-dhcp[22886]: no address range available for DHCP request via eth0
I figured out that DNSMASQ was open for business on my primary WAN (which is a PPoE) and secondary WAN (which is just a direct connection)
I made the following adjustment to my /jffs/scripts/dnsmasq.conf
#!/bin/sh
. /opt/share/diversion/file/post-conf.div # Added by Diversion
CONFIG=$1
pc_delete "interface=eth0" $CONFIG
pc_delete "bind-dynamic" $CONFIG
pc_delete interface=ppp0 $CONFIG
pc_delete interface=pptp* $CONFIG
This then closed port 53 externally and stopped the DHCP errors in the log.
Should the default behaviour be to expose DNS and DHCP server to the WAN interfaces?
386.5_2 on AX86U