Hello;

I use a WireGuard VPN, and was struggling to find out where my DNS leak was coming to (DNS leak was to a cloudflare IP?).

I turned off Privacy Badger, modified my resolv.conf to ONLY have my VPN providers DNS server, and wrote a script to make sure it never changes (ISP/Network Manager putting entries in)

Now I don’t get leaks.

Is there the possibility that I’m pwned? That’s the only other solution I could think about.

If this helps someone else, your welcome! If someone else helps fix the issue thank you!

First of all, here is how VPN works https://www.top10vpn.com/guides/vpn-encryption-protocols/. I’m no good at networking skills, but i’m sure your data is encrypted until it is from VPN server to actual server you request (see What Is VPN Encryption? from URL). It means, your DNS request is encrypted as well. So any data leak problem, should be from VPN server. And i don’t see the point of using DNS server as VPN server’s address while you are using VPN protocols.
Secondly, can you really trust the DNS leak tests? I am seeing some online websites providing “DNS leak test” which are using js, sending some requests and analysis result. So as you can see, Privacy badger protects your browser from suspect js code. Any blocked js functions could give false positives from client to the test server. And that is normal test, we don’t talk about that is a fake server which runs malicious js code on your browser which could lead to malware infection.
Thirdly, are you being hacked? No, unless you are target of cyber crimes or your government and trust me, if you are the target, DNS leak is last thing they care about.

your explain’s successfull of this leak server

The issue was corrected by software update.

Or the issue was with your AnonSurf/Tor/Script being turned on, modifying resolv.conf or some other possible issue.

Fresh install, No trying AnonSurf, wireguard vpn client works ok.

I dns/rtc/etc leaks with multiple open-source tools ( privacytools.io ) and browser configurations.

The possibilites are endless but the problem is solved.

I’m trying to figure out a similar problem with the Resolv.conf file.

It says in the file;

Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)

DO NOT EDIT THIS FILE BY HAND – YOUR CHANGES WILL BE OVERWRITTEN

127.0.0.53 is the systemd-resolved stub resolver.

run “systemd-resolve --status” to see details about the actual nameservers.

So i edited my resolv.conf file to the cloudflare dns which is 1.1.1.1 in order to prevent a DNS leak and now realised this isn’t possible because the file is automatically re written.

How can it be prevented that the file is automatically re written ?

sudo dnstool address 1.1.1.1

After using sudo dns tool does the /etc/resolv.conf file remain as is or will it update as per the sudo dns command ?

The problem cropped back up for me as well.

DNS leaks to a cloudflare IP after a period of time on a Wireguard VPN.

I found the solution was to create a new profile in Firefox.

Everything is now fixed. If you test with chromium the DNS leak is not there. So it is browser related, and yes I have all the browser settings that cause DNS leaks fixed. Switching back and forth from the profile, was analogous to switching the DNS leak on/off.

resolv.conf doesn’t like to be edited. If problems persist after re-testing with Chromium/new profile in Firefox, add your VPN’s private DNS server to the correct places.

I noticed that when creating a new Firefox profile it auto-generates one with proxy set to */onion.pac but it doesn’t run the script/have any bearing on connectivity.

each action requests the authorization of the Administrator account in the terminal