From 67506fe6ba55ac7eaf4cbfd3606bff34a1214c11 Mon Sep 17 00:00:00 2001 From: kali Date: Wed, 16 Jan 2013 01:33:50 +0900 Subject: add update resolv.conf script --- pkg/linux/leap-update-resolv-conf | 90 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 pkg/linux/leap-update-resolv-conf (limited to 'pkg/linux') diff --git a/pkg/linux/leap-update-resolv-conf b/pkg/linux/leap-update-resolv-conf new file mode 100644 index 00000000..a54802e3 --- /dev/null +++ b/pkg/linux/leap-update-resolv-conf @@ -0,0 +1,90 @@ +#!/bin/bash +# +# Parses options from openvpn to update resolv.conf +# +# The only way to enforce that a linux system will not leak DNS +# queries is to replace /etc/resolv.conf with a file that only +# has the DNS resolver specified by the VPN. +# +# That is what this script does. This is what resolvconf is for, +# but sadly it does not always work. +# +# Example envs set from openvpn: +# foreign_option_1='dhcp-option DNS 193.43.27.132' +# foreign_option_2='dhcp-option DNS 193.43.27.133' +# foreign_option_3='dhcp-option DOMAIN be.bnc.ch' +# + +function up() { + + comment=$( +cat < /etc/resolv.conf +} + +function down() { + if [ -f /etc/resolv.conf.bak ] ; then + unlink /etc/resolv.conf + mv /etc/resolv.conf.bak /etc/resolv.conf + fi +} + +case $script_type in + up) up ;; + down) down ;; +esac -- cgit v1.2.3