On 12/18/2017 08:09 PM, [email protected] wrote: > Also why bitmask connection with proxyVM has leaks and connection bitmask in > appVM has no leaks. Any idea? >
Because bitmask is designed for end users which run it on the same machine they connect to the internet. They capture DNS queries on the OUTPUT chain of your interfaces and redirect them to the tun0 interface. Using it on a proxyVM, you are routing traffic from another VM's to the VPN tunnel and the method they use for avoid DNS leaks doesn't work. The traffic goes through the FORWARD chain and skip their protection. Maybe using iptables could be a better solution but editing /etc/resolv.conf seems the simplest method. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/43377a9f-b8b4-c75c-eeee-2f89a9be4938%40riseup.net. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: OpenPGP digital signature
