TIPS – How to Set default DNS for all users, ethernet & WiFi connections

Forum Forums New users New Users and General Questions TIPS – How to Set default DNS for all users, ethernet & WiFi connections

  • This topic has 12 replies, 4 voices, and was last updated May 2-3:10 am by anticapitalista.
Viewing 13 posts - 1 through 13 (of 13 total)
  • Author
    Posts
  • #35255
    Member
    Craig

      Firstly, new user & first time poster to give thanks for AntiX. Cheers!

      AntiX 19.2 runs on on an old broken HP 625 64 bit laptop.

      Via ConnMan, I’ve been attempting to set default domain name servers;- for all users, for all connections, on this laptop.

      (This is to use CleanBrowsing_Org’s DNS filtering as per their filters page.)

      1) In /etc/connman/main.conf, add
      Nameservers=185.228.169.168,185.228.168.168
      From connman.conf(5), Nameservers is not listed as valid & doesn’t work.

      2) Edit /var/lib/connman/settings to be:-

      [global]
      OfflineMode=false
      
      [WiFi]
      Enable=true
      Tethering=false
      Nameservers=185.228.169.168,185.228.168.168
      
      [Bluetooth]
      Enable=false
      Tethering=false
      
      [Wired]
      Enable=true
      Tethering=false
      Nameservers=185.228.169.168,185.228.168.168

      This idea does not work either.

      For Linux, Clean Browsing recommends creating an immutable /etc/resolv.conf file on their Linux guide page.

      What is the AntiX method of setting default DNS entries, for all user accounts, for all connections?

      Thanks,
      Craig.

      • This topic was modified 2 years, 9 months ago by Craig. Reason: Formatting
      • This topic was modified 2 years, 9 months ago by Craig. Reason: Argh! Formatting
      • This topic was modified 2 years, 9 months ago by anticapitalista. Reason: changed title since there are some excellent tips in the thread
      #35259
      Forum Admin
      anticapitalista
        Helpful
        Up
        0
        ::

        Don’t know if it is the best way or not, but I used to do in it /etc/dhcp/dhclient.conf

        https://raamdev.com/2009/configuring-static-dns-with-dhcp-on-debianubuntu/

        Philosophers have interpreted the world in many ways; the point is to change it.

        antiX with runit - leaner and meaner.

        #35299
        Member
        Craig
          Helpful
          Up
          0
          ::

          Thanks a lot for the link! Which I implemented.

          Unfortunately,… edits to /etc/dhcp/dhclient.conf are ignored by ConnMan.

          To have the machine read /etc/resolv.conf with ConnMan managing WiFi authentication, I done this:-

          $ cat /etc/default/connman
          # For static DNS. (See --nodnsproxy in connman(8)).
          DAEMON_OPTS='--nodnsproxy'

          Modified buggy /etc/init.d/connman

          --- /etc/init.d/connman~1	2020-03-27 14:19:11.000000000 +0000
          +++ /etc/init.d/connman	2020-04-24 22:27:20.707538355 +0100
          @@ -19,13 +19,16 @@
           	. /etc/default/connman
           fi
           
          -if [ "CONNMAN_RUNSTATEDIR_RESOLVCONF" != "no" ] ; then
          -    mkdir -p /run/connman
          -    ln -sf /run/connman/resolv.conf /etc/
          +if [ -n $DAEMON_OPTS ]; then
          +	echo $DAEMON_OPTS | grep -F -q 'nodnsproxy' ||
          +	{
          +		mkdir -p /run/connman/
          +		ln -sf /run/connman/resolv.conf /etc/
          +	}
           fi
           
           do_start() {
          -	start-stop-daemon --start --oknodo --exec $DAEMON --$DAEMON_OPTS
          +	start-stop-daemon --start --oknodo --exec $DAEMON -- $DAEMON_OPTS
           }
           
           do_stop() {

          Even with ConnMan not running as a DNS proxy, it still overwrites /etc/resolv.conf with DHCP entries it finds (dhclient is ignored by ConnMan)

          Therefore,…. these steps are needed too:

          $ sudo /etc/init.d/connman stop
          $ sudo rm /etc/resolv.conf
          $ sudo echo 'nameserver 185.228.169.168' > /etc/resolv.conf
          $ sudo echo 'nameserver 185.228.168.168' >> /etc/resolv.conf
          $ sudo chattr +i /etc/resolv.conf
          $ sudo /etc/init.d/networking restart
          $ sudo /etc/init.d/connman start

          These hacks work, but the ConnMan System Tray shows wrong domain name servers (maybe it still uses an internal DHCP client?).

