Originally Posted by schandran
If I had to guess (using the iptables man pages)
I'd think its creating a rule to that says all packets with a destination of udp port53 be sent to destination 220.127.116.11
You're absolutely right.
table (accessed using the "-t nat" parameter to iptables
) contains chains with rules that modify the source or destination IP addresses of packets, and/or port numbers if the TCP or UDP protocol is used.
This particular rule is added to the PREROUTING chain, which contain rules for changing the destination addresses (and/or port numbers) of packets. It says "any UDP packets sent to destination port 53 [which is the port used by the DNS service] should be handled by the DNAT target".
The parameters to the DNAT target tells it to alter the destination address to 18.104.22.168 (and leave the port number as-is). This will cause all DNS queries to be redirected to 22.214.171.124, which is the IP address of one of Google's publicly available DNS servers.