On Thu, Aug 28, 2014 at 10:08 PM, Josh Triplett <[email protected]> wrote: > The documentation for systemd-resolved says it sends DNS queries on all > interfaces. That seems like a bug for privacy and security reasons: I > don't necessarily want a query for foo.internalhost.com going anywhere > other than my VPN for internalhost.com, and if I run a VPN for privacy > purposes then I don't want *anything* other than the VPN itself to send > traffic over a non-VPN interface. Any way we could fix that while > retaining the "works out of the box" behavior?
Hi Josh, The idea is to make it possible to lock this down further. I believe we still lack a few bits before we have everything, but the general idea is outlined here: <http://lists.freedesktop.org/archives/systemd-devel/2014-August/021960.html>, which I think fits with what you are after. Cheers, Tom _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
