Version used: Unknown
iptables -t mangle -A PREROUTING -i eth0 -j TTL --ttl-set 64
iptables -t nat -I PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to 192.168.100.2:53
iptables -t nat -I PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to 192.168.100.2:53
iptables -t nat -I PREROUTING -i br-lan -p tcp -s 192.168.100.2 --dport 53 -j ACCEPT
iptables -t nat -I PREROUTING -i br-lan -p udp -s 192.168.100.2 --dport 53 -j ACCEPT
Version2
iptables -t mangle -A PREROUTING -i eth0 -j TTL --ttl-set 66
iptables -t nat -I PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to 192.168.100.1:53
iptables -t nat -I PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to 192.168.100.1:53
iptables -t nat -I PREROUTING -i br-lan -p tcp -s 192.168.100.1 --dport 53 -j ACCEPT
iptables -t nat -I PREROUTING -i br-lan -p udp -s 192.168.100.1 --dport 53 -j ACCEPT
iptables -t nat -I PREROUTING -i br-lan -p tcp -s 192.168.100.1 --dport 53 -j ACCEPT
iptables -t nat -I PREROUTING -i br-lan -p udp -s 192.168.100.1 --dport 53 -j ACCEPT
Version with TLS DNS
iptables -t mangle -A PREROUTING -i eth0 -j TTL --ttl-set 66
iptables -t nat -I PREROUTING -i br-lan -p tcp --dport 853 -j DNAT --to 192.168.79.20:53
iptables -t nat -I PREROUTING -i br-lan -p udp --dport 853 -j DNAT --to 192.168.79.20:53
iptables -t nat -I PREROUTING -i br-lan -p tcp --dport 853 -j DNAT --to 192.168.79.20:53
iptables -t nat -I PREROUTING -i br-lan -p udp --dport 853 -j DNAT --to 192.168.79.20:53
iptables -t nat -I PREROUTING -i br-lan -p tcp -s 192.168.79.20 --dport 53 -j ACCEPT
iptables -t nat -I PREROUTING -i br-lan -p udp -s 192.168.79.20 --dport 53 -j ACCEPT
iptables -t nat -I PREROUTING -i br-lan -p tcp -s 192.168.79.23 --dport 53 -j ACCEPT
iptables -t nat -I PREROUTING -i br-lan -p udp -s 192.168.79.23 --dport 53 -j ACCEPT