I added the following ip6tables rules, the rules allow to block all DNS IPv6 requests containing the sting youtube.com
ip6tables -A FORWARD -p udp --dport 53 -m string --domain youtube.com --algo bm -j DROP
ip6tables -A INPUT -p udp --dport 53 -m string --domain youtube.com --algo bm -j DROP
ip6tables -A OUTPUT -p udp --dport 53 -m string --domain youtube.com --algo bm -j DROP
I checked with ip6tables -L command and I can see the rules added
I tried to ping youtube.com and then I can see the name is resoved and I got ip6 of youtube.com.
I checked the traffic with wireshark and I can see the ip6 request of dns is sent to the dns server and I got ip6 dns response. So the ip6 rules are not taking account.
What I m missing in my rules?
