[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nanog
Subject:    Re: Asus wifi AP re-writing DNS packets
From:       Alarig Le Lay <alarig () swordarmor ! fr>
Date:       2020-10-29 9:41:43
Message-ID: 20201029094143.GF11371 () irc-clt ! no ! as208627 ! net
[Download RAW message or body]

On Thu 29 Oct 2020 02:10:25 GMT, Anurag Bhatia wrote:
> I tried deleting the rule and it drops the traffic completely. So DNS
> resolution stops working and I am unsure why. It's not like default drop or
> anything. I can edit the rule and whatever active port 53 related rule is
> there works. But I want case of no such rule at all. :-)

Did you try to add
	-t nat -A POSTROUTING -p tcp -m tcp --dport 53 -j ACCEPT
	-t nat -A POSTROUTING -p udp -m udp --dport 53 -j ACCEPT

after the deletion?

-- 
Alarig
[prev in list] [next in list] [prev in thread] [next in thread]