I would like to ask a question about configuring of dnsmasq DNS server. I know about such configuration option as "listen-address". But even if I set this option to "listen-address=127.0.0.1" dnsmasq still open port on both internal 127.0.0.1:53 and external 192.168.x.x:53 sides.
So I would like to ask if it is possible to configure dnsmasq so that it opens port 53 just for localhost (127.0.0.1) like for example it is possible for MySQL database.
# Configuration file for dnsmasq.
port=53
proxy-dnssec
no-resolv
no-poll
server=127.0.0.1#[some port here]
server=127.0.0.1#[some another port here]
listen-address=127.0.0.1
no-hosts
Best Answer
I had to add "bind-interfaces" to the config file, so that interface and listen-address had the desired effect. E.g.:
This will have the desired effect of listening only on localhost. I was running into issues, since I was running a public dns (that resolves just my own domains) on the public ip of the server, but I wanted to run dnsmasq on localhost, too. So if I remove "bind-interfaces", I will get "dnsmasq: failed to create listening socket for port 53: Address already in use", as it tries to listen on the public IP.