I tried disabling the dnsmasq process from hogging port 53 on the wan and wan6 interface.
By going into LUCI -> Network -> DHCP and DNS. and then adding wan and wan6 to the 'exclude interfaces' field
But when running netstat -tulpn on the cli the public ip address::53 are still listed under DNS (also after a restart)
How do I prevent dnsmasq from running there so that I can port forward WAN 53 to DEVICE 51820
The default firewall prevents all connections from the wan. You don’t need to do anything more.
Meanwhile, I have no idea why you want to use port 53 for wireguard, but I’d you are forwarding, just create a port forwarding rule with the souce-destination port 53 on the wan zone to your host at port 51820
I need to make sure my wireguard is accessible when I am sharing my mobile internet connection.
And as any good mobile provider secretly does, mine blocks most all ports. Only a hand full are allowed but good look figuring out which as it is undocumented and support requests are ignored.
Hence I need to try udp 53 first as that is DNS and should n9to be blocked by the ISP else risk the mobile internet not working for most to begin with.
1) in file /etc/config/dhcp
# in this config section
config dnsmasq
[]
# add the ip address of the interface you want dnsmasq to bind to
# probably you want to listen on loopback interface too
list listen_address '127.0.0.1'
list listen_address '<ip adddress>'
# save then restart service
$ service dnsmasq restart
# verify
netstat -nlp | grep 53
2) by default firewall blocks all incoming traffic via wan
hence you need to setup port forward