Dnsmasq disable ipv6 listen

anon50890781 · April 28, 2018, 1:19pm

Turris Omnia - rtrom01
Turris OS 3.9.6
Kernel 4.4.119-082ea0f4a4e204b99821bedcb349ed54-0
Firmware OpenWrt omnia 15.05 r47055 / LuCI 49c3edd5861fd032fa8379ceda525c27a908a114 branch (git-17.212.24321-49c3edd)
dnsmasq-full 2.78-2

/etc/config/resolver
    # list interface '::0'
    option net_ipv6 '0'

lsof -i -n -P

dnsmasq 13797 nobody 4u IPv4 30439 0t0 UDP *:67
dnsmasq 13797 nobody 6u IPv4 30442 0t0 UDP *:5353
dnsmasq 13797 nobody 7u IPv4 30443 0t0 TCP *:5353 (LISTEN)
dnsmasq 13797 nobody 8u IPv6 30444 0t0 UDP *:5353
dnsmasq 13797 nobody 9u IPv6 30445 0t0 TCP *:5353 (LISTEN)

With those settings in /etc/config/resolver dnsmasq is still listening on ipv6 ports however. How to prevent dnsmasq from listening on ipv6 (tcp/udp) ports?

vcunat · April 28, 2018, 2:17pm

Using /etc/config/resolver isn’t even supported with dnsmasq (officially by Turris team), I suspect. @paja should know.

anon50890781 · April 28, 2018, 2:20pm

@vcunat that is what I suspected. But then there does not seems an option either in

/etc/config/dhcp
  config dnsmasq

vcunat · April 28, 2018, 2:33pm

You should be able to firewall it.

anon50890781 · April 28, 2018, 2:40pm

@vcunat Prefer not to firewall everything but rather turn off unecessary interfaces/protocols/ports, like it can be done for ntpd, unbound, sshd, etc.