Hallo Forum,
ich würde gerne die Hardcoded DNS auf mein PI Hole umbiegen. Das es direkt aus der GUI nicht geht, habe ich verstanden. Aber auch ein natable eintrag per SSH löst mein Problem nicht:
führt zu
Code
Chain PREROUTING (policy ACCEPT 174 packets, 27091 bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT udp -- eth1 any anywhere anywhere udp dpt:domain to:192.168.0.0
0 0 DNAT udp -- eth1 any anywhere anywhere udp dpt:domain to:192.168.0.2
81898 9549K DNSFILTER all -- any any anywhere anywhere
2926 202K UBIOS_REDIRECTOR all -- any any anywhere anywhere mark match 0x1000000/0x1000000
2431K 228M UBIOS_PREROUTING_JUMP all -- any any anywhere anywhere
81842 9545K HONEYPOT all -- any any anywhere anywhere
Chain INPUT (policy ACCEPT 35 packets, 2543 bytes)
pkts bytes target prot opt in out source destination
824K 74M UBIOS_INPUT_JUMP all -- any any anywhere anywhere
Chain OUTPUT (policy ACCEPT 427 packets, 25695 bytes)
pkts bytes target prot opt in out source destination
7934K 477M UBIOS_OUTPUT_JUMP all -- any any anywhere anywhere
Chain POSTROUTING (policy ACCEPT 420 packets, 25026 bytes)
pkts bytes target prot opt in out source destination
8981K 587M UBIOS_POSTROUTING_JUMP all -- any any anywhere anywhere
Chain DNSFILTER (1 references)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- any any 192.168.42.0/24 anywhere tcp dpt:domain to:203.0.113.2:53
36 2352 DNAT udp -- any any 192.168.42.0/24 anywhere udp dpt:domain to:203.0.113.2:53
Chain HONEYPOT (1 references)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- any any anywhere 192.168.0.3 tcp dpt:ssh to:192.168.0.3:2222
0 0 DNAT tcp -- any any anywhere 192.168.0.3 tcp dpt:www to:192.168.0.3:8000
Chain UBIOS_INPUT_JUMP (1 references)
pkts bytes target prot opt in out source destination
Chain UBIOS_OUTPUT_JUMP (1 references)
pkts bytes target prot opt in out source destination
Chain UBIOS_POSTROUTING_JUMP (1 references)
pkts bytes target prot opt in out source destination
122K 7957K UBIOS_POSTROUTING_USER_HOOK all -- any any anywhere anywhere
Chain UBIOS_POSTROUTING_USER_HOOK (1 references)
pkts bytes target prot opt in out source destination
1275K 128M MASQUERADE all -- any eth8 anywhere anywhere /* 00000001095216660481 */
0 0 MASQUERADE all -- any eth9 anywhere anywhere /* 00000001095216660482 */
Chain UBIOS_PREROUTING_JUMP (1 references)
pkts bytes target prot opt in out source destination
Chain UBIOS_REDIRECTOR (1 references)
pkts bytes target prot opt in out source destination
2926 202K UBIOS_REDIRECTOR_1 all -- any any anywhere anywhere
Chain UBIOS_REDIRECTOR_1 (1 references)
pkts bytes target prot opt in out source destination
8 504 REDIRECT tcp -- any any anywhere anywhere tcp dpt:www redir ports 39080
4 248 REDIRECT tcp -- any any anywhere anywhere tcp dpt:8881 redir ports 39080
30 1920 REDIRECT tcp -- any any anywhere anywhere tcp dpt:https redir ports 39443
1 64 REDIRECT tcp -- any any anywhere anywhere tcp dpt:domain redir ports 53
2883 199K REDIRECT udp -- any any anywhere anywhere udp dpt:domain redir ports 53
Alles anzeigen
was ja erstmal nicht ganz verkehrt aussieht. Funktioniert aber nicht. Ein nslookup mit 8.8.8.8 einer lokalen domain landet beim google dns der natürlich nicht auflösen kann.
Code
C:\WINDOWS\system32>nslookup uwes.hausit 8.8.8.8
Server: dns.google
Address: 8.8.8.8
*** uwes.hausit wurde von dns.google nicht gefunden: Non-existent domain.
Jemand eine Idee was noch fehlt bzw woran es hängt?