升级到 Ubuntu 16.04 后,dnsmasq 无法响应来自其接口所属子网以外的子网的查询。我想知道是否有允许添加受信任子网的选项?以下是日志消息
Ignoring query from non-local network
答案1
来自v2.69 更新日志:
Add --local-service. Accept DNS queries only from hosts
whose address is on a local subnet, ie a subnet for which
an interface exists on the server. This option
only has effect if there are no --interface --except-interface,
--listen-address or --auth-server options. It is intended
to be set as a default on installation, to allow
unconfigured installations to be useful but also safe from
being used for DNS amplification attacks.
因此,解决方法是确保任何 conf 文件(包括任何预安装的文件,例如 /usr/local/etc/dnsmasq.conf)中都没有 local-service 选项,并在 conf 文件中包括上面列出的选项之一。例如--interface=eth0
。