Buffalo WHR-HP-G54

I have Buffalo WHR-HP-G54 router.
I would like to know is this device has feature to support "Bypass DNS Hijacking"

Some devices allow to direct all DNS request from port 53 to port 54 so the DNS request will escape the filtering.
In order to do this in the router support IP tables where port forwarding needs to be configured.

Let me know if this can be configured in the Buffalo WHR-HP-G54 router
LVL 1
SrikantRajeevAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

KimputerCommented:
Yes, your router is listed in the compatibility list of the DD-WRT custom firmware, see: http://dd-wrt.com/wiki/index.php/WHR-HP-G54
But before you risk bricking your router, are you even sure your DNS request are being filtered?
0
SrikantRajeevAuthor Commented:
Yeah it is confirmed that the DNS request are being filtered.
But what is the command by which I will be able to configure it. Let me know how to configure it in this router.
0
KimputerCommented:
First step is to totally change the software, which is a risky move. Only after that new firmware is working can we continue with the correct command.
Read this page thouroughly before you proceed to update your router: http://dd-wrt.com/wiki/index.php/Installation#WHR-G54S.2C_WHR-HP-G54.2C_WZR-HP-G54

I assume you have a subscription for a special DNS server? Otherwise you do this all for nothing.
0
What were the top attacks of Q1 2018?

The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Check out our Q1 2018 report for smart, practical security advice today!

SrikantRajeevAuthor Commented:
I would like to know what is the right command by which this can be achieved.
Let me know the right commands to achieve this.

I have the subscription for the special DNS server.
0
KimputerCommented:
iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to IP_NR_SPECIAL_DNS_SERVER:54
 iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to IP_NR_SPECIAL_DNS_SERVER:54

Open in new window


of course, replace IP_NR_SPECIAL_DNS_SERVER with the real IP number
0
SrikantRajeevAuthor Commented:
thanks.
The commands provided above will it work on Buffalo WHR-HP-G54 router.
Are the above commands specific to this router model or is it generic.
0
KimputerCommented:
Generic IPtables command (works on a linux machine, for instance). It will work on the Buffalo AFTER you switch to the DD-WRT firmware as described earlier.
0
SrikantRajeevAuthor Commented:
Thanks.
Sorry i could not make out what is the firmware version that should be running in my router to have this work.
Let me know what is the version required to be running so that i can check in my router.
0
KimputerCommented:
The version was already embedded in the url i posted earlier. You don't need to check the version, as this is a complicated process I'm pretty sure you never did. It's a totally different firmware, not from Buffalo, as I said, it's from DD-WRT.
0
SrikantRajeevAuthor Commented:
Thanks.
What will happen once I add the above commands to the router ?
How exactly it will help me for the "Bypass DNS Hijacking". What exactly I need to check to ensure that it is working after adding the command.
I exactly i should do this to my router is it by telnetting to this router. Is there any manual I can find to do this.
Also let me know what is the command i should use in case i need to roll back.
0
KimputerCommented:
If you need to roll back, make a full backup of your configuration first. Restore this backup file if you see something isn't working properly after you changed some settings.
You are now asking questions about your own questions. Your question was "Some devices allow to direct all DNS request from port 53 to port 54 so the DNS request will escape the filtering.
 In order to do this in the router support IP tables where port forwarding needs to be configured."

That's what the command is for. But now you're asking it again? You also checked that all your DNS is in fact being filtered right now. So the only check needed is to see if the DNS is resolving addresses after you input this command.
Telnetting to the DD-WRT firmware is described here: http://www.dd-wrt.com/wiki/index.php/Telnet/SSH_and_the_command_line
0
SrikantRajeevAuthor Commented:
Hi Kimputer - Help me with the above...
0
KimputerCommented:
The above was an answer. What else do you need help with? Be more specific?
0
SrikantRajeevAuthor Commented:
Thanks.
If i want to roll back the configurations let me know how should i do it.
What commands are required for this....
0
KimputerCommented:
Administration > Backup > Use the backup button to save your configuration. Use Restore button to restore a backup file (firrst browse to select the file).
0
SrikantRajeevAuthor Commented:
If i need to roll back the below commands , will I be not able to do it via any commands. I can only do it by replacing the backup file.

iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to IP_NR_SPECIAL_DNS_SERVER:54
 iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to IP_NR_SPECIAL_DNS_SERVER:54

Basically i want to roll back the above commands if it is not working.
0
KimputerCommented:
To delete instead of using files to backup and restore:

iptables -t nat -D PREROUTING -i br0 -p udp --dport 53 -j DNAT --to IP_NR_SPECIAL_DNS_SERVER:54
  iptables -t nat -D PREROUTING -i br0 -p udp --dport 53 -j DNAT --to IP_NR_SPECIAL_DNS_SERVER:54

Open in new window

0
SrikantRajeevAuthor Commented:
Is the below command is to save the configurations after I enter the IP tables.

nvram commit
0
KimputerCommented:
Yes, also reboot just to make sure everything works and is saved.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SrikantRajeevAuthor Commented:
thanks
0
SrikantRajeevAuthor Commented:
Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Management

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.