The DNS response spoofing section implements the function of spoofing DNS responses on DPI, which come from the DNS server for specific domains.

Operating Conditions:

1. DNS response spoofing works only for DNS requests over UDP on the standard port 53.
2. Traffic must be directed to the DNS server before it passes through the DPI.

The configuration consists of two steps: first, you need to enable the DNS response spoofing service for the channel or subscriber, then configure the spoofing list.

1. Go to the Profiles Management → Channels section.
2. Enable the “Spoof DNS” toggle for the desired channel or subscriber.

1. Navigate to the Spoof DNS → Add New Rule section. Specify the required parameters:
   • Regulator;
   • Category;
   • Reason;
   • Description.
     The values for the Regulator and Category parameters are pre-defined in the Reference section. They are used for additional navigation through the created rules.
2. Add resources to the rule. This can be done in three ways:
   1. “Add to List.” Uploading resources one at a time — applicable when there are few resources, and creating files is not necessary, as well as when supplementing an existing rule. You need to fill in the Host and IP fields.
      Host — the domain name of the resource being requested by the user.
      IP — the IPv4 or IPv6 address of the resource to which the redirection will occur.
   2. “Import Resources.” Works with pre-prepared lists. The file for import must be in the TXT format, consisting of two columns: Host and IP. The columns should be separated by a space. The content of the file needs to be copied and pasted into the field opened by the “Import Resources” button.
      
      Example file content:

      facebook.com 10.11.12.13
      x.com 2001:db8:85a3::8a2e:370:7334
      *.fb.com 203.0.113.5

   3. “Import from File.” Uploading a ready-made list from a file — used for quick processing of simple prepared lists containing a large number of resources. Formats XLSX, CSV, TSV are supported, and multiple files can be uploaded simultaneously. The number of files after import is displayed in the corner of the “Import from File” button.
      The resource list must be formatted as in point b. “Import Resources.”
3. Apply the rule to the channels or subscribers from the list. Click "Save Changes" below.
   If the rule is NOT applied to channels or subscribers, it will be global — applied to all channels and subscribers.

The Spoof DNS section contains a list of all created rules (Rules tab) and all resources involved in the rules (Resources tab).
The lists can be exported in available formats: XLSX, CSV, PDF, PNG.
You can filter and search through the lists of rules and resources. For more details: Case 4.5. Searching Created Rules and Resources

Additionally, each rule has an Action Log, which displays all changes to the rule.

If the spoofing is not working, you can try the following solutions:

1. Check System global state → Tasks list, all previous tasks must be completed (have the status success) before executing a new task.
2. Clear the DNS cache on the device with the command ipconfig /flushdns.