/ip firewall layer7-protocol add name="MyDomain DNS" regexp=\ "mydomain.co.za|[0-9]+.[0-9]+.168.192.in-addr.arpa" /ip firewall nat add action=masquerade chain=srcnat comment="NAT to MyDomain DNS" disabled=no dst-address=192.168.0.1/32 dst-port=53 \ protocol=udp add action=dst-nat chain=dstnat disabled=no dst-address-type=local dst-port=53 layer7-protocol="MyDomain DNS port forward" \ protocol=udp to-addresses=192.168.0.1 to-ports=53