Hi!
Some of my devices use an hard-coded DNS server, i.e. 8.8.8.8. I like to re-direct this DNS traffic to my local unbound DNS server by using the firewall script of my AC86 router. I use the following IPTABLES commands. The rule is added correctly to iptables.
Are these rules correct and how can I check if it works?
"$(nvram get dhcp_dns1_x)" simply reads my local DNS server's IP address from the according system variable. This works, the rule is correctly added to iptables.
After adding the rule, iptables says:
Some of my devices use an hard-coded DNS server, i.e. 8.8.8.8. I like to re-direct this DNS traffic to my local unbound DNS server by using the firewall script of my AC86 router. I use the following IPTABLES commands. The rule is added correctly to iptables.
Are these rules correct and how can I check if it works?
Code:
iptables -t nat -A PREROUTING -p udp -d 8.8.8.8 --dport 53 -j DNAT --to $(nvram get dhcp_dns1_x):53
iptables -t nat -A PREROUTING -p tcp -d 8.8.8.8 --dport 53 -j DNAT --to $(nvram get dhcp_dns1_x):53
"$(nvram get dhcp_dns1_x)" simply reads my local DNS server's IP address from the according system variable. This works, the rule is correctly added to iptables.
After adding the rule, iptables says:
Code:
Chain PREROUTING (policy ACCEPT 37 packets, 2693 bytes)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT all -- eth0 * 0.0.0.0/0 224.0.0.0/4
2 12 930 GAME_VSERVER all -- * * 0.0.0.0/0 xxx.xxx.xxx.xxx
3 12 930 VSERVER all -- * * 0.0.0.0/0 xxx.xxx.xxx.xxx
4 0 0 DNAT udp -- * * 0.0.0.0/0 8.8.8.8 udp dpt:53 to:192.168.1.53:53
5 0 0 DNAT tcp -- * * 0.0.0.0/0 8.8.8.8 tcp dpt:53 to:192.168.1.53:53