Am 25.05.20 um 03:02 schrieb ad^2: > Does anyone have examples showing the use of a raw expression to > filter DNS domain name information? > > I'm trying to DNAT a packet to a specific DNS server's IP address when > the domain name in the query is a match. > > Ex. if the domain in the query is yahoo.com then redirect to 8.8.8.8 > > I am not sure on the hex syntax. > > What is not working: > > add rule mytable prerouting meta l4proto udp udp dport 53 > @th,160,120 0x057961686f6f03636f6d00 dnat 8.8.8.8 > > and > > add rule mytable prerouting meta l4proto udp udp dport 53 @th,160,120 > 0x057961686f6f03636f6d dnat 8.8.8.8 > > I used the hex values directly from the packet capture. a terrible idea to even consider on netfilter level that has to be done on the dns resolver and the only job of netfilter is forbid outside nameservers at all
