On Mon, 10 Dec 2012, Gerald McNulty wrote:
Is it possible to use unbound as a captive DNS resolver? That is, all DNS
traffic that is leaving the network will be
redirected to unbound which will perform the resolution instead of any remote
DNS server.
I'm already using the python module so adding code to that would be fine, but
how would I retrieve the DNS server that was
queried and set that in the response?
Why not just DNAT the traffic to your DNS server?
(from top of head, no guarantees)
iptables -I PREROUTING -t nat -j DNAT -s yourlan/mask -p udp --dport 53
--to-destination IP.UNBOUND.SERVER
iptables -I PREROUTING -t nat -j DNAT -s yourlan/mask -p tcp --dport 53
--to-destination IP.UNBOUND.SERVER
(-p all does not seem to work with --dport in my experience)
Paul
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
