From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jason Opperisano Subject: Re: DNS and NAT Date: Mon, 11 Jul 2005 15:41:13 -0400 Message-ID: <20050711194113.GA17435@bender.817west.com> References: Mime-Version: 1.0 Return-path: Content-Disposition: inline In-Reply-To: List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: netfilter-bounces@lists.netfilter.org Errors-To: netfilter-bounces@lists.netfilter.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: netfilter@lists.netfilter.org On Mon, Jul 11, 2005 at 12:37:31PM -0700, Suzana Lojic-Skoric wrote: > Does DNS work with iptables NAT or I need some kind of ALG to get DNS > answers translated? > > I am using Mandrake Linux 10.0. I have two way NAT going on and I am trying > to get DNS requests through the NAT. I got FTP, HTTP and SMTP working > through the NAT, but DNS is not working properly, DNS answer is not getting > translated. nor should it be. > Source and Destination addresses in DNS message are properly > translated, but the actual answer (the ip address embedded in the message) > is not translated. which is exactly how it's supposed to work. how the $%#@ is iptables supposed to know what to rewrite the answer to? if you are using BIND, look into the functionality offered by "views." -j -- "Peter: You know, I oughta just give you some beer. Goes straight through you. Stewie: Wonderful. And while we're at it, we can light up a doobie and watch porn. Peter: Eh... yeah?" --Family Guy