          Cheers,
          Craig.

          #35300
          Member
          Craig
            Helpful
            Up
            0
            ::

            By the way, to test the effectiveness of alterations, I’ve been surfing to DNSLeakTest_Com (JavaScript needed) with a Firefox restart after each change.

            This site shows CleanBrowsing’s domain name servers, while ConnMan shows the ISP’s DNS – but they’re not being used.

            #35374
            Member
            Craig
              Helpful
              Up
              0
              ::

              Here’s a better patch to fix bugs in /etc/init.d/connman

              This diff backs up an existing /etc/resolv.conf file before starting ConnMan & restores it after daemon stop:

              --- connman~1	2020-03-27 14:19:11.000000000 +0000
              +++ connman	2020-04-27 15:32:40.585655166 +0100
              @@ -19,17 +19,29 @@
               	. /etc/default/connman
               fi
               
              -if [ "CONNMAN_RUNSTATEDIR_RESOLVCONF" != "no" ] ; then
              -    mkdir -p /run/connman
              -    ln -sf /run/connman/resolv.conf /etc/
              +DNS_PROXY='yes'
              +if [ -n $DAEMON_OPTS ]; then
              +	echo $DAEMON_OPTS | grep -F -q 'nodnsproxy' && DNS_PROXY='no'
               fi
               
               do_start() {
              -	start-stop-daemon --start --oknodo --exec $DAEMON --$DAEMON_OPTS
              +	if [ $DNS_PROXY = 'yes' ]; then
              +		mkdir -p /run/connman/ || return
              +		if [ -f /etc/resolv.conf ]; then
              +			ln /etc/resolv.conf /etc/connman/
              +		fi
              +		ln -sf /run/connman/resolv.conf /etc/ || return
              +	fi
              +	start-stop-daemon --start --oknodo --exec $DAEMON -- $DAEMON_OPTS
               }
               
               do_stop() {
              -	start-stop-daemon --stop --oknodo --quiet --exec $DAEMON
              +	start-stop-daemon --stop --oknodo --quiet --exec $DAEMON || return
              +	local _rc=$?
              +	if [ $DNS_PROXY = 'yes' ]; then
              +		mv /etc/connman/resolv.conf /etc/
              +	fi
              +	return $_rc
               }
               
               get_pid() {
              

              Cheers,
              Craig.

              #35394
              Member
              ModdIt
                Helpful
                Up
                0
                ::

                Hello Craig, thanks for your work, this subject drives me nuts, seems we are having to reinvent the wheel at times.

                would be really nice to have an easy way to set DNS default for all users in AntiX underlining simplicity, freedom of choice in the best distro used to date.

                I do appreciate that some providers block or repair our dns changes in forced supply routers. Shitty vodafone certainly does. But that is another story.
                Vodafone is Tier 1 provider for UK spy agency GHCQ so not surprised.

                #35459
                Member
                Craig
                  Helpful
                  Up
                  0
                  ::

                  This is how I got it to work with WPA instead of ConnMan:

                  In AntiX’s Control Centre start up service selector:-
                  1) Remove connman from levels 2,3,4,5
                  2) Add resolvconf to run levels 2,3,4,5

                  Supersede dhcp client’s DNS:

                   $ diff -u /etc/dhcp/dhclient.conf~ /etc/dhcp/dhclient.conf
                  --- /etc/dhcp/dhclient.conf~	2020-04-20 17:15:38.081969606 +0100
                  +++ /etc/dhcp/dhclient.conf	2020-04-24 17:51:20.113870509 +0100
                  @@ -22,6 +22,7 @@
                   #send dhcp-client-identifier 1:0:a0:24:ab:fb:9c;
                   #send dhcp-lease-time 3600;
                   #supersede domain-name "fugue.com home.vix.com";
                  +supersede domain-name-servers 185.228.169.168,185.228.168.168;
                   #prepend domain-name-servers 127.0.0.1;
                   #require subnet-mask, domain-name-servers;
                   #timeout 60;
                  $ sudo service connman stop
                  $ sudo chattr -i /etc/resolv.conf
                  $ sudo ln -sf /run/resolvconf/resolv.conf /etc/
                  $ sudo service resolvconf start

