Originally Posted by schandran
If I had to guess (using the iptables man pages)
I'd think its creating a rule to that says all packets with a destination of udp port53 be sent to destination 18.104.22.168
You're absolutely right.
table (accessed using the "-t nat" parameter to iptables
) contains chains with rules that modify the source or destination IP addresses of packets, and/or port numbers if the TCP or UDP protocol is used.
This particular rule is added to the PREROUTING chain, which contain rules for changing the destination addresses (and/or port numbers) of packets. It says "any UDP packets sent to destination port 53 [which is the port used by the DNS service] should be handled by the DNAT target".
The parameters to the DNAT target tells it to alter the destination address to 22.214.171.124 (and leave the port number as-is). This will cause all DNS queries to be redirected to 126.96.36.199, which is the IP address of one of Google's publicly available DNS servers.