Giter Club home page Giter Club logo

update-resolv-conf-mageia's Introduction

update-resolv-conf-mageia

DNS server extraction/substitution script for OpenVPN (Mageia Linux)

The original script: update-resolv-conf.sh The author of the original script: Alfredo Palhares

Use in the *.ovpn configuration:

script-security 2
up /etc/openvpn/update-resolv-conf.sh
down /etc/openvpn/update-resolv-conf.sh

Use in Startup parameters:

--script-security 2 --up /etc/openvpn/update-resolv-conf.sh \
--down /etc/openvpn/update-resolv-conf.sh

The original script update-resolv-conf.sh It is intended for Ubuntu and other operating systems that have the openresolv package in their repository. However, Mageia does not have an openresolv package, so the option -x unavailable. The only thing that resolvconf can do well is to add (not replace) DNS records to the contents of /etc/resolv.conf, which the OpenVPN client receives. As a result, if initially the /etc/resolv.conf file contained a DNS record pointing to the default gateway (for example, 192.168.0.1), then it will not be destroyed. On the contrary, this entry will be added to the end of the /etc/resolv.conf file:

# Generated by resolvconf
nameserver 209.222.18.222
nameserver 209.222.18.218
nameserver 192.168.0.1

This DNS configuration is vulnerable and any DNS leak tester will easily report your true IP address, despite the fact that the IP DNS was obtained from inside the VPN above. Thus, the effectiveness of VPN is limited only by the visible change of the external IP address (location). NetworkManager is also no exception and by default provides an insecure, vulnerable OpenVPN connection.

Therefore, the original script update-resolv-conf.sh it was modified in such a way that resolvconf is only used to return the settings of the original /etc/resolv.conf. Depending on the settings coming from the VPN server, the number of nameservers can be: 0 - absence (you need to replace with a pair of your own), 1 - the only DNS (you need to add another one of your own) and 1< - at least 2. In addition, when returning DNS settings, systemd-resolved can be used, and not resolvconf. I tried to take all this into account in this modification of the script - update-resolv-conf-mageia.sh.

Dependencies for OpenVPN: resolvconf procps-ng

Note: the script is already used in OpenVPN-GUI, ProtonVPN-GUI and Luntik.

update-resolv-conf-mageia's People

Contributors

akotov-dev avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.