From e01089945ea5ca0e6798518aa7c33a1dfb401699 Mon Sep 17 00:00:00 2001 From: h-town <29696865+h-town@users.noreply.github.com> Date: Tue, 24 Dec 2019 03:18:11 -0600 Subject: [PATCH 1/4] Remove Google DNS Remove Google DNS for privacy purposes, replace with Quad9 --- auto_install/install.sh | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/auto_install/install.sh b/auto_install/install.sh index cdbd8f5..4787fa4 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -57,8 +57,8 @@ r=$(( r < 20 ? 20 : r )) c=$(( c < 70 ? 70 : c )) # Find IP used to route to outside world -IPv4addr=$(ip route get 8.8.8.8| awk '{print $7}') -IPv4gw=$(ip route get 8.8.8.8 | awk '{print $3}') +IPv4addr=$(ip route get 9.9.9.9 | awk '{print $7}') +IPv4gw=$(ip route get 9.9.9.9 | awk '{print $3}') availableInterfaces=$(ip -o link | grep "state UP" | awk '{print $2}' | cut -d':' -f1 | cut -d'@' -f1) dhcpcdFile=/etc/dhcpcd.conf @@ -947,8 +947,8 @@ askClientDNS(){ pivpnDNS1="$pivpnDNS2" unset pivpnDNS2 elif [ -z "$pivpnDNS1" ] && [ -z "$pivpnDNS2" ]; then - pivpnDNS1="8.8.8.8" - pivpnDNS2="8.8.4.4" + pivpnDNS1="9.9.9.9" + pivpnDNS2="149.112.112.112" echo "::: No DNS provider specified, using Google DNS ($pivpnDNS1 $pivpnDNS2)" fi @@ -992,13 +992,14 @@ askClientDNS(){ Custom.\\n\\nIn case you have a local resolver running, i.e. unbound, select \"PiVPN-is-local-DNS\" and make sure your resolver is listening on \"$vpnGw\", allowing requests from \"${pivpnNET}/${subnetClass}\"." ${r} ${c} 6) - DNSChooseOptions=(Google "" on + DNSChooseOptions=(Quad9 "" on OpenDNS "" off Level3 "" off DNS.WATCH "" off Norton "" off FamilyShield "" off CloudFlare "" off + Google "" off PiVPN-is-local-DNS "" off Custom "" off) @@ -1008,13 +1009,14 @@ askClientDNS(){ if [[ ${DNSchoices} != "Custom" ]]; then echo "::: Using ${DNSchoices} servers." - declare -A DNS_MAP=(["Google"]="8.8.8.8 8.8.4.4" + declare -A DNS_MAP=(["Quad9"]="9.9.9.9 149.112.112.112" ["OpenDNS"]="208.67.222.222 208.67.220.220" ["Level3"]="209.244.0.3 209.244.0.4" ["DNS.WATCH"]="84.200.69.80 84.200.70.40" ["Norton"]="199.85.126.10 199.85.127.10" ["FamilyShield"]="208.67.222.123 208.67.220.123" ["CloudFlare"]="1.1.1.1 1.0.0.1" + ["Google"]="8.8.8.8 8.8.4.4" ["PiVPN-is-local-DNS"]="$vpnGw") pivpnDNS1=$(awk '{print $1}' <<< "${DNS_MAP["${DNSchoices}"]}") @@ -1025,7 +1027,7 @@ askClientDNS(){ until [[ $DNSSettingsCorrect = True ]]; do strInvalid="Invalid" - if pivpnDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), separated by a comma.\\n\\nFor example '8.8.8.8, 8.8.4.4'" ${r} ${c} "" 3>&1 1>&2 2>&3) + if pivpnDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), separated by a comma.\\n\\nFor example '1.1.1.1, 9.9.9.9'" ${r} ${c} "" 3>&1 1>&2 2>&3) then pivpnDNS1=$(echo "$pivpnDNS" | sed 's/[, \t]\+/,/g' | awk -F, '{print$1}') pivpnDNS2=$(echo "$pivpnDNS" | sed 's/[, \t]\+/,/g' | awk -F, '{print$2}') From 4257ba76c23bd11e4571f294b621da18e0f1857e Mon Sep 17 00:00:00 2001 From: h-town <29696865+h-town@users.noreply.github.com> Date: Tue, 24 Dec 2019 03:23:21 -0600 Subject: [PATCH 2/4] Remove Google DNS Remove Google DNS for privacy purposes, replace with Quad9 --- server_config.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server_config.txt b/server_config.txt index 71da0c8..5032a12 100644 --- a/server_config.txt +++ b/server_config.txt @@ -8,8 +8,8 @@ dh /etc/openvpn/easy-rsa/pki/dh2048.pem topology subnet server 10.8.0.0 255.255.255.0 # Set your primary domain name server address for clients -push "dhcp-option DNS 8.8.8.8" -push "dhcp-option DNS 8.8.4.4" +push "dhcp-option DNS 9.9.9.9" +push "dhcp-option DNS 149.112.112.112" # Prevent DNS leaks on Windows push "block-outside-dns" # Override the Client default gateway by using 0.0.0.0/1 and From 78a6f14742a515425a01e272b22425f455c81138 Mon Sep 17 00:00:00 2001 From: h-town <29696865+h-town@users.noreply.github.com> Date: Fri, 3 Jan 2020 10:43:23 -0600 Subject: [PATCH 3/4] Replace mention of 'Google' with 'Quad9' --- auto_install/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auto_install/install.sh b/auto_install/install.sh index 4787fa4..247016a 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -949,7 +949,7 @@ askClientDNS(){ elif [ -z "$pivpnDNS1" ] && [ -z "$pivpnDNS2" ]; then pivpnDNS1="9.9.9.9" pivpnDNS2="149.112.112.112" - echo "::: No DNS provider specified, using Google DNS ($pivpnDNS1 $pivpnDNS2)" + echo "::: No DNS provider specified, using Quad9 DNS ($pivpnDNS1 $pivpnDNS2)" fi local INVALID_DNS_SETTINGS=0 From 465d157a194528f2052ba7b22c0042750cd7aa73 Mon Sep 17 00:00:00 2001 From: h-town <29696865+h-town@users.noreply.github.com> Date: Fri, 3 Jan 2020 10:56:28 -0600 Subject: [PATCH 4/4] Revise route query for IP & GW selection from Quad9 to TEST-NET-1 --- auto_install/install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/auto_install/install.sh b/auto_install/install.sh index 247016a..047b4e0 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -57,8 +57,8 @@ r=$(( r < 20 ? 20 : r )) c=$(( c < 70 ? 70 : c )) # Find IP used to route to outside world -IPv4addr=$(ip route get 9.9.9.9 | awk '{print $7}') -IPv4gw=$(ip route get 9.9.9.9 | awk '{print $3}') +IPv4addr=$(ip route get 192.0.2.1 | awk '{print $7}') +IPv4gw=$(ip route get 192.0.2.2 | awk '{print $3}') availableInterfaces=$(ip -o link | grep "state UP" | awk '{print $2}' | cut -d':' -f1 | cut -d'@' -f1) dhcpcdFile=/etc/dhcpcd.conf