search

DefGuard / wireguard-rs

Rust library providing unified WireGuard interface to native/kernel and userspace implementations
https://github.com/defguard/defguard/
Other
123 stars 10 forks source link

Linux DNS not being set as expected. #58

Open bleach86 opened 1 month ago

bleach86 commented 1 month ago

Trying to run the client example with my values put in as required as well as adding a DNS configuration.

I notice that when it would connect I would not have internet access. I narrowed this down to a DNS issue caused by /etc/resolv.conf not being updated as expected.

Looking at wg-quick I notice that they prefix the interface name with tun..

So modifying configure_dns() and clear_dns() to do the same results in expected behavior of updating /etc/resolv.conf with my values.

The linux wg-quick man page as well as the freebsd wg-quick man page both indicate the same prefixing of the interface name with tun.

This could cause a DNS leak if you allow local networks in your wg config.

This would cause using unexpected DNS if you do not allow local networks, but your '/etc/resolv.conf` contains an IP of a remote host. This could also possibly be a leak as well.

To recreate be on Linux with a wg config with AllowedIPs = 0.0.0.0/0,::/0 and have only LAN IPs in /etc/resolv.conf

teon commented 2 weeks ago

@bleach86 could you elaborate and explain what are you expecting from us?