SagerNet/sing-tun
1
0
Fork 0
mirror of https://github.com/SagerNet/sing-tun.git synced 2025-04-04 04:17:39 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

configure systemd-resolved if strict-route is set

Browse source 
properly configure DNS server and +DefaultRoute for systemd-resolved to prevent DNS leak when strict-route is set.
This commit is contained in:
Victor Tseng 2023-05-14 11:10:51 +08:00
parent b02f252916
commit cc2b79958c
1 changed files with 19 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

22
tun_linux.go
View file

@ -167,7 +167,7 @@ func (t *NativeTun) configure(tunLink netlink.Link) error {
return err
}
setSearchDomainForSystemdResolved(t.options.Name)
configureSystemdResulved(t.options)
if t.options.AutoRoute && runtime.GOOS == "android" {
t.interfaceCallback = t.options.InterfaceMonitor.RegisterCallback(t.routeUpdate)
@ -599,10 +599,26 @@ func (t *NativeTun) routeUpdate(event int) error {
return nil
}
func setSearchDomainForSystemdResolved(interfaceName string) {
func configureSystemdResulved(options Options) {
ctlPath, err := exec.LookPath("resolvectl")
if err != nil {
return
}
shell.Exec(ctlPath, "domain", interfaceName, "~.").Run()
if options.StrictRoute {
if len(options.Inet4Address) > 0 && len(options.Inet6Address) > 0 {
shell.Exec(ctlPath, "dns", options.Name, options.Inet4Address[0].Addr().Next().String(), options.Inet6Address[0].Addr().Next().String()).Run()
} else {
if len(options.Inet4Address) > 0 {
shell.Exec(ctlPath, "dns", options.Name, options.Inet4Address[0].Addr().Next().String()).Run()
}
if len(options.Inet6Address) > 0 {
shell.Exec(ctlPath, "dns", options.Name, options.Inet6Address[0].Addr().Next().String()).Run()
}
}
shell.Exec(ctlPath, "default-route", options.Name, "true").Run()
}
shell.Exec(ctlPath, "domain", options.Name, "~.").Run()
}