How to retrieve value of DNSMasq option server=?

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions
Author Message
ArjenR49
DD-WRT User


Joined: 05 Oct 2008
Posts: 355
Location: Helsinki, Finland

PostPosted: Sat Aug 01, 2020 6:46    Post subject: How to retrieve value of DNSMasq option server=? Reply with quote
Is there a way to retrieve the value of the additional DNSMasq option
server=192.168.x.abc

There are several nvram variables which contain the correct value, but all look like they are 'derived', e.g.
ath1.1_dns_ipaddr=192.168.5.60

Executing
nvram show | grep server
in an ssh session, will give me
...
# PiHole DNS server
server=192.168.5.60
server=fe80::6b0a:7473:53ae:761c
...
which are a few lines from my Additional DNSMasq options field.
(obviously having two server= options likely means that 'server' cannot be an nvram or memory variable as such)

echo $server gives me an empty line, just as
echo $(nvram get server).

root@R7800:~# echo $server

root@R7800:~# echo $(nvram get server)

root@R7800:~# echo $(nvram get br2_dns_ipaddr)
192.168.5.60
would be ok, but br2_dns_ipaddr is 'derived' from the original setting somehow and I may not always have a br2, nor br1.
However, br0_dns_ipaddr, which I assume would always be present, does not exist ...

In my firewall script I was able to use:
ROUTER_IP=$(nvram get lan_ipaddr)
and refer to that variable in the actual rules, and that's the kind of thing I'd like to do for DNS IP as well.
Sponsor
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 3857
Location: UK, London, just across the river..

PostPosted: Sat Aug 01, 2020 12:02    Post subject: Reply with quote
if i got you correctly...my 2 cents

by default DNSmasq serves all interfaces...but if you specify interface it gets more specific..
interface=br0 so you can add interface= to all interfaces you want to mention only...

to find witch servers are in use
cat /proc/net/ip_conntrack | grep 'dport=53 '
cat /tmp/resolv.dnsmasq - shows DNSmasq serves used too..
or any other port you've chosen (this command might not work on all routers)

to see DNSmasq cache entries- cat /tmp/DNSCache.log

but you have to activate the logging in DNSmsaq

cat /tmp/dnsmasq.conf - shows DNSmsaq config

another one more advanced command for high grade routers

cat /proc/net/ip_conntrack | grep -Eo "^udp [^s]*src=$(nvram get wan_ipaddr) .*" | grep -Eo '^.*dport=53 ' | sort -k3,3rn

_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 44538 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 44467 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 44538 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 44538 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 44538 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8343

PostPosted: Sat Aug 01, 2020 15:10    Post subject: Reply with quote
Anything specified in the Additional DNSMasq Options field ultimately ends up in the DNSMasq config file, so you can just grep that file rather than searching nvram (which can sometimes be difficult given the way things are encoded).

Code:
cat /tmp/dnsmasq.conf | grep 'server='

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
ddwrt-ovpn-split-basic.sh (UPDATED!)
ddwrt-ovpn-split-advanced.sh (UPDATED!)
ddwrt-blacklist-domains.sh (UPDATED!)
ddwrt-ovpn-client-backup.sh
ddwrt-mount-usb-drives.sh
ddwrt-ovpn-remote-access.sh
ddwrt-pptp-policy-based-routing.sh
ArjenR49
DD-WRT User


Joined: 05 Oct 2008
Posts: 355
Location: Helsinki, Finland

PostPosted: Sun Aug 02, 2020 6:50    Post subject: Reply with quote
I haven't had too much time to try the commands Alozaros proposed, but also from earlier experience I knew that there's no such file on my R7800 as ip_conntrack. Instead I found a file called np_conntrack, which looks like it contains similar information (on which the active connections table seems to be based).

The most elaborate command
cat /proc/net/ip_conntrack | grep -Eo "^udp [^s]*src=$(nvram get wan_ipaddr) .*" | grep -Eo '^.*dport=53 ' | sort -k3,3rn
I couldn't get to produce anything even after changing the filename. I then tried it up to and including the first grep, but no dice. There are no lines starting with udp in that file.
And then it was time for bed ...
after noticing the latest 44044 had been pulled and checking if the problem with that build may concern the R7800, too.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 6360
Location: Netherlands

PostPosted: Sun Aug 02, 2020 6:59    Post subject: Reply with quote
try filename is nf_conntrack (depending on Kernel version (I think) it is ip_conntrack or nf_conntrack)
_________________
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
OpenVPN Policy Based Routing: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard Server setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
Wireguard Client setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324624
Wireguard Advanced setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324787
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8343

PostPosted: Sun Aug 02, 2020 14:57    Post subject: Reply with quote
Older systems, it's ip_conntrack. Newer systems, ip_conntrack has been deprecated in favor of nf_conntrack. Output of each is very similar, but different enough that that watch command (which looks like it's mine) probably needs some minor modifications.
_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
ddwrt-ovpn-split-basic.sh (UPDATED!)
ddwrt-ovpn-split-advanced.sh (UPDATED!)
ddwrt-blacklist-domains.sh (UPDATED!)
ddwrt-ovpn-client-backup.sh
ddwrt-mount-usb-drives.sh
ddwrt-ovpn-remote-access.sh
ddwrt-pptp-policy-based-routing.sh
yoyoma2
DD-WRT User


Joined: 24 Sep 2016
Posts: 151

PostPosted: Mon Aug 03, 2020 1:40    Post subject: Reply with quote
Have you tried variable dnsmasq_options? That's what easyddup uses to save/restore "Additional Dnsmasq Options".
Code:
nvram get dnsmasq_options
ArjenR49
DD-WRT User


Joined: 05 Oct 2008
Posts: 355
Location: Helsinki, Finland

PostPosted: Mon Aug 03, 2020 19:38    Post subject: Reply with quote
yoyoma2 wrote:
Have you tried variable dnsmasq_options? That's what easyddup uses to save/restore "Additional Dnsmasq Options".
Code:
nvram get dnsmasq_options


I have now ... Thanks!
To actually retrieve the value I want - out of the two available, IPv4 and IPv6 ... - I would also need grep, and then something like awk, I think. I have a copycatted example somewhere where I dissect a string, but no inspiration at the moment to find it and then make it work here. It would quickly become overly complicated, since I am the only one controlling this LAN & router and if I ever want to change the DNS server's address, I'm sure I will be able to find all occurences.
It just brings some neatness to any script, if there aren't a million copies of a constant ...
yoyoma2
DD-WRT User


Joined: 24 Sep 2016
Posts: 151

PostPosted: Tue Aug 04, 2020 20:38    Post subject: Reply with quote
Try these two:

For ipv4:

Code:
nvram get dnsmasq_options | grep 'server=' | egrep '(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)' | cut -d'=' -f2


For ipv6:

Code:
nvram get dnsmasq_options | grep 'server=' | egrep '(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]).){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]).){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))' | cut -d'=' -f2
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum