look at ebtables instead. On Thu, Jul 17, 2014 at 11:23 AM, Phil Oester <kernel@xxxxxxxxxxxx> wrote: > On Wed, Jul 16, 2014 at 05:16:21PM +0430, Abogholo A wrote: >> i wrote this rule for change all udp destination ip address to 8.8.8.8 >> when dport is 53: >> >> iptables -t nat -A OUTPUT -p udp -m udp --dport 53 -j DNAT >> --to-destination 8.8.8.8 >> >> but when send this packet >> >> sr1(IP(dst="4.2.2.4")/UDP()/DNS(rd=1,qd=DNSQR(qname="iranled.com"))) >> >> iptables no effected to them >> >> why? > > Scapy uses raw sockets, which don't go through iptables. > > Phil > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
