Page 1 of 1

How to redirect traffic from googledns to other dns provider

Posted: Tue Dec 09, 2014 12:29 am
by MikroTikFan
Please help me to implement following iptables instruction which redirect LAN traffic from google dns to other dns provider (69.42.56.54).

iptables -I PREROUTING -t nat -p udp -d 8.8.4.4 --dport 53 -j DNAT --to-destination 69.42.56.54
iptables -I PREROUTING -t nat -p udp -d 8.8.8.8 --dport 53 -j DNAT --to-destination 69.42.56.54

Additionally this should work not for whole LAN just only for 3 internal (LAN) IP 192.168.10.40, 192.168.10.43, 192.168.10.50.

Re: How to redirect traffic from googledns to other dns prov

Posted: Tue Dec 09, 2014 5:13 am
by CelticComms
Use destination NAT rules in IP Firewall.

Re: How to redirect traffic from googledns to other dns prov

Posted: Tue Dec 09, 2014 7:39 am
by MikroTikFan
correct?
/ip firewall nat add chain=dstnat protocol=udp src-address=192.168.10.40 dst-address=8.8.8.8 src-port=53 action=dst-nat to-addresses=69.42.56.54 to-port=53

to make same as:
iptables -I PREROUTING -t nat -p udp -d 8.8.8.8 --dport 53 -j DNAT --to-destination 69.42.56.54 only for LAN IP-192.168.10.40 ?

Re: How to redirect traffic from googledns to other dns prov

Posted: Tue Dec 09, 2014 4:00 pm
by CelticComms
You have the src port in the rule - should be dst port. The client could use a variety of ports as the src port.

Re: How to redirect traffic from googledns to other dns prov

Posted: Tue Dec 09, 2014 10:42 pm
by MikroTikFan
/ip firewall nat add chain=dstnat protocol=udp src-address=192.168.10.40 dst-address=8.8.8.8 dst-port=53 action=dst-nat
to-addresses=69.42.56.54 to-port=53

???

Re: How to redirect traffic from googledns to other dns prov

Posted: Tue Dec 09, 2014 11:49 pm
by skillful
By using dst-address-list and src-address-list, you can accomplish your aim with only one rule.
/ip firewall nat 
add chain=dstnat protocol=udp dst-address-list=google_dns dst-port=53 action=dst-nat 
to-addresses=69.42.56.54 to-port=53 src-address-list=no_google_dns

/ip firewall address-list
add address=8.8.4.4 list=google_dns
add address=8.8.8.8 list=google_dns
add address=192.168.10.40 list=no_google_dns
add address=192.168.10.43 list=no_google_dns
add address=192.168.10.50 list=no_google_dns

Re: How to redirect traffic from googledns to other dns prov

Posted: Thu Dec 11, 2014 12:31 am
by MikroTikFan
Thanks !!!