DNS Manipulation via IPTables?

Taylor, Grant gtaylor at riverviewtech.net
Wed Nov 8 23:00:16 CET 2006

Dan Bogda wrote:
> Guys,
> I'm looking to see if an IPTables solution exists for NATing DNS
> responses? I am already using multiple views within Bind to address this
> and I would like to find a way to alter just the records I need, rather
> than deploy duplicate zones. I thought I could alter DNS responses with
> IPTables, but I can't find any reference to this. Does this
> functionality exist natively or via a plug-in module or not at all?

I think you could use the layer 7 match extension to match the packets, but
I don't know of a way that you could alter them, sort of using netlink to
send the packet to user space (if I have my terms correct).

Grant. . . .

More information about the netfilter mailing list