23
Privacy DNS Chooser Script v1.0 "Snow Breeze"
(kbin.social)
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
Hello! That's something that I should keep an eye on! When speaking about Captive Portals, I just assume everyone uses 4G/5G (which doesn't require these portals to be used) instead of open networks. My script already has DNSSEC disabled since it has caused some problems during testing. BTW, just a question : Are these portals very common? I haven't seen one since years now.
In Germany every public wifi, train (ICE windows block cell internetand they are currently lasering small waves in them), hotels, cafes, private wifis even if you are a guest.
Because of "data protection" everyone needs to accept TOS so every network has them.
No idea where you live but cell data is often expensive.
I just use the MullvadVPN app, my systemd-resolved is plain and insecure and Mullvad does all the secure DNS stuff. Obviously sucks and is not scalable at all.
Systemd implementing a switch that could then be integrated into GUIs, like KDE6's captive portal opener, is crucial. So for the portals you would make the DNS insecure, log in and secure it again. Best automatically.
Ok. I will see that! If you have a GitHub account. You can make an issue right now, so tracking the issue would be better for me. Or I could do that myself.
Edit : I have made a prototype that I could release it soon as an alpha. When it gets released, your goal is to test in a place where captive portals are present. Sadly, the script won't be automatic but requires user interaction.
Edit 2 : it is now available as alpha on the releases page.
Cool!
Have you looked into how existing software handles captive portals. I believe, both Ubuntu (or Gnome or Network-Manager) and Firefox do check for such portals and detect real internet access. (They simple poll some URL http://detectportal.vendor.com and check for the expected return code. Portals usually redirect.)
Now I'm thinking, what if this check could trigger a change to the DNS configuration. That is use DoT when internet is available, otherwise fall back to DHCP announced DNS
That is neat! It is a specific response so it should work.
This should work. What would be needed is to track the process of the login and only continue when the window is closed again.
I have edited the release page for the alpha. I have modified the file to correct a bug and add the deletion of the backup file when the operation is finished and also restart systemd-resolved service.
No need for a systemd switch. It should work with a dedicated "portal" browser that bypasses the global dns and has a built-in resolver using the dns from dhcp.
Yes if that works for sure. Problem here is that GNOME and KDE use different webengines, so yay no standards. Firefox doesnt support that I think?
I use a seperate firefox profile with a shortcut like
I wanted to do something with
mullvad-exclude
but that didnt work for some reason, as when excluding it I think it had no internet?