The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.
Difference between revisions of "Package:Dnsmasq"
Threesixes (talk | contribs) m (more details) |
m (link changed) |
||
(7 intermediate revisions by 2 users not shown) | |||
Line 11: | Line 11: | ||
=== Configuration === | === Configuration === | ||
{{note|When using NetworkManager with dhcp use dhcp for addresses only, and tell it 127.0.0.1 is your dns}} | |||
{{c|/etc/dnsmasq.conf}} is where most of dnsmasq's configuration is done. It's file is well commented, and ready for several scenarios. | {{c|/etc/dnsmasq.conf}} is where most of dnsmasq's configuration is done. It's file is well commented, and ready for several scenarios. | ||
Line 25: | Line 26: | ||
To listen to a DNS server on an alternate port: | To listen to a DNS server on an alternate port: | ||
In this example we'll install {{package|dnscrypt-proxy}}: | In this example we'll install {{package|net-dns/dnscrypt-proxy}}: | ||
{{file|name=/etc/dnsmasq.conf|lang=|desc=insert local dns only configs at the bottom of the dnsmasq.conf file.|body= | {{file|name=/etc/dnsmasq.conf|lang=|desc=insert local dns only configs at the bottom of the dnsmasq.conf file.|body= | ||
... | ... | ||
#resolv-file=/etc/resolv.dnsmasq.conf | #resolv-file=/etc/resolv.dnsmasq.conf | ||
server=127.0.0.1# | server=127.0.0.1#53000 | ||
listen-address=127.0.0.1 | listen-address=127.0.0.1 | ||
}} | }} | ||
Line 46: | Line 47: | ||
==== DNS only ==== | ==== DNS only ==== | ||
{{package|net-dns/bind-tools}} contains dns testing utilities. To verify that dns requests are returned from the local server: emerge bind-tools, then run: | {{package|net-dns/bind-tools}} contains dns testing utilities. To verify that dns requests are returned from the local server: emerge bind-tools, then run: | ||
{{console|body=###i## dig google.com | {{console|body=###i## dig google.com}} | ||
Make sure it returns something similar, the ip address for googles upstream server(s) will probably be different. | |||
{{console|body= | |||
... | |||
;; ANSWER SECTION: | |||
google.com. 299 IN A 216.58.216.206 | |||
... | |||
;; SERVER: 127.0.0.1#53(127.0.0.1)}} | ;; SERVER: 127.0.0.1#53(127.0.0.1)}} | ||
=== Hosts === | |||
winhelp2002.mvps.org has a hosts file that blocks advertisements and malicious domains. The hosts file is updated periodically so you may wish to make a cronjob to fetch the hosts file. | |||
To install mvps' host file: | |||
{{console|body= | |||
###i## mkdir /etc/dnsmasq.hosts | |||
###i## curl https://winhelp2002.mvps.org/hosts.txt > /etc/dnsmasq.hosts/blocklist}} | |||
{{file|name=/etc/dnsmasq.conf|lang=|desc=read alternate host sources, and cache them for an hour.|body= | |||
... | |||
addn-hosts=/etc/dnsmasq.hosts/ | |||
local-ttl=3600 | |||
}} | |||
{{PageNeedsUpdates}} | {{PageNeedsUpdates}} | ||
{{EbuildFooter}} | {{EbuildFooter}} |
Latest revision as of 10:35, October 13, 2020
Dnsmasq
We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.
As this page deals with DNS it has the potential to break your internet access! Ensure you have stable live media that can restore your system.
Dnsmasq is a dns cache, dhcp, and pxe server. This package is lightweight, and will work well for individual computers, or small lans.
Installation
root # emerge net-dns/dnsmasq
Configuration
When using NetworkManager with dhcp use dhcp for addresses only, and tell it 127.0.0.1 is your dns
/etc/dnsmasq.conf
is where most of dnsmasq's configuration is done. It's file is well commented, and ready for several scenarios.
DNS only
place other upstream dns servers in /etc/resolv.dnsmasq.conf with your preferred DNS server at the top of the list. The first console command in the block will wipe out existing /etc/resolv.dnsmasq.conf settings, back them up if you have anything important in them.
root # echo "nameserver 8.8.8.8" > /etc/resolv.dnsmasq.conf
/etc/dnsmasq.conf
- insert local dns only configs at the bottom of the dnsmasq.conf file.... resolv-file=/etc/resolv.dnsmasq.conf listen-address=127.0.0.1
To listen to a DNS server on an alternate port: In this example we'll install net-dns/dnscrypt-proxy:
/etc/dnsmasq.conf
- insert local dns only configs at the bottom of the dnsmasq.conf file.... #resolv-file=/etc/resolv.dnsmasq.conf server=127.0.0.1#53000 listen-address=127.0.0.1
Now your localhost / 127.0.0.1 is your primary DNS to point net connection scripts to. This is the point of no return command. Start the service before you run this, and be prepaired to test with dig that it's pulling up servers through dnsmasq.
root # echo "nameserver 127.0.0.1" > /etc/resolv.conf
This is the revert to known working DNS servers command:
root # echo "nameserver 8.8.8.8" > /etc/resolv.conf
Runtime
root # rc-update add dnsmasq default root # rc
Testing
DNS only
net-dns/bind-tools contains dns testing utilities. To verify that dns requests are returned from the local server: emerge bind-tools, then run:
root # dig google.com
Make sure it returns something similar, the ip address for googles upstream server(s) will probably be different.
... ;; ANSWER SECTION: google.com. 299 IN A 216.58.216.206 ... ;; SERVER: 127.0.0.1#53(127.0.0.1)
Hosts
winhelp2002.mvps.org has a hosts file that blocks advertisements and malicious domains. The hosts file is updated periodically so you may wish to make a cronjob to fetch the hosts file.
To install mvps' host file:
root # mkdir /etc/dnsmasq.hosts root # curl https://winhelp2002.mvps.org/hosts.txt > /etc/dnsmasq.hosts/blocklist
/etc/dnsmasq.conf
- read alternate host sources, and cache them for an hour.... addn-hosts=/etc/dnsmasq.hosts/ local-ttl=3600