Hi All
My setup using iptables has been working well. I have the following code to redriect all dns requests back to my pihole
Now what i am setting up is a backup pihole + keelalived for a virtual ip. I plan on setting the dns setting under lan to the virtual ip. I want to figure out how i can update the above rule so it checks this for 3 different source ip's. I dont know enough about iptables to figure out how configure it so that it only allows 3 specific ip's to make dns calls.
I have looked at the DNS filter page and that looks promising with the router option. How ever it does filtering based on mac address and my 2nd Pihole will be a docker container so its mac address might change. So i was thinking if it was possible to do this with iptables it might require less hand holding.
My setup using iptables has been working well. I have the following code to redriect all dns requests back to my pihole
Code:
iptables -t nat -A PREROUTING ! -s 192.168.1.63 -i br0 -p tcp --dport 53 -j DNAT --to 192.168.1.63:53
iptables -t nat -A PREROUTING ! -s 192.168.1.63 -i br0 -p udp --dport 53 -j DNAT --to 192.168.1.63:53
Now what i am setting up is a backup pihole + keelalived for a virtual ip. I plan on setting the dns setting under lan to the virtual ip. I want to figure out how i can update the above rule so it checks this for 3 different source ip's. I dont know enough about iptables to figure out how configure it so that it only allows 3 specific ip's to make dns calls.
I have looked at the DNS filter page and that looks promising with the router option. How ever it does filtering based on mac address and my 2nd Pihole will be a docker container so its mac address might change. So i was thinking if it was possible to do this with iptables it might require less hand holding.