I have a linux ISP server that I am running which has modem and ppp running at work for testing purpose for devices..

What devices does is logon to ISP server via ppp and then trying a DNS lookup to get to next server.

Problem is, I need that DNS lookup to happen on that ISP server I am running but it looks like device has DNS IP hard coded in there.

So I thought of doing iptables translation somehow but not too familiar..

so iptables should be stating like..

if destination ip is 200.200.200.1 for DNS, change that destination ip for 215.215.215.1

is that possible? I am not even sure if I should use OUTPUT or what.. can someone please point me to rite direction?

thank you.

Hi,
that's doable with iptables, by using the DNAT target in the PREROUTING chain in the NAT table:
iptables -t nat -A PREROUTING -p udp --dport 53 -d 200.200.200.1 -j DNAT --to-dest 215.215.215.1

BUT, I don't see why you would need that... your DNS server is specified in /etc/resolv.conf.
If you edit this file, you'll see the IP address that you currently use.
If you replace it by the one you want to use, that should be it.
Also, this file can be overwritten (by your dhcp client, or maybe by your ppp connection script), so you may want to check if the modification you make do not "disappear" after a while...

Last point, if you need only 1 DNS query to be made to this specific server, you can use:
nslookup www.google.com 215.215.215.1
which will force the query for google to be made to the 215.215.215.1 nameserver.

Hope this helps...

hi, i will try your iptable solution..

the reason we needed to do this was the fact that client device had dns ip hard coded into it..

we did resolve the issue by putting lo:1 's ip to that particular dns but I want to learn more about iptables and will try yours & let you know.

thank you.