Question

How can I change default DNS servers?

  • Posted May 4, 2014

How to block dns requests from google (8.8.8.8) and level3 (4.2.2.1, etc)?

I tried this with iptables but nothing happens:

iptables -A INPUT -s 8.8.8.8 -j DROP iptables -A OUTPUT -d 8.8.8.8 -j DROP iptables -A INPUT -s 8.8.4.4 -j DROP iptables -A OUTPUT -d 8.8.4.4 -j DROP iptables -A INPUT -s 4.2.2.1 -j DROP iptables -A OUTPUT -d 4.2.2.1 -j DROP iptables -A INPUT -s 4.2.2.2 -j DROP iptables -A OUTPUT -d 4.2.2.2 -j DROP iptables -A INPUT -s 4.2.2.3 -j DROP iptables -A OUTPUT -d 4.2.2.3 -j DROP iptables -A INPUT -s 4.2.2.4 -j DROP iptables -A OUTPUT -d 4.2.2.4 -j DROP iptables -A INPUT -s 4.2.2.5 -j DROP iptables -A OUTPUT -d 4.2.2.5 -j DROP iptables -A INPUT -s 4.2.2.6 -j DROP iptables -A OUTPUT -d 4.2.2.6 -j DROP

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Port 53 was blocked and /etc/network/interfaces also was configured with other DNS nameservers, but still receiving google and level 3 nameservers. <br> <br>

I just remembered that there is also in /etc/network/interfaces for Ubuntu/Debian. You can remove the last line <br>dns-nameservers 8.8.4.4 8.8.8.8 209.244.0.3

Empty your iptables rules using <br><pre>iptables -F <br>iptables -X</pre> <br>and try to block the port and ip with <br><pre>iptables -A INPUT -i eth0 -p tcp --destination-port 53 -s 8.8.8.8 -j DROP</pre>