Closed eycorsican closed 3 years ago
Once you start a Maple VPN connection, there should be two entries (0.0.0.0/1
and 128.0.0.0/1
) added to your routing table. I have no idea why this did not work for you 🤔
Regarding the DNS issue, Maple does not change the default DNS yet. FYI In YtFlow, the only domain strategy is fake DNS, so I think it is possible to do something similar.
WFP APIs may not be a viable solution here because they are forbidden in a UWP app.
Glad to hear there's already a solution for UWP VPN plugin! And it seems much easier. Looking forward to a fix.
Once you start a Maple VPN connection, there should be two entries (0.0.0.0/1 and 128.0.0.0/1) added to your routing table. I have no idea why this did not work for you 🤔
My bad, the entries did added to the routing table.
The way Leaf deals with DNS poisoning issues is the use of a combination of FakeDNS and DomainSniffing features.
For FakeDNS to function as expected, plain text UDP DNS traffic from the host must be routed through the
TUN
interface, consequently handled by Leaf to make a fake DNS response. But on Windows, DNS queries could easily bypass theTUN
interface, thus disabling FakeDNS.It's unclear to me what's the difference between UWP VPN plugin and a third-party TUN/TAP driver such as
tap-windows6
, I don't observe a change in the routing table when starting Maple, but FakeDNS is not working when some of my network adapters have DNS servers pointed to thedefault gateway
, DNS queries are bypassing FakeDNS.As a note, here's how Mellow deals with this kind of issues, and the code.