Wed Jul 20, 2011 9:04 pm
not exacly what i need.
if i use transparent dns proxy on that box it will catch both dns requests and other dns packets (like machine registrations).
If i catch other dns packets, my computers will not register in the main dns and most internal services (like active directory) will not work.
I was thinking about creating an nat rule that will transparently route dns packets, only if they are request type, and not anything else.
The closest thing that came to mind was L7 regex, but i dont know if it is possible to create an regex expression that will match on a bit-level information.
Is there any other solution?