Gnome nmcli wireguard.. lost previous dns on link down

bcook · 18 February 2021 14:30

Hey all,

New laptop… Dropped Manjaro gnome on it, and setup wireguard for use with NetworkManager, because that’s all Gnome supports… KDE has integrated WireGuard support…

nmcli connection import type wireguard file shield-buffalo.conf
nmcli connection add type wireguard file shield-buffalo.conf
nmcli connection modify shield-buffalo autoconnect no
nmcli --show-secrets connection show shield-buffalo
nmcli connection down shield-buffalo

Connecting to a Streisand server, been working for a few years now…

I have dozens of people using the vpn, all working, Windows, iOS, Android, Linux… etc…

The local wireguard link comes up and works as it should, but when I down the link… I lose the contents of /etc/resolv.conf…

Manually I can add my local nameservers back in… but on link up/down drops the contents again…

Open to suggestions… Open to “I did something”…

Thanks in advance…

Mirdarthos · 18 February 2021 14:36

Hi @bcook, and welcome!

Wireguard has an option to run a script after it has gone down. I think the option was PostDown but I’m not 100% sure.

You could use that to trigger a script to copy a backup resolv.conf over the empty one, replacing it. Or to repopulate it again. Or something like that.

Edit:
In fact, now that I think about it, AFAIK that’s what those hooks are designed for, so it can be used to prevent DNS leaks, adjust routing, and so on.

bcook · 19 February 2021 14:51

Thank you… makes sense…

Will try…