                  Add some lines to the end of the network interfaces file:-

                  See: https://www.AntixForum.Com/forums/topic/wpa_gui-and-wpa_supplicant-how-to/#post-4144
                  
                  #------------------------------------------------------------------------------
                  # /etc/network/interfaces
                  #
                  # interfaces(5) file used by ifup(8) and ifdown(8)
                  # Used by ceni but not by connman
                  #------------------------------------------------------------------------------
                  
                  auto lo
                  iface lo inet loopback
                  
                  allow-hotplug eth0
                  iface eth0 inet dhcp
                  
                  # Code added for roaming wpa_supplicant & wpa_gui
                  auto wlan0
                  iface wlan0 inet manual
                          wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
                  iface default inet dhcp
                  

                  Created a configuration for for WPA supplicant:-

                  $ head -n 3 /etc/wpa_supplicant/wpa_supplicant.conf
                  ctrl_interface=DIR=/run/wpa_supplicant GROUP=netdev
                  update_config=1
                  
                  

                  Created a WPA GUI start up call:

                  $ cat ~/.icewm/startup 
                  #!/bin/bash
                  
                  # nice cmst &
                  nice wpa_gui -t &
                  

                  Rebooted & it all works. Simply add roaming WiFi networks with WPA’s GUI & easily switch between them.

                  Cheers,
                  Craig.

                  #35483
                  Member
                  AR
                    Helpful
                    Up
                    0
                    ::

                    The simplest DNS setting way in Connman is:
                    1. Open Connman UI Setup.
                    2. Choose second tab from the left (on my computer it’s in my language, so I do not know how it will be in English). It will show your connection parameters.
                    3. Press the button in the lower right corner (“Preferences” or “Setup”, or somewhat similar).
                    4. Choose there tab “Name servers”. Type there your nameservers (divided by space), then press OK.

                    These nameservers will work even after reboot. I checked this on the DNS leak test site.

                    This way is for one user and for one connection, but it’s very simple, so every user can do it on any connection with such simple howto.

                    • This reply was modified 2 years, 9 months ago by AR.
                    • This reply was modified 2 years, 9 months ago by AR.
                    • This reply was modified 2 years, 9 months ago by AR.
                    #35487
                    Member
                    ModdIt
                      Helpful
                      Up
                      0
                      ::

                      Hi AR, your suggestion works for single user or can be setup for each user separately.

                      The question was to set systemwide default DNS for all users on all connections which is more challenging.

                      #35491
                      Member
                      AR
                        Helpful
                        Up
                        0
                        ::

                        Hi Moddit, as for me, I simply set up my home router to my favorite DNS servers. And all my devices receive DNS from this router. I know that my previous reply was not the resolve for the Craig’s problem, but I think it would be helpful for someone.

                        • This reply was modified 2 years, 9 months ago by AR.
                        • This reply was modified 2 years, 9 months ago by AR.
                        #35504
                        Member
                        Craig
                          Helpful
                          Up
                          0
                          ::

                          Yes, I can use ConnMan to manually set DNS, for every connection (which is annoying).

                          But those settings can be deleted by other (immature) people with their own account on the laptop.

                          Setting domain name servers in your LAN’s router is great – if your antiX laptop never leaves home.

                          I need to set the DNS on this antiX laptop, which roams away from home, for all users, for all connections.

                          Point 1 of the 1st post stated that setting default domain name servers in /etc/connman/main.conf doesn’t work, because it is not a configurable option.

                          Cheers,
                          Craig.

                          #35505
                          Member
                          Craig
                            Helpful
                            Up
                            0
                            ::

                            By the way, I’ve deleted ~/.icewm/startup and put the WPA GUI start up call in ~/.desktop-session/startup

                            
                            # Puts WPA's GUI in the system tray:
                            nice wpa_gui -t &
                            
                            
                            #35507
                            Forum Admin
                            anticapitalista
                              Helpful
                              Up
                              0
                              ::

                              I’m going to edit the title so people can see that the thread includes some really excellent tips and is not just a request

                              Philosophers have interpreted the world in many ways; the point is to change it.

                              antiX with runit - leaner and meaner.

                            Viewing 13 posts - 1 through 13 (of 13 total)
                            • You must be logged in to reply to this topic.