Specifying the interfaces and listen addresses together (only need one or the other, but just to be sure)
Using the expanded notation for the server keyword, and using it to specify which DNS nameserver to use for traffic from different sources. Now different LANs can use different DNS.

/etc/dnsmasq.conf

# don't send external traffic that is missing a domain
domain-needed
# don't send external traffic that has bogus private ip
bogus-priv
## set the local domain
#domain=anon
#local=/anon/
# listen on these interfaces and only these interfaces
interface=lo
listen-address=127.0.0.1
interface=wlan1
listen-address=192.168.10.1
bind-interfaces
# define range of IP addresses to hand out
dhcp-range=192.168.10.100,192.168.10.150,255.255.255.0,24h
# don't read /etc/resolv.conf
no-resolv
# define what to do if no name resolution
# the notation for server used here is
# <dest-ip>/<src-ip>
# local dns queries use pihole dns server
server=127.53.0.1/127.0.0.1
# lan10 dns queries use pihole dns server
server=127.53.0.1/192.168.10.1
## lan20 dns queries use google
#server=8.8.8.8/192.168.20.1
# send dnsmasq logs to a single place
log-facility=/var/log/dnsmasq.log

Iptables Reconfiguration

Update the iptables rules to allow better protection of the server and be less permissive:

Ubuntu/Bespin/Iptables

/

Related Pages

Ubuntu/Bespin/TIL - the summary of "today I learned" things that I learned while setting up Bespin

~~Ubuntu/Bespin/Second AP Tunnel~~ - this ended in failure, twice. short version: you can't have multiple simultaneous PIA tunnels in OpenVPN without significant extra configuration, so no need to go this above and beyond.

~~Ubuntu/Bespin/Wifi Repeater~~ - using bespin to run hostapd and make a wifi repeater

Ubuntu/Bespin

From charlesreid1

Contents

Inital Setup

Gnome Setup

Ansible Setup

Wifi Access Point Setup

VPN Tunnel

Connect AP to VPN Tunnel

PiHole

OpenVPN Server

Brushup of dnsmasq Config

Iptables Reconfiguration

Related Pages