is this line in advanced DNSmasq is about doing the same NCSI filtering...i checked mine on my Win 7 it turned up as 0 so i must have changed in the past...but thank you egc
filterwin2k
It is not, should I use it? _________________ Netgear R9000
DD-WRT v3.0-r55779 std (04/12/24)
Linux 4.9.337 #721 SMP Mon Apr 8 08:07:27 +07 2024 armv7l
Gateway, AP, DNSMasq, Clock 2000MHz
VAP on wlan1 for internet devices
IPv4 & IPv6 (Prefix Delegation)
Static Leases & DHCP
CloudFlare, no SFE, SmartDNS, no QoS
2.4GHz: Vanilla, Airtime Fairness, NG-Mixed, ACK Timing 3150, WPA2 w/AES & WPA3
5GHz: Vanilla, Airtime Fairness, AC/N Mixed, ACK Timing 3150, WPA2 w/AES & WPA3
2 Netgear AX1800 WiFi Mesh Extenders
Xfinity 1.2Gbps/35Mbps
Posted: Mon Sep 20, 2021 22:13 Post subject: Gateway leaking LAN traffic
Router/Version: Linksys EA8500
File/Kernel: DD-WRT v3.0-r47474 std (09/20/21)
Mode/Status: Gateway, Wireguard server (inactive)
Issues/Errors: LAN traffic leaking out gateway interface
This router is setup in Gateway mode attached with IP PassThrough all firewall and packet filters disabled (that can be) on an ATT Fiber BGW210-700. The log on that upstream device is reporting source IP addresses on my private LAN (and dropping those packets as invalid sources). There is no other device plugged into the ATT box and Wifi on it is disabled. I'm not sure how long this has been the case.
is this line in advanced DNSmasq is about doing the same NCSI filtering...i checked mine on my Win 7 it turned up as 0 so i must have changed in the past...but thank you egc
filterwin2k
It is not, should I use it?
I added filterwin2k and the issue persists. It is not often, but it does show in the syslog. I guess DNSMasq is doing what I want by blocking it. _________________ Netgear R9000
DD-WRT v3.0-r55779 std (04/12/24)
Linux 4.9.337 #721 SMP Mon Apr 8 08:07:27 +07 2024 armv7l
Gateway, AP, DNSMasq, Clock 2000MHz
VAP on wlan1 for internet devices
IPv4 & IPv6 (Prefix Delegation)
Static Leases & DHCP
CloudFlare, no SFE, SmartDNS, no QoS
2.4GHz: Vanilla, Airtime Fairness, NG-Mixed, ACK Timing 3150, WPA2 w/AES & WPA3
5GHz: Vanilla, Airtime Fairness, AC/N Mixed, ACK Timing 3150, WPA2 w/AES & WPA3
2 Netgear AX1800 WiFi Mesh Extenders
Xfinity 1.2Gbps/35Mbps
I notice that -r47461 and -r47474 have different DNS behaviour. I have a local PiHole and block outbound on port 53 for all but it. There are suddenly requests out to cloudflared and another DNS server with these recent builds. This goes away if I revert to -r47381. I would not care but there is an annoying DNS lookup failure when going to new sites in a browser. Then the second try succeeds. This may be IPv6-related, as I see IPv6 addresses on an nslookup to a new site, but my router does not have it enabled, nor does my PiHole, so I cannot yet explain the source.
I notice that -r47461 and -r47474 have different DNS behaviour. I have a local PiHole and block outbound on port 53 for all but it. There are suddenly requests out to cloudflared and another DNS server with these recent builds. This goes away if I revert to -r47381. I would not care but there is an annoying DNS lookup failure when going to new sites in a browser. Then the second try succeeds.
I agree Wifi is good.
I have a similar setup with a PiHole and DNS blocked for all but dnsmasq localhost to stubby on the router out to the internet. The PiHole is directed only to the router dnsmasq.
I wouldn't have found the leaking LAN IPs I just reported if I wasn't looking for the cause of a sporadic browser DNS lookup failure very similar to yours that succeeds on reload. BTW, I have use-application-dns.net set to return NXDOMAIN in dnsmasq so Firefox won't use DoH.
Linksys EA8500...main gateway
DD-WRT v3.0-r47474 std (09/20/21)
Linux 4.9.282 #466 SMP Mon Sep 20 04:24:30 +07 2021 armv7l
GUI install over r47449
35 static leases
local DNS
ovpn server
HFSC CAKE
smaba share 32GB ext4
2.4 & 5GHz radios good both using ath10k Vanilla FW
VLAN on 1 port + wlan0.1 via br1
br1 uses different DNS (9.9.9.9 WoodyNet shit)
dont't ask why ...just somepin I stared doing long time back
main net & all other router/devices connected to it uses--
unbound
http://dnssec.vs.uni-due.de/ http://www.dnssec-or-not.com/
everything is working very nicely -- uptime 10.46
/cpu/scaling_governor set to 'ondemand'
ondemand/up_threshold set to '35'
#
EA8500
switch / ovpn server / samba share x2 ext4 flash drive
GUI install over r47461
all good -- uptime 10:49
#
Netgear WNDR3700 V4
DD-WRT v3.0-r47474 std (09/20/21)
Linux 3.18.140-d6 #126895 Mon Sep 20 11:31:53 +07 2021 mips
used as switch / ovpn server
all ok
GUI install over r47461
all good -- uptime 8:40
As my Buffalo WZR-HP-G300NH is aging albeit is still solidly working, do you recommend Linksys EA8500? It will be connected to my Huawei 5G CPE Pro main router.
I have to admit that I am not a networking guru, but I need flexibility and customizations to manage my devices at home. _________________ Buffalo WZR-HP-G300NH
After flashing this, I now have 13 wireless channels on 2.4Ghz instead of the normal 11 channels. My Regulatory Domain is still set for United States, so I should only have 11 channels. Anyone else seeing this with the EA8500? _________________ Linksys EA8500 (Internet Gateway, AP/VAP) - DD-WRT r53562
Features in use: WDS-AP, Multiple VLANs, Samba, WireGuard, Entware: mqtt, mlocate
Wireless 5ghz only
Netgear R7800 (WDS-AP, WAP, VAP) - DD-WRT r55779
Features in use: multiple VLANs over single trunk port
Linksys EA8500 WDS Station x2 - DD-WRT r55799
Netgear R6400v2 WAP, VAP 2.4ghz only w/VLANs over single trunk port. DD-WRT r55779
OSes: Fedora 38, 9 RPis (2,3,4,5), 20 ESP8266s: Straight from Amiga to Linux in '94, never having owned a Windows PC.
so i must have changed in the past...but thank you 
reported in my post already 
