I'd love a little #dnsmasq help. I've heard you can set it to only accept requests for a site from certain IPs. Is that correct? I'd like to configure it to only allow/forward the connection from Cloudflare's IPs. So I can have the "orange cloud" proxy on and make things a bit more secure for a server I'm setting up. This would be on a #ddwrt router, but that shouldn't make a difference.
Hmm. Dnsmasq is giving the IP phones addresses in the "guest" range. I wonder why it's doing that. They're being tagged correctly, but falling through into the default IP range. How peculiar.
I have a couple of dhcp-vendorclass directives in my #DNSMasq config, and a tag_if to condense them into a "this is an IP phone" tag, which is used to assign the IP address:
dhcp-vendorclass=set:phone_cisco,"Cisco Systems, Inc. IP Phone"
dhcp-vendorclass=set:phone_gigaset,"N510_IP_PRO"
tag_if=set:phone,tag:phone_*
dhcp-range=tag:phone,MIN_IP_REDACTED,MAX_IP_REDACTED,12h
If I re-enable the main range for phones, I see this in the dnsmasq log: