| 1 |
john@×××××××××××××××.nz wrote: |
| 2 |
|
| 3 |
>Hi, |
| 4 |
>I'm having my first experience with gnap on a soekris unit. |
| 5 |
> |
| 6 |
>Everything almost works. The catch is dnsmasq. |
| 7 |
>It always says "cannot make/bind socket permission denied" |
| 8 |
>on whatever upstream servers I use. |
| 9 |
> |
| 10 |
>I used netstat to ensure that no other dns servers had bound to port 53. |
| 11 |
>192.168.1.2 is the adsl router. |
| 12 |
> |
| 13 |
>my conf file is |
| 14 |
> |
| 15 |
>query-port=53 |
| 16 |
>interface=eth1 |
| 17 |
>domain-needed |
| 18 |
> |
| 19 |
>server=/danske.co.nz/192.168.40.254 |
| 20 |
>server=192.168.1.2 |
| 21 |
> |
| 22 |
>dhcp-authoritative |
| 23 |
>dhcp-range=192.168.41.16,192.168.41.64,infinite |
| 24 |
> |
| 25 |
> |
| 26 |
>Can anyone shed light on this for me please? |
| 27 |
> |
| 28 |
> |
| 29 |
|
| 30 |
Some general info that might be helpful. |
| 31 |
|
| 32 |
You need to have root permission to bind to port 53. |
| 33 |
|
| 34 |
You don't need to (and you shouldn't) use port 53 as source port when |
| 35 |
you do a query to an upstream server. |
| 36 |
|
| 37 |
The daemon should drop root privileges to a non-root UID after it has |
| 38 |
opened the listening socket (that is and should be bind to port 53). (I |
| 39 |
havent checked if dnsmasq does this but since you get permission denied, |
| 40 |
I guess it does) |
| 41 |
|
| 42 |
What happens if you remove the "query-port=53" line? |
| 43 |
|
| 44 |
What happens if you set query-port to something above 1024? |
| 45 |
|
| 46 |
You can try dnrd if you want an alternative to dnsmasq. But it does not |
| 47 |
have an integrated dhcp service so you probably want to stay with dnsmasq. |
| 48 |
|
| 49 |
-- |
| 50 |
Natanael Copa |
| 51 |
|
| 52 |
-- |
| 53 |
gentoo-embedded@g.o mailing list |
Archives