Iptables to redirect DNS lookup IP and Port

Perform all of these instructions as root (sudo).

Edit this file.

/etc/NetworkManager/NetworkManager.conf

Disable DnsMasq by commenting out the line dns=dnsmasq. Put a # in front of the line

#dns=dnsmasq

Restart your networking.

service network-manager restart

Add these iptable rules.

iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to 23.226.230.72:5353
iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to 23.226.230.72:5353

It looks as if what you are really after is to be in control of what happens with your DNS queries.

I'm not sure using iptables would be my preferred solution.

Have you thought about setting up a local DNS server which simply forwards your requests to the host and port you want? One example: using the bind9 forwarders option you can add a port to a forwarder.

Such a set-up is much easier to maintain and troubleshoot, and may be much more flexible. Consider the advantage of cacheing, or just consider the case in which your external DNS server is down. You can have multiple forwarders in your DNS configuration, but only one IP in iptables rules... .

There is a good overview of the setup of bind9 in a tutorial at digital ocean. Just add the port to the forwarders and you should be all set.

Bind9 doesn't consume much resources at all and is easily configured (or at least: easier than iptables :-) )

Try this:

First you must enable the forwarding option in

/etc/sysctl.conf

Set to one the value of

net.ipv4.ip_forward = 1

Enable the changes

sysctl -p 

Save and run the following:

iptables -t nat -A PREROUTING -p tcp --sport 53 -j DNAT --to-destination 23.226.230.72:5353
iptables -t nat -A POSTROUTING -j MASQUERADE

If you could specify the in-interface (-i eth1) in PREROUTING or/and out-interfect (-o eth0) IN POSTROUTING could be useful.

NOTE: MASQUARADE line is necessary while this mask the destination IP with the main IP.