DNS hijacking - nat6 - what does this command do?

I followed this guide and it worked correctly: https://openwrt.org/docs/guide-user/services/dns/intercept#nat6

But I am curious what the iptables command does, I am not able to decipher it.
Here is the command:

iptables-save -t nat \
| sed -e "/\s[DS]NAT\s/d;/\sMASQUERADE$/d" \
| ip6tables-restore -T nat
1 Like

It performs the following:

  • Dumps all rules and chains from the IPv4 nat table.
  • Excludes IPv4-specific rules for targets DNAT, SNAT and MASQUERADE.
  • Restores the remaining that includes target REDIRECT to the IPv6 nat table.

This is a workaround to utilize IPv6 nat table, which is unsupported/broken in the OpenWrt firewall.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.