Check that your script /root/firewall-start.sh is executable. And how do you test that it is working? This script will be called following own NG's logic (I do not know when, but not immediately). Just for test try to run it manually. Then is everything is OK and your rules are working, leave it. FW will call this your script when changing rules (adding your's).I would like to redirect all DNS calls to another internal IP so client DNS is forced through it, how do I do that? I tried adding iptable rules in /root/firewall-start.sh but I can't get it to work...
Thanks!
Check that your script /root/firewall-start.sh is executable. And how do you test that it is working? This script will be called following own NG's logic (I do not know when, but not immediately). Just for test try to run it manually. Then is everything is OK and your rules are working, leave it. FW will call this your script when changing rules (adding your's).
Voxel.
Congratulations! The most important that you were able to find a solution yourself.Never mind, I think I got it working!
For those interested...
iptables -t nat -A PREROUTING ! -s 192.168.1.2/32 ! -d 192.168.1.2/32 -p tcp -m tcp --dport 53 -j DNAT --to-destination 192.168.1.2:53
iptables -t nat -A PREROUTING ! -s 192.168.1.2/32 ! -d 192.168.1.2/32 -p udp -m udp --dport 53 -j DNAT --to-destination 192.168.1.2:53
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!