[Packetfence-users] Intercepting hard-coded DNS servers in reg/isolation

Rich Graves Fri, 09 Mar 2012 09:45:24 -0800

Any reason not to do this at the end of conf/iptables.conf? It will catch 
devices configured to use OpenDNS, Google DNS, etc.


-A PREROUTING -s (quarantine net) ! -d (quarantine if) -p udp --dport 53 -j 
DNAT --to-destination (quarantine if) 
-A PREROUTING -s (isolation net) ! -d (isolation if) -p udp --dport 53 -j DNAT 
--to-destination (isolation if)

------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing 
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/

_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[Packetfence-users] Intercepting hard-coded DNS servers in reg/isolation

Reply via email to