Using FW to modify DNS payload

[HowdyHai]

Not sure if this can be done on the firewall but according to some network engineers, it can be done on the router.

Internal client perform DNS request to external DNS server.
External DNS server responded with an IP address within a known network.
Can a firewall in the middle detect this DNS replied IP address and NAT it to something else?

ex: PC request DNS for testing.com and DNS server replies with 10.10.10.10
then firewall NAT the DNS reply with 10.10.20.20 so the PC will start to communicate with 10.10.20.20?

[mcnallym]

This sounds like DNS Doctoring on a PIX. You can't do it on a Check Point though.