[dundee] iptables nuances and best practices question
Kris Davidson
davidson.kris at gmail.com
Sun Oct 5 16:15:38 UTC 2008
Should have said, I mean beyond the obvious one specifics source and
one specifies interface.
2008/10/5 Kris Davidson <davidson.kris at gmail.com>:
> So both of these rules do the same thing, which is intercept and
> redirect DNS requests, to stop people using their own and more
> importantly bloody OpenDNS. I'm just wondering if anyone has any
> opinions on which is better, cleaner etc or is it just a matter of
> preferred style.
>
> iptables -t nat -I PREROUTING -p udp -s 192.168.1.0/24 -d !
> 192.168.1.0/24 --dport 53 -j DNAT --to 192.168.1.1
> iptables -t nat -A PREROUTING -p udp -i br0 --dport 53 -j DNAT --to 192.168.1.1
>
> Kris
More information about the dundee
mailing list