Open abhichatur opened 2 years ago
$ tcpdump -i eth0 udp and port 53
Thank your for the response, It will just filter all the DNS traffic, without filtering on the basis of MAC address. is there any method so that I can accept and drop DNS query traffic coming from any particular MAC address/addresses.
Thank you.
Please check the -i option.
-i option we are using for the interface means for which interface we want to filter traffic. like etho, ens33 etc.
For a specific MAC address, it is assigned to an interface. So you can trace a specific interface instead.
:)
ok we can trace traffic it will only show the traffic but how i can block DNS queries for a particular interface/mac address ?
thanks
No idea, maybe you can use iptables/firewall or something like that.
wireshark for gui
https://www.cyberciti.biz/tips/iptables-mac-address-filtering.html for examples on how to do that with iptables, or the XDP route https://blog.nlnetlabs.nl/journeying-into-xdp-part-1-augmenting-dns/
Are there any bcc tools available so that it can filter the DNS queries on the basis of the mac address.
I want to filter the DNS queries using the client's mac address. so is there any tool is available or what library we need for that to work on
Thank You