DNS Leak: Blocked apps still make dns queries

[n90p]

Similar issues #957 and #997

All dns queries of all apps (even blocked) are coming from user 0 (root)
Blocking root also blocks dns at all
Finally, I've found that all dns queries are coming from netd

How to force dns queries have their real uid?

[ukanth]

Unfortunately it's not possible until you have your own dns proxy. cernekee wrote about it sometime back
https://forum.xda-developers.com/showpost.php?p=44722857&postcount=4

he has the repo also with custom dnsproxy
https://github.com/cernekee/dnsproxy2

Original plan was to integrate it with AFWall+, but never happened.

[MountainX]

My AFWall+ rules do not grant access to "0 Apps running as root". Does this issue affect people with that rule?

[n90p]

cernekee wrote about it sometime back
https://forum.xda-developers.com/showpost.php?p=44722857&postcount=4

Just setting env ANDROID_DNS_MODE=local helped for me. Thanks!
I've created simple Xposed module for this purpose https://github.com/nxzero/AndroidDnsMode

[Ch4t4r]

@nxzero have you checked whether this actually works? The XDA thread mentions that newer versions seem to not resolve anything at all with the variable set to local.

[chrcoluk]

@n90p commented on 1 Dec 2019, 10:10 GMT:

cernekee wrote about it sometime back
https://forum.xda-developers.com/showpost.php?p=44722857&postcount=4

Just setting env ANDROID_DNS_MODE=local helped for me. Thanks!
I've created simple Xposed module for this purpose https://github.com/nxzero/AndroidDnsMode

This is very nice, but where is the pre compiled module, dont see it either on your github or in the magisk download list :(

[NHellFire]

@Ch4t4r just tested on Android 10, setting that breaks resolving entirely.
If I have some free time over the next few weeks, I'll hopefully see if the modified dnsproxy works on 10 (or if I need to patch a newer version) and package it as a magisk module.