-
-
Notifications
You must be signed in to change notification settings - Fork 544
DNS Configuration
Jason Lyu edited this page Feb 20, 2024
·
5 revisions
redirect all DNS query to 8.8.8.8
iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to 8.8.8.8:53;
iptables -t nat -A POSTROUTING -p udp -d 8.8.8.8 --dport 53 -o eth3 -j MASQUERADE;redirect only cloudflare DNS query to 8.8.8.8
iptables -t nat -A PREROUTING -p udp -d 1.1.1.1,1.0.0.1 --dport 53 -j DNAT --to 8.8.8.8:53;
iptables -t nat -A POSTROUTING -p udp -d 8.8.8.8 --dport 53 -o eth3 -j MASQUERADE;Since the above two systems do not have iproute2 support, DNS hijacking is relatively complicated on such systems. In macOS, Packet Filter (pf) could be used as an alternative, but I have not tested it yet.
Therefore, it is recommended to use mitm-based or customized proxy servers to implement proxy server-side DNS hijacking.
V2ray project can easily be adopted for this purpose, see this discussion: v2fly/v2ray-core#2441