hijack dns

 

# 192.168.15.1 = local dns server

uci add firewall redirect
uci set firewall.@redirect[0].name='hijack_dns'

uci set firewall.@redirect[0].src=lan
uci set firewall.@redirect[0].proto=tcp
uci set firewall.@redirect[0].src_dport=53
uci set firewall.@redirect[0].src_dip='!192.168.15.1'

uci set firewall.@redirect[0].dest_ip=192.168.15.1
uci set firewall.@redirect[0].dest_port=53
uci set firewall.@redirect[0].target='DNAT'

uci commit firewall

/etc/init.d/firewall restart