After uninstalling/removing https-dns-proxy ipleak.net shows no dns servers

redchilis · February 15, 2024, 4:47pm

after removing https-dns-proxy and dependencies via luci > software > installed > remove

ipleak.net shows no dns servers

dnsleaktest.com shows google as my isp

i dont have a backup of my settings before i tried https-dns-proxy, seems like it has left behind some debri after being removed

help anyone on how to continue using "Use DNS servers advertised by peer" which is checked like before

thanks

lleachii · February 15, 2024, 4:51pm

Current configs?
Did you restart?

redchilis · February 15, 2024, 5:09pm

yup

cat /etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth0.1'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ipaddr '192.168.42.1'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '0 6t'

config interface 'coconut'
	option proto 'dhcp'
	option device 'eth1'
	option type 'bridge'
	option broadcast '1'

cat /etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option localservice '1'
	option ednspacket_max '1232'
	option confdir '/tmp/dnsmasq.d'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config host
	option name 'M'
	option ip '192.168.1.101'
	option mac '--:--:--:--:--:--'

config dhcp 'coconut'
	option interface 'coconut'
	option ignore '1'

lleachii · February 15, 2024, 5:17pm

Both cannot be true - please also provide the output of:

ifstatus wan | grep dns-server -A 3

EDIT

You don't have a WAN - is coconut supposed to be WAN?
What is coconut bridged to?

redchilis · February 15, 2024, 5:19pm

root@OpenWrt:~# ifstatus wan | grep dns-server -A 3
root@OpenWrt:~#

coconut is wan
coconut is a 4g dongle

lleachii · February 15, 2024, 5:20pm

We cannot guess you changed configs and deleted interfaces - please edit the command to reflect your current WAN interface.

As I noted:

Please answer at your convenience.

lleachii · February 15, 2024, 5:21pm

Why is it bridged - what is it bridged to?
Can you provide the results of the ifstatus command?
Please also provide the firewall config to verify

redchilis · February 15, 2024, 5:23pm

root@OpenWrt:~# ifstatus coconut | grep dns-server -A 3
"dns-server": [
"192.168.0.1"
],
"dns-search": [

	"dns-server": [
		
	],
	"dns-search": [

root@OpenWrt:~#

thats the way its always been
usb dongle

root@OpenWrt:~# cat /etc/config/firewall

config defaults
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option synflood_protect '1'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	list network 'lan'

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option mtu_fix '1'
	list device 'tun0'
	option masq '1'
	list network 'coconut'
	list network 'lan'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config rule
	option name 'roku'
	list src_mac '88:DE:A9:DF:5B:E1'
	option target 'REJECT'
	list proto 'all'
	option src '*'
	option dest '*'

root@OpenWrt:~#

lleachii · February 15, 2024, 5:26pm

Excellent, we now see the current DNS setting for your coconut interface - and that your interface has no inactive DNS settings (i.e. ignored from DHCP). Now, we just need to know what server/IP is 192.168.0.1 in your network?

Optionally, you can set other DNS servers.

EDIT

This adding to previous posts is confusing:

redchilis:

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option mtu_fix '1'
	list device 'tun0'
	option masq '1'
	list network 'coconut'
	list network 'lan'

Why is LAN and coconut in the same WAN firewall zone?
What is tunl0?

You have the LAN interface in 2 Firewall zones, this is incorrect - remove it from teh WAN zone.

redchilis · February 15, 2024, 5:32pm

i can set other servers

i just dont know how google servers are showing
which is what https-dns-proxy installed

192.168.0.1 is the gateway to the dongle, so i can log into that router through this one if i need to

i think ill just do a fresh install, will be easier, https-dns-proxy has changed something

i think in dhcp

option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'

lleachii · February 15, 2024, 5:33pm

Easy - because the server 192.168.0.1 is querying Google's DNS servers. That needs to be fixed.

This is why I stated:

Then you may need to fix your issue there. This seems unrelated to OpenWrt.

redchilis · February 15, 2024, 5:34pm

ok thanks

192.168.0.1 is the dongle ip

lleachii · February 15, 2024, 5:35pm

Yes you told us, see my post above.

system · February 25, 2024, 5:38pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.

After uninstalling/removing https-dns-proxy ipleak.net shows no dns servers

root@OpenWrt:~# ifstatus coconut | grep dns-server -A 3 "dns-server": [ "192.168.0.1" ], "dns-search": [

root@OpenWrt:~# ifstatus coconut | grep dns-server -A 3
"dns-server": [
"192.168.0.1"
],
"dns-search": [