And still adding further input (in hopes it's useful) when this time I tested activating the UFW and the CLI client while the network-manager- openvpn applet was still ON the rogue DNS server appears once again. Keep in mind that this shouldn't really be on any of the configuration files at all. Before testing I had designated 84.200.69.80 as the only resolver for that connection on network-manager.
More logs (syslog, Ununtu 17.04 - 4.10.0-20-generic, all packages up to date) : Everything was good until I put up the firewall (blocking the VPN DNS on pursose, just to see how it reacted to a stress test) May 8 04:10:17 tuxedo kernel: [ 2919.884244] [UFW BLOCK] IN= OUT=tun1 SRC=10.43.16.23 DST=10.43.16.1 LEN=62 TOS=0x00 PREC=0x00 TTL=64 ID=58632 DF PROTO=UDP SPT=48934 DPT=53 LEN=42 May 8 04:10:17 tuxedo kernel: [ 2919.884259] [UFW BLOCK] IN= OUT=tun1 SRC=10.43.16.23 DST=10.43.16.1 LEN=62 TOS=0x00 PREC=0x00 TTL=64 ID=58633 DF PROTO=UDP SPT=48934 DPT=53 LEN=42 May 8 04:10:17 tuxedo kernel: [ 2919.884273] [UFW BLOCK] IN= OUT=tun1 SRC=10.43.16.23 DST=10.43.16.1 LEN=62 TOS=0x00 PREC=0x00 TTL=64 ID=58634 DF PROTO=UDP SPT=48934 DPT=53 LEN=42 May 8 04:10:17 tuxedo kernel: [ 2919.884287] [UFW BLOCK] IN= OUT=tun1 SRC=10.43.16.23 DST=10.43.16.1 LEN=62 TOS=0x00 PREC=0x00 TTL=64 ID=58635 DF PROTO=UDP SPT=48934 DPT=53 LEN=42 May 8 04:10:17 tuxedo kernel: [ 2919.884302] [UFW BLOCK] IN= OUT=tun1 SRC=10.43.16.23 DST=10.43.16.1 LEN=62 TOS=0x00 PREC=0x00 TTL=64 ID=58636 DF PROTO=UDP SPT=48934 DPT=53 LEN=42 May 8 04:10:17 tuxedo compiz[2489]: WARN 2017-05-08 04:10:17 unity.dash.view DashView.cpp:1272 Search failed 'fire'=> Timeout was reached May 8 04:10:17 tuxedo unity-scope-hom[5319]: scope.vala:669: Unable to search scope: Timeout was reached May 8 04:10:17 tuxedo unity-scope-hom[5319]: unity-master-scope.vala:114: Unable to search scope: 'Timeout was reached' May 8 04:10:20 tuxedo unity-panel-ser[2498]: menus_destroyed: assertion 'IS_WINDOW_MENU(wm)' failed May 8 04:10:37 tuxedo NetworkManager[1315]: <info> [1494209437.6569] devices removed (path: /sys/devices/virtual/net/tun1, iface: tun1) May 8 04:10:37 tuxedo NetworkManager[1315]: <info> [1494209437.6579] device (tun1): state change: activated -> unmanaged (reason 'unmanaged') [100 10 3] May 8 04:10:37 tuxedo dbus[1288]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' May 8 04:10:37 tuxedo systemd[1]: Starting Network Manager Script Dispatcher Service... May 8 04:10:37 tuxedo dbus[1288]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher' May 8 04:10:37 tuxedo nm-dispatcher: req:1 'down' [tun1]: new request (2 scripts) May 8 04:10:37 tuxedo nm-dispatcher: req:1 'down' [tun1]: start running ordered scripts... May 8 04:10:37 tuxedo FirewallHandler: Saving iptables rules. May 8 04:10:37 tuxedo nm-dispatcher[9622]: <30>May 8 04:10:37 FirewallHandler: Saving iptables rules. May 8 04:10:37 tuxedo systemd[1]: Started Network Manager Script Dispatcher Service. May 8 04:10:44 tuxedo NetworkManager[1315]: <info> [1494209444.6758] audit: op="connection-deactivate" uuid="9fcd6b62-3762-424f-9b2e-e1cfe38b3fa7" name="Italy" pid=2535 uid=1000 result="success" May 8 04:10:44 tuxedo nm-dispatcher: req:2 'vpn-down' [tun0]: new request (2 scripts) May 8 04:10:44 tuxedo nm-dispatcher: req:2 'vpn-down' [tun0]: start running ordered scripts... May 8 04:10:44 tuxedo NetworkