iptables on 7800N

Post Reply
tman24
Posts: 16
Joined: Sat May 05, 2012 10:57 am

iptables on 7800N

Post by tman24 » Sat Feb 01, 2014 11:35 am

Having recently bought a Chromecast, and finding out Google have hard baked their own DNS servers into the config, I need to be able to modify the iptables rules on my 7800N to allow me to nat any internal DNS requests to 8.8.8.8/8.8.4.4 to DNS servers of my own choice. I know the commands I need to use, which are;

iptables -t nat -A PREROUTING -d 8.8.8.8 -j DNAT --to-destination <my DNS server IP>
iptables -t nat -A PREROUTING -d 8.8.4.4 -j DNAT --to-destination <my DNS server IP>

It doesn't look like the firewall options in the web gui have the functionality to allow this, but I seem to be able to list/manipulate the iptables rules from the command line..... but, having entered the necessary commands (which seemed to be accepted), iptables --list doesn't show them. Do I need to specify a particular CHAIN to use (I thought PREROUTING should be enough), or can't I actually modify the firewall rules via the CLI? If I can't use these rules, I'm going to lose a lot of Chromecast functionality, which would be a real shame.

Firmware is the latest 1.06h.

tman24
Posts: 16
Joined: Sat May 05, 2012 10:57 am

Re: iptables on 7800N

Post by tman24 » Sat Feb 01, 2014 12:14 pm

Actually, there doesn't seem to be a PREROUTING chain on the 7800N. Are any of the pre-configured chaines for pre-routing, or if I add a pre-routing chain, will it be processed normally?

tman24
Posts: 16
Joined: Sat May 05, 2012 10:57 am

Re: iptables on 7800N

Post by tman24 » Wed Feb 05, 2014 9:14 pm

Ok, well, managed to fix it in the end - by trial and error more than anything. For those interested, here's the solution;

SSH to your Billion router and login

Type these commands;

iptables -t nat -A PREROUTING -d 8.8.8.8 -p udp --dport 53 -j DNAT --to-destination <your preferred DNS server>
iptables -t nat -A PREROUTING -d 8.8.4.4 -p udp --dport 53 -j DNAT --to-destination <your prefeffed DNS server>

After pressing return on each command you should see.... nothing. No response is good!

Verify your NAT settings with this command;

iptables -v -L -t nat

A whole list of output will scroll by, but if you scroll back up, you should see your new commands in the firewall rule list.

You can type 'save' at this point, but I'm not 100% sure these changes will survive a reboot. I reboot my 7800N once in a blue moon, so not a problem for me.

jimjam
Posts: 6
Joined: Thu May 17, 2012 2:34 pm

Re: iptables on 7800N

Post by jimjam » Sat Mar 29, 2014 8:14 pm

Hey thanks for the tip.
I was a bit disappointed (but of course not surprised) to find that Goog had enforced their DNS.
I actually like to use google DNS as a general rule, but I want to use unotelly regional unblocking for selecting netflix region etc.
This is exactly what I was looking for...
Out of interest is it persistent after a reboot of the router?

Post Reply