Hi all,
I’m using unbound as DNS forwarder on my laptop.
When I’m traveling, each time I am behind a captive portal, I have to manually set the name server to the one provided by the ISP:
cat /var/run/NetworkManager/resolv.conf >> /etc/resolv.conf
This is only temporary. Once I’m logged in, I then manually remove the added nameserver from /etc/resolv.conf so as to restore DNS privacy-aware and secure mode.
How to automate this? What kind of captive portal detection is compatible with unbound?
Best regards,
–Martin
PS: Firefox has such a feature in their new DNS-over-HTTPS feature, see https://bugzilla.mozilla.org/show_bug.cgi?id=1434852
I'm using unbound as DNS forwarder on my laptop.
When I'm traveling, each time I am behind a captive portal, I have to manually set the name server to the one provided by the ISP:
How to automate this? What kind of captive portal detection is compatible with unbound?
Install the dnssec-trigger package and start the dnssec-triggerd
service.
It's still not the best. But I'm hopeful that due to HTTPS everywhere,
the IETF captive portal people are finally being taken seriously so
we can do real proper portal detection and interact more cleanly, which
would hopefully result in only using the network DNS servers for the
captive portal authentication itself (in a sandbox?) and for nothing
else.
PS: Firefox has such a feature in their new DNS-over-HTTPS feature, see https://bugzilla.mozilla.org/show_bug.cgi?id=1434852
That does not help you if you cannot browse the internet yet before the
captive portal.
Paul