On 17/01/11 00:23, someone wrote:
If you have any ideas how to do dns doctoring with bind9 (or netfilter) please give me some hints ;)
Have you considered that this will break DNSSEC, and as time goes by, may not work at all (if clients become full validating DNSSEC resolvers)?
I'm a little curious why you don't leave the DNS responses unchanges, and instead NAT the actual IP traffic, which would surely have the same effect i.e.
iptables -t nat -A PREROUTING -d 245.243.3.5 -j DNAT --to 192.168.0.5 _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
