Open joaufi opened 4 years ago
Note: Above ran with both the latest master
and test
branches of openpyn with fresh --init
on each
Believe I have fixed this on the test
branch; trying to push a feature branch for a PR but getting:
ERROR: Permission to jotyGill/openpyn-nordvpn.git denied to joaufi.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Could I get push access? ⬆️
You can set the DNS manually, that's was one of the reason I set it to disabled on macOS, when porting/testing openpyn on MacOS, since I didn't test the script openpyn uses to modify the /etc/resolv.conf
You can open a pull request on test branch, instead of push access...
I did not know that you could open a PR using a forked repo branch onto the forked-from repo branch- thanks for the knowledge! I'll open a PR.
Fwiw the script does successfully modify /etc/resolv.conf (tested a few times), but it does not change it back to whatever the user had in the resolv.conf if / when openpyn is closed and the vpn is disconnected. Going to make my changes do that so that it more closely mimics the NordVPN GUI (and seems a bit more user friendly).
it does not change it back to whatever the user had in the resolv.conf
Yeah, that what I thought, would be great if you can fix this!
I finally got around to this ☠️ See: https://github.com/jotyGill/openpyn-nordvpn/pull/252
Feel like it is a somewhat sloppy solution but it works 😅
There's a MacOS notice in the /etc/resolv.conf
file claiming it's not used for DNS hostname resolution and that it is generated automatically. (I'm running macOS Catalina 10.15.4)
# macOS Notice # # This file is not consulted for DNS hostname resolution, address # resolution, or the DNS query routing mechanism used by most # processes on this system. # # To view the DNS configuration used by this system, use: # scutil --dns # # SEE ALSO # dns-sd(1), scutil(8) # # This file is automatically generated.
Trying to replace the resolv.conf
file doesn't do the trick for me and it also requires privileges, e.g.
sudo mv -n /etc/resolv.conf /etc/resolv.conf.backup
sudo /bin/sh -c "echo 'nameserver $nordDNS1' > /etc/resolv.conf"
I've resolved the issue with simple aliases that I run before/after connecting to the NordVPN server of choice.
alias resetdns="networksetup -setdnsservers Wi-Fi 192.168.1.1 192.168.1.1"
alias norddns="networksetup -setdnsservers Wi-Fi 103.86.99.100 103.86.96.100 208.67.222.220"
networksetup -setdnsservers
also updates /etc/resolv.conf
i.e "...is automatically generated."
When running
openpyn us
on MacOS Catalina 10.15 it never seems to modify the/etc/resolv.conf
file (no matter what settings or flags are supplied, both run as user and sudo) resulting in DNS leaks:Confirmed with DNS Leak Test simple and extended tests; using Google DNS servers 8.8.8.8 and 8.8.4.4 configured at router-level: Simple Test unconnected to any VPN:
Extended Test unconnected to any VPN:
Simple Test connected to VPN using openpyn us:
Extended Test connected to VPN using openpyn us:
Content of
/etc/resolv.conf
before AND after running openpyn:Current workaround is to get the fastest server using openpyn and then connecting to the specified server through NordVPN GUI which prevents DNS leaking:
Simple Test connected to VPN using NordVPN GUI application:
Extended Test connected to VPN using NordVPN GUI application:
Content of
/etc/resolv.conf
after connecting to VPN using NordVPN GUI application:So NordVPN is able to modify
/etc/resolv.conf
to prevent DNS leaks but openpyn is unable to it seems.Why is openpyn not modifying
/etc/resolv.conf
when it is run (regardless of sudo, options, and flags added)?Would be happy to open a PR to fix this issue but likely would need some guidance to do so. Thanks! 👍