The Domain Name System's (DNS) primary function is to translate hostnames into numerical Internet Protocol (IP) addresses. The DNS is a growing, and more vulnerable target for emerging attacks since traffic via it is frequently not monitored. Even on high-speed networks, software-based mitigation strategies and specialized, advanced firewalls may become bottlenecks and are vulnerable to saturation assaults. Many techniques for reducing network security threats may be quickly and easily implemented using the P4-programmable data plane without slowing down or interfering with regular traffic Using the stateful processing capabilities of programmable switches, in the course of this research, we develop a system that is able to monitor DNS traffic in the data plane and then apply the security rules that have been established by the administrator to certain domains. Deep Packet Inspection (DPI) is used in particular to apply filtering criteria (such as preventing harmful environments) and retrieve the domain name from a collection of labels. The evaluation findings reveal that the suggested method outperforms the state-of-the-art P4-based methods in terms of the number of domain labels it can parse. Further, throughput, latency, and packet loss achieve considerable performance gains compared to a conventional software firewall-pfsense-. However, due to the low resource consumption of the implemented P4 software, it may include additional security features.