use dhcp://auto for Tun+systemd-resolved on Linux

2025-12-19 05:30:06 +08:00 · 2025-08-02 15:42:16 +03:30 · 2025-08-02 15:42:16 +03:30 · 6633ade093
commit 6633ade093
parent 65fa1b6a8a
2 changed files with 17 additions and 7 deletions
--- a/src/configs/ConfigBuilder.cpp
+++ b/src/configs/ConfigBuilder.cpp
@ -727,6 +727,14 @@ namespace Configs {
        // Direct
        auto directDNSAddress = dataStore->routing->direct_dns;
        if (directDNSAddress == "localhost") directDNSAddress = BOX_UNDERLYING_DNS_EXPORT;
+#ifdef Q_OS_LINUX
+        auto usingSystemdResolved = ReadFileText("/etc/resolv.conf").contains("systemd-resolved");
+        if (dataStore->spmode_vpn && (directDNSAddress.startsWith("local") || directDNSAddress.startsWith("underlying")) && usingSystemdResolved)
+        {
+            MW_show_log("[Warning] Using local dns resolver with systemd-resolved enabled causes a dns loophole, using dhcp://auto as direct dns.");
+            directDNSAddress = "dhcp://auto";
+        }
+#endif
        QJsonObject directObj{
            {"tag", "dns-direct"},
            {"address_resolver", "dns-local"},
@ -813,9 +821,17 @@ namespace Configs {
        }

        // Underlying 100% Working DNS
+        auto dnsLocalAddress = BOX_UNDERLYING_DNS_EXPORT;
+#ifdef Q_OS_LINUX
+        if (dataStore->spmode_vpn && (dnsLocalAddress.startsWith("local") || dnsLocalAddress.startsWith("underlying")) && usingSystemdResolved)
+        {
+            MW_show_log("[Warning] Using local dns resolver with systemd-resolved enabled causes a dns loophole, using dhcp://auto as local dns.");
+            dnsLocalAddress = "dhcp://auto";
+        }
+#endif
        dnsServers += QJsonObject{
            {"tag", "dns-local"},
-            {"address", BOX_UNDERLYING_DNS_EXPORT},
+            {"address", dnsLocalAddress},
            {"detour", "direct"},
        };

--- a/src/ui/mainwindow_grpc.cpp
+++ b/src/ui/mainwindow_grpc.cpp
@ -538,12 +538,6 @@ void MainWindow::profile_start(int _id) {
            restartMsgboxTimer->cancel();
            restartMsgboxTimer->deleteLater();
            restartMsgbox->deleteLater();
-#ifdef Q_OS_LINUX
-            // Check systemd-resolved
-            if (Configs::dataStore->spmode_vpn && Configs::dataStore->routing->direct_dns.startsWith("local") && ReadFileText("/etc/resolv.conf").contains("systemd-resolved")) {
-                MW_show_log("[Warning] The default Direct DNS may not works with systemd-resolved, you may consider change your DNS settings.");
-            }
-#endif
        });
    });
 }