[dundee] iptables nuances and best practices question
Kris Davidson
davidson.kris at gmail.com
Sun Oct 5 16:13:40 UTC 2008
So both of these rules do the same thing, which is intercept and
redirect DNS requests, to stop people using their own and more
importantly bloody OpenDNS. I'm just wondering if anyone has any
opinions on which is better, cleaner etc or is it just a matter of
preferred style.
iptables -t nat -I PREROUTING -p udp -s 192.168.1.0/24 -d !
192.168.1.0/24 --dport 53 -j DNAT --to 192.168.1.1
iptables -t nat -A PREROUTING -p udp -i br0 --dport 53 -j DNAT --to 192.168.1.1
Kris
More information about the dundee
mailing list