Open parrotx-proton opened 3 years ago
calexandru2018
commented
3 years ago Hey @parrotx-proton
There shouldn't be any difference in that regard as both use the same backend (library). Could you be more specific how you came to this conclusion ?
parrotx-proton
commented
3 years ago Connected to one of the NL Servers via. GUI, went to dnsleaktest.com and I could see my ISP's servers getting picked up. Further I checked my /etc/resolv.conf, it had no entries for ProtonVPN's DNS servers ie. 10.8.8.1 or 10.7.7.1
OS Info:
Linux parrotx 5.10.0-6parrot1-amd64 #1 SMP Debian 5.10.28-6parrot1 (2021-04-12) x86_64 GNU/Linux
heiserhorn
commented
3 years ago I am having leaks with both GUI and CLI. Tried several servers (Plus and basic). Tried with Netshield full and secure core. Always leaking. Debian unstable with Network-manager, IWD and systemd-resolved.
calexandru2018
commented
3 years ago Hey @parrotx-proton
We've attempted to recreate this behavior but were not able to find any DNS leaks.
Edit: Does this happen when you're on Wifi/Ethernet, changing networks or simply only when you connect once ?
parrotx-proton
commented
3 years ago Hi @calexandru2018,
Setup was nothing special. Added repositories using a deb file and apt get install protonvpn Since I am working on VM's its working over ethernet. I was not changing networks or doing anything special.
I was using cli for quite a while but notice that it had 2 problems(havent opened issues yet as I didnt do much investigation from my end) 1) If you shutdown the machine without issuing a disconnect the Proton DNS entries in /etc/resolv.conf remain and hence on next startup any DNS resolution will simply fail. 2) On many occasions it just simply fails to connect and throws authorization error even with correct credentials. I didnt get any --debug flag to investigate further.
Hence I decided to fallback on the GUI client which works for most of the part other than leaking DNS. I never saw entries in /etc/resolv.conf getting modified by this client.
parrotx-proton
commented
3 years ago @calexandru2018 since I see a few other people have also reported similar issues albeit with slight variations. I guess may also be related to the environment. Could you have some test setup with VM's using the same OS?
SwissTico
commented
3 years ago Hello everybody,
We wrote a post yesterday thinking that we found a workaround, but today it didn't work :-( So in our case the /etc/resolv.conf is reset by dhclient every time that the IP address is renewed.
We have one DHCP profile with all automatic settings, and one static IP profile. The issue comes with the DHCP profile (the static one is only used to configure a specific device, without internet connection).
The issue is the same on 2 devices with Linux Debian.
gituser987654
commented
2 years ago Hi protonvpn team, I have noticed that the oldest unsupported version of protonvpn-cli does not leak DNS. I have checked this with ipleak.org. So can you please implement the same approach in new protonvpn app and cli as soon as possible. Thank you very much
While the linux cli successfully updates the nameservers in /etc/resolv.conf the GUI does not and hence results in an DNS leak.