Roku 3 Geoblock

  • Hello,

    I'm trying to replicate the following configuration on my setup:

    iptables -t nat -I PREROUTING -p udp -d –dport 53 -j DNAT --to
    iptables -t nat -I PREROUTING -p udp -d --dport 53 -j DNAT --to
    iptables -t nat -I PREROUTING -p tcp -d --dport 53 -j DNAT --to
    iptables -t nat -I PREROUTING -p tcp -d --dport 53 -j DNAT --to

    At least I believe that's the rule I'm trying to make. It's supposed to prevent the traffic going to Google's DNS and send it to Unblock US DNS servers.
    The Roku 3 is hard coded it seems to ignore all other DNS and prefer Google's DNS.

    Any advice would be appreciated.

  • You can do this with a simple port forwarding rule. Firewall > NAT > Forward

    Assuming you want to route any DNS request to, add a rule like this:
    Interface: LAN (or which ever the DNS requests enter pfSense)
    Protocol: TCP/UDP
    Destination: any
    Destination port: 53
    Redirect target IP:
    Redirect target port: 53

    If you only want to redirect requests to Google servers enter the server IP at Destination and add an additional rule for the other server.

  • Hello,

    Thank you for the reply. I had believe the iptables syntax was the correction solution the above mentioned problem but it seems not.

    This is an article describing the solution (it's further down):

    I had replicated that configuration on my Edgerouter and I'm having no luck at all doing it on pfSense.


    Roku contacts Google's DNS (over Unblock-US or Unotelly's)
    It by-passes them and decides to use Google's DNS

    Now it won't allow me to view any of the US content, because Google DNS is hard coded into the Netflix application and the only way to make this work is by rejecting/redirecting all the Google DNS requests to Unblock-US or Unotelly I'd think.

Log in to reply