I have iptables blocking all UDP traffic at the moment, however I want to allow only certain DNS queries to get through.
Let's use google.com as an example.
I am trying to use string matching to find the domain name in the request, and allow it. This is what I came up with.
iptables -A OUTPUT -o eth0 -p udp --sport 53 -m string --string "google.com" --algo bm -j ACCEPTI have also tried --dport 53 instead of --sport. No dice.
If anyone knows how this can be done or see's where I went wrong?
