DNS leaks command line

[Axlerod34 0]

Here is a simple set of scripts I use to keep dns requests from leaking on Ubuntu 17.10 but should work on any linux distribution.

An older fix which doesn't work on my system was to do the following

append the following lines to the .opvn file so openvpn can edit the /etc/resolv.conf file

script-security 2
up /etc/openvpn/update-resolv.conf
down /etc/openvpn/update-resolv.conf

 

The solution is I use 2 simple scripts to write the resolv.conf file from elsewhere and put it back to way it was when the connection is closed

First I create a secondary resolv.conf.bk with the following entries

#nameservers for torguard VPN
nameserver 10.8.0.1
nameserver 10.9.0.1

 

then I create the scripts saving them in /etc/openvpn and make them executables.

resolv_on.sh

#!/bin/bash
# replace /etc/resolv.conf to fix torguard dns leak
mv /etc/resolv.conf /etc/resolv.conf.bak
cp /etc/resolv.conf.bk /etc/resolv.conf

resolv_off.sh

#!/bin/bash
# restore original /etc/resolv/conf
rm /etc/resolv.conf
mv /etc/resolv.conf.bak /etc/resolv.conf

sudo chmod +x resolv_on.sh
sudo chmod +x resolv_off.sh

Finally the .opvn files needs the following lines added.

script-security 2
up /etc/openvpn/resolv_on.sh
down /etc/openvpn/resolv_off.sh

No more dns leaks when running openvpn from the command line.