[WLANware] Default DNS problems in recent Freifunk
Bastian Bittorf
bittorf at bluebottle.com
Thu Mar 20 18:35:24 CET 2008
> iptables -t nat -I PREROUTING -d 217.146.139.5 -p udp --dport 53 -j DNAT
> --to 192.168.2.2:53
This seems to be not correct.
A connected client asks the local running DNS-server
for the DNS-resolution. Then the local DNS-server asks
the internet-DNS-server and sends the answer further to
the client. From Local generated Traffic does not go trough
PREROUTING, ergo you have to use:
-------------
GATEWAY="$( ip route list exact 0/0 | head -n1 )"
if [ -n "$GATEWAY" ]; then
eval $(netparam) # to have $WANADR
iptables -t nat -I POSTROUTING -p udp --dport 53 -j DNAT
--to-destination $GATEWAY
fi
--------------
Of course this can be done much cleaner/better 8-)
bye, Bastian.
More information about the WLANware
mailing list