Redirect one public IP to another

xvalentinex · 01-10-2007, 11:19 AM

Helly guys/gals,

I've never been good at iptables, just enough to do basic firewalling. My situation is that I have 200 or so clients all statically set with private ip's. I am having to change DNS servers and the IP's for the DNS servers currently set in all these clients is going to become inactive. I am looking to redirect these old DNS IP's to the new ones, until I can get all these clients switched to DHCP.

Let's have an example.

Client A is set as:
IP : 192.168.0.5
NETMASK : 255.255.255.0
GATE : 192.168.0.1
DNS1 : 65.200.200.200
DNS2 : 65.200.200.201

So the 65.200.200.200 and 201 are going to be inactive, and the new DNS's are 69.100.100.100 and 69.100.100.101

How can I redirect any DNS request to 65.200.200.200 to 69.100.100.100?

I realize that this will mean that no one will be able to access 65.200.200.200 while this rule is in place, but that is fine.

TIA,
-xvalx

amitsharma_26 · 01-10-2007, 11:56 AM

Stand @ Gateway box & run..

Code:

iptables -t nat -A PREROUTING -i LAN_IF -s LAN/LAN_MASK -d 65.200.200.200 -p udp -j DNAT --to 69.100.100.100
iptables -t nat -A PREROUTING -i LAN_IF -s LAN/LAN_MASK -d 65.200.200.201 -p udp -j DNAT --to 69.100.100.101

Basically dns queries are udp packets but since they can fall back on tcp protocol, make sure to add rule for tcp packets (if face problems).

p.s: If you run some fully configured firewall, you got to all these packets to traverse through FORWARD chain as well.

xvalentinex · 01-10-2007, 03:30 PM

brilliant! I will give it a whirl