From 0a16ea512d2179d27718a6f3fd2a86dcdd65a536 Mon Sep 17 00:00:00 2001
From: oblique <psyberbits@gmail.com>
Date: Sun, 20 Mar 2016 13:43:11 +0200
Subject: [PATCH] dnsmasq now uses 5353 port and we redirect requests from 53
 to 5353.

Fixes #96
---
 create_ap | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/create_ap b/create_ap
index ff46e78..eee7a2f 100755
--- a/create_ap
+++ b/create_ap
@@ -740,8 +740,14 @@ _cleanup() {
     fi
 
     if [[ "$SHARE_METHOD" != "bridge" ]]; then
-        iptables -w -D INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-        iptables -w -D INPUT -p udp -m udp --dport 53 -j ACCEPT
+        if [[ $NO_DNS -eq 0 ]]; then
+            iptables -w -D INPUT -p tcp -m tcp --dport 5353 -j ACCEPT || die
+            iptables -w -D INPUT -p udp -m udp --dport 5353 -j ACCEPT || die
+            iptables -w -t nat -D PREROUTING -s ${GATEWAY%.*}.0/24 -d ${GATEWAY} \
+                -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 5353 || die
+            iptables -w -t nat -D PREROUTING -s ${GATEWAY%.*}.0/24 -d ${GATEWAY} \
+                -p udp -m udp --dport 53 -j REDIRECT --to-ports 5353 || die
+        fi
         iptables -w -D INPUT -p udp -m udp --dport 67 -j ACCEPT
     fi
 
@@ -1708,9 +1714,13 @@ fi
 # start dhcp + dns (optional)
 if [[ "$SHARE_METHOD" != "bridge" ]]; then
     if [[ $NO_DNS -eq 0 ]]; then
-        DNS_PORT=53
+        DNS_PORT=5353
         iptables -w -I INPUT -p tcp -m tcp --dport $DNS_PORT -j ACCEPT || die
         iptables -w -I INPUT -p udp -m udp --dport $DNS_PORT -j ACCEPT || die
+        iptables -w -t nat -I PREROUTING -s ${GATEWAY%.*}.0/24 -d ${GATEWAY} \
+            -p tcp -m tcp --dport 53 -j REDIRECT --to-ports $DNS_PORT || die
+        iptables -w -t nat -I PREROUTING -s ${GATEWAY%.*}.0/24 -d ${GATEWAY} \
+            -p udp -m udp --dport 53 -j REDIRECT --to-ports $DNS_PORT || die
     else
         DNS_PORT=0
     fi