GNOME Bugzilla – Bug 738647
Add option to purge existing DNS on connect.
Last modified: 2016-09-05 08:03:08 UTC
When connecting to a VPN, It would be nice to have the option of de-activating the current DNS providers and use only those either pushed by the VPN server or set in the VPN client config. Eg: I am connected to an untrusted WiFi and get a DHCP DNS of 192.168.0.1. I then connect to my VPN server which specifies DNS server 8.8.8.8. At this point my resolv.conf has the following entries: nameserver 8.8.8.8 nameserver 192.168.0.1 The current behaviour is to add add nameservers to the beginning of the list in the resolv.conf file. This means that while on a VPN, DNS queries may be made to a local DNS server, and lead to a leaky DNS. I suggest to add an option to the VPN configuration where a user can opt to purge local DNS settings when connected to the VPN. This would work as: On connect: if use_VPN_DNS then save local DNS clear DNS settings add VPN specific DNS (either configured by the client VPN dialogue or the server) end if On Disconnect if use_VPN_DNS then clear DNS settings reload DNS from saved value remove saved DNS end if
See one more use case for this option in Bug 746422 Comment 3
You can do this now using the dns-priority set to a negative value in the ipv4 and ipv6 settings of the VPN connection. See bug 758772 for more details. *** This bug has been marked as a duplicate of bug 758772 ***