Dns doctoring/dnsmasq -V on bind?
Phil Mayers
p.mayers at imperial.ac.uk
Mon Jan 17 11:17:16 UTC 2011
On 17/01/11 00:23, someone wrote:
>
> If you have any ideas how to do dns doctoring with bind9 (or netfilter)
> please give me some hints ;)
Have you considered that this will break DNSSEC, and as time goes by,
may not work at all (if clients become full validating DNSSEC resolvers)?
I'm a little curious why you don't leave the DNS responses unchanges,
and instead NAT the actual IP traffic, which would surely have the same
effect i.e.
iptables -t nat -A PREROUTING -d 245.243.3.5 -j DNAT --to 192.168.0.5
More information about the bind-users
mailing list