To block Google DNS:
$IPTABLES -I FORWARD -s 8.8.8.8/32 -j REJECT
$IPTABLES -I FORWARD -s 8.8.4.4/32 -j REJECT
$IPTABLES -I FORWARD -d 8.8.8.8/32 -j REJECT
$IPTABLES -I FORWARD -d 8.8.4.4/32 -j REJECTTo nat DNS requests to Smart Proxy:
$IPTABLES -t nat -I PREROUTING -s CLIENT_IP_ADDRESS -p udp --dport 53 -j DNAT --to SMART_DNS_SERVICE_IP_ADDRESS:53
$IPTABLES -t nat -I PREROUTING -s CLIENT_IP_ADDRESS -p tcp --dport 53 -j DNAT --to SMART_DNS_SERVICE_IP_ADDRESS:53
$IPTABLES -t nat -I PREROUTING -s CLIENT_IP_ADDRESS -p udp --dport 5353 -j DNAT --to SMART_DNS_SERVICE_IP_ADDRESS:53To test from a client, you can try to nat requests to Google safe search instead of the regular one:
sudo iptables -t nat -I OUTPUT -p udp --dport 53 -j DNAT --to 185.228.168.168:53
dig +short www.google.com @8.8.8.8You should get 216.239.38.120 as the result instead of changing results