Redirect local DNS query to remote DNS server on non standard port?

rock_ya_baby · 02-19-2010, 01:16 PM

The issue is that my CentOS workstation is in a vlan from where the Intranet's DNS servers are unreachable.

For browsing the web there is an ISA proxy server, which I presume resolves DNS for my firefox. However, wget, host, ping and aria2c fail to get any sort of DNS resolution since they're being run from command line.

I have exported HTTP_PROXY value, which provides me internet access on console, but,only when I connect using IP address. It fails on name resolution.

--

My question is:

May I redirect the DNS queries to my home PC which would be running a DNS server on a non standard port?

I was thinking of putting

nameserver 127.0.0.1 in /etc/resolv.conf

and then put iptables rule to redirect 127.0.0.1:53 UDP to a.public.ip.address:3535 UDP

I don't know if I am shooting blanks or what, I am not very much aware of this kind of setup.

--

My main need is to provide DNS resolution to console apps.

I want to utilize my company's idle bandwidth for bulk downloads, so, using proxy, SSH tunneling through my Home PC is out of question.

Any ideas that I can read upon?

MensaWater · 02-19-2010, 01:58 PM

It sounds as if you have an http proxy working and what you need is a command line proxy.

You might want to have a look at this article to see if it helps you do that (I haven't done this myself but it looks like it may be what you need):

http://www.aboutdebian.com/proxy.htm

P.S. But iptables exists on other distros so it can probably be adapted fairly easily.

rock_ya_baby · 02-20-2010, 11:52 AM

^ I thought I made my query simple

Well, I don't require help in setting up HTTP proxy for command line, that I already have. Please read the post once again.

Web31337 · 02-20-2010, 12:00 PM

why hack iptables rules? why use unstandard port for DNS? It is not meant to be installed on other port than 53, like some other standard internet services. i think a better solution will be configure iptables on your home pc allowing only your company external IP/subnet to interact with your port 53. isn't that a good idea?

rock_ya_baby · 02-20-2010, 11:22 PM

The reason behind running it on different port on my home PC is because outgoing 53 is blocked at my work place.

My requirement is only to resolve DNS using a server which is outside my office network and hopefully running DNS on some other port than 53.

Web31337 · 02-21-2010, 06:25 AM

Oh... then the only idea I have here is to use a tool like openvpn or something.
Out of other ideas.
Interesting question.
It better fits in "Networking" forum.

MensaWater · 02-22-2010, 08:31 AM

Quote:

Originally Posted by rock_ya_baby

^ I thought I made my query simple

Well, I don't require help in setting up HTTP proxy for command line, that I already have. Please read the post once again.

I didn't suggest an "http" proxy. Maybe YOU should read once again.

Better yet just blow it out your wazoo.

sowmika · 04-13-2010, 04:06 AM

Spam removal.

bathory · 04-13-2010, 04:31 AM

@OP

Quote:

The reason behind running it on different port on my home PC is because outgoing 53 is blocked at my work place.

My requirement is only to resolve DNS using a server which is outside my office network and hopefully running DNS on some other port than 53.

You can use forwarders:

Code:

forward only;
forwarders {x.x.x.x port yy;};