Change DNS when connected to VPN

No it’s all done via my TV remote, using this plugin to launch the individual .ovpn OpenVPN config files:

http://brianhornsby.com/kodi_addons/openvpn

Means I don’t have to have my laptop turned on, dead easy and fast. You just connect to a VPN server and then disconnect through the ui add-on.

Okay so I’ve now been able to successfully get the script to change my DNS servers while connected to the VPN after installing openresolv…but when I disconnect, it blanks out my /etc/resolv.conf…the default nameserver doesn’t get put back, weird…

Nevermind, it’s one step forward…I’ll just have to reboot when I’m done. At least I’ve managed to get it to use my VPN’s DNS servers, which is the main thing.

I fixed it I fixed it, woohoo!!! Or rather I found a workaround…the trick is to make a copy of resolv.conf in the script and then restore it upon OpenVPN exit as found at the bottom of https://forums.openvpn.net/topic15508.html

cp /etc/resolv.conf /etc/resolv.conf.default
#echo -n “$R” | $RESOLVCONF -p -a “${dev}”
echo -n “$R” | $RESOLVCONF -a “${dev}.inet”
;;
down)
$RESOLVCONF -d “${dev}.inet”
mv -f /etc/resolv.conf.default /etc/resolv.conf
;;
esac

Funnily enough my swiss cheese brain seems to have an inkling somewhere that I may have had to do it back in the raspbmc days too…

Oh well thanks for your patience tonight Sam…and if any OpenVPN users want to hide their DNS leaks, well loads of info in this thread, so it hasn’t all been useless… :wink:

1 Like

I’ve got my openvpn working but am suffering DNS leaks, having followed this thread I tried to follow the solution shown above, I have tried various “edits” of the above conf file, I am getting the message shown below just as my openvpn bombs

/etc/openvpn/update-resolv-conf: line 57: /etc/resolvconf/: Is a directory
Sat Feb 13 21:25:06 2016 WARNING: Failed running command (--up/--down): external program exited with error status: 126
Sat Feb 13 21:25:06 2016 Exiting due to fatal error

RESOLVCONF is set at the beginning of the script but is referenced further down (line 57) which seems to be causing the error, I cant for the life of me see whats going on

# 04/2014 k@cwill.org fixed empty resolv.conf after VPN is down'd
# 07/2013 colin@daedrum.net Fixed intet name
# 05/2006 chlauber@bnc.ch
#
# Example envs set from openvpn:
# foreign_option_1='dhcp-option DNS 193.43.27.132'
# foreign_option_2='dhcp-option DNS 193.43.27.133'
# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
# foreign_option_4='dhcp-option DOMAIN-SEARCH bnc.local'

set -e

## You might need to set the path manually here, i.e.
RESOLVCONF="/etc/resolvconf/"
#RESOLVCONF=$(which resolvconf)
[ -x $RESOLVCONF ] || exit 0

case $script_type in

up)
   for optionname in ${!foreign_option_*} ; do
      option="${!optionname}"
      echo $option
      part1=$(echo "$option" | cut -d " " -f 1)
      if [ "$part1" == "dhcp-option" ] ; then
         part2=$(echo "$option" | cut -d " " -f 2)
         part3=$(echo "$option" | cut -d " " -f 3)
         if [ "$part2" == "DNS" ] ; then
            IF_DNS_NAMESERVERS="$IF_DNS_NAMESERVERS $part3"
         fi
         if [[ "$part2" == "DOMAIN" || "$part2" == "DOMAIN-SEARCH" ]] ; then
            IF_DNS_SEARCH="$IF_DNS_SEARCH $part3"
         fi
      fi
   done
   R=""
   for DS in $IF_DNS_SEARCH ; do
           R="${R}search $DS
"
   done
   for NS in $IF_DNS_NAMESERVERS ; do
           R="${R}nameserver $NS
"
   done
   cp /etc/resolv.conf /etc/resolv.conf.default
   #echo -n "$R" | $RESOLVCONF -p -a "${dev}"
   echo -n "$R" | $RESOLVCONF -a "${dev}.inet"
   ;;
down)

What on earth am I doing wrong, it’s probably something really obvious but I’ve been messing about with this now for days and it’s just not clicking.

Cheers

Mike

Hi Mike, it looks from what you’ve pasted above you’ve only done the ‘copy’ part (‘cp’). You also need the restore part after ‘down)’:

$RESOLVCONF -d “${dev}.inet”
mv -f /etc/resolv.conf.default /etc/resolv.conf
;;
esac

Hope this helps!

Note that the script that OSMC uses will be slightly different to what is posted in https://forums.openvpn.net/topic15508.html. But as long as you just insert those two lines I posted in bold above in the positions they need to be in, then you should be okay.

Alternatively, you can turn off DHCP and give your setup a static ip and choose your DNS servers. You could use Google DNS but if you want to be uber stealthy I would go with OpenNIC DNS, apparently no logs are kept.

trying to follow this, is there a concise step by step process to do this?

1 Like