====== Replace ISC DHCP Server with dnsmasq ======

This guide is for EFW 3.2 versions and newer.

===== Upgrade the GUI =====
dnsmasq is a light weight DNS resolver and DHCP server, with simple configuration and still great functionality. I prefer it over the built in ISC DHCP server, so I adapted some scripts to be able to use dnsmasq as DHCP server in Endian Firewall 3. SSH into the box, then do the following:
  - copy {{:efw:dhcp30.cgi|dhcp30.cgi}} into /home/httpd/cgi-bin (this is the dhcp.cgi taken from version 3.0, as from version 3.2, it's contents are integrated into another script)
  - copy {{:efw:dnsmasq.cgi|dnsmasq.cgi}} into /home/httpd/cgi-bin (this is the script displaying DNSmasq leases, based on the dhcp.cgi taken from version 3.0)
  - copy {{:efw:menu-dhcp.pl|menu-dhcp.pl}} into /home/httpd/menus/main (modified menu for the DHCP services)
  - copy the config files into /etc/dnsmasq/dnsmasq.d: {{ :efw:leases.conf |leases.conf}}, {{:efw:local.conf|local.conf}}, {{:efw:network.conf|network.conf}}, {{:efw:settings.conf|settings.conf}} 

===== Configuration =====
Separating the config for dnsmasq into those 4 files will simplify your admin efforts to keep them updated, or even to transfer them to another Endian Firewall. Note also the following: dhcp30.cgi and dnsmasq.cgi do not exist in EFW3, but menu-dhcp.pl will get overwritten when you upgrade the firewall. You might want to keep a copy as menu-dhcp.pl.new, then you can simply copy this file back to menu-dhcp.pl after an upgrade.

You might also want to remove the fixed lease file of the ISC DHCP server with the following command. The second line is an example for it's content:<code>rm /var/efw/dhcp/fixleases
dc:fe:07:e0:4d:63,192.168.1.41,on,,,,titan</code>

==== SFTP commands ====
Use the following commands to copy the settings from/to the firewall. This assumes commands entered from a Synology NAS with DSM 6.2 or newer.
  /bin/sudo sftp -o "IdentityFile=~/.ssh/id_rsa" <efw-machine>
  sftp> get -r /etc/dnsmasq
  sftp> put -r /etc/dnsmasq
  sftp> !ls
Use "!" to execute linux commands without leaving sftp. See [[https://www.comparitech.com/net-admin/sftp-commands-cheat-sheet/|SFTP commands cheat sheet]].

===== DNSmasq =====
  * [[https://www.linux.com/training-tutorials/dnsmasq-easy-lan-name-services/|Dnsmasq For Easy LAN Name Services]]