Hi.
On Thu, Feb 23, 2023 at 11:31:44AM +0100, daven...@tuxfamily.org wrote:
> > If it is DHCP: You might do a countermeasure in
> > /etc/dhcp/dhclient.conf. On my system I have an entry as below.
> >
> > interface "wlp4s0" {
> > supersede domain-name-servers 127.0.0.1;
>
> Unfortunately, I can't use supersede parameter because I need to use
> different resolvers at different times/in different contexts.
>
> I would need something more… conditional
>
> IF openconnect is running and has modified resolv.conf, leave that
> file alone unless you are openconnect Otherwise, when there's no VPN
> active, you can do normal DHCP requests and accept whatever
> currently-active network's router/DHCP tells you and update resolve
> conf accordingly
openconnect has that helpful --script option, which calls
/usr/share/vpnc-scripts/vpnc-script by default.
All you need is to make a copy of that script, modify dhclient.conf
at "connect" and "disconnect" phases accordingly, and then call your
modified script from openconnect.
Reco
