I'm looking for solution to read DNS traffic, and reroute it before the client receives the answer (or if not possible: adding it to an address list to reroute next time)
But here's the thing: it has to be done as a "switch", so all packages have to pass as if the microtik wasn't there, except those packages i want to reroute. (no dhcp, natting, redirects,...)
So i'm using a mikrotik 450G
WAN on eth 3.
client on eth 2, "switched" to eth 3.
Let's say i want to reroute netflix.com. So if a dns request for netflix passes, the answer has to be read and the ip address added to an address list.
Then i can do with those adresses what i want.
I've tried it with adding a firewall rule to redirect all udp traffic containing"netflix" to port 53, and then run a script which adds it from the dns cache list.
This works, but i need to be able to do it without the firewall rule.
Is there a way i can read/save the dns cache without firewall rules? Or is there an other way to get these dns answers into an address list?
If yes, can i trigger my script on DNS traffic that passes?
Code: Select all
this is my script:
:foreach i in=[/ip dns cache find] do={
:local name [/ip dns cache get $i name];
:if ([:find $name "netflix"] > -1) do={
:local address [/ip dns cache get $i address];
# :log info $address;
/ip firewall address-list add address=$address list=netflix comment=$name;
}
}
