Jump to content
TorGuard
  • 0
Sign in to follow this  
19807409

Stop your ISP from DNS Interception (another way)

Rate this question

Question

19807409

I have posted already how to prevent hijacking of your DNS by your IP.

 

There are some ISP's like Verizon, T-Mobile, ... which do send all traffic over port 53 (yes, they hijack your DNS), regardless of which DNS servers you use.

 

Here is how to get rid of that and redirect it to some another address with help of iptables instead editing dnsmasq in WebIF (which is still my preferable solution for most tasks), in this example I'll redirect all dns requests to my custom dns server, to lan1 in this case, which is my local DNS Server ;)

 

Openwrt (I think ddwrt should work too, but I did not test it on ddwrt but basicly it should be the same, just check the names of devices)

iptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to 192.168.1.1

On openwrt and other releases, switch on masquerading, it is required.

 

Now a question to TorGuard, do you/can you offer alternative ports for those who maybe can't use first method described, neither this second solution.

 

To find out what is going on through your DNS port, read here.

Share this post


Link to post
Share on other sites

0 answers to this question

Recommended Posts

There have been no answers to this question yet

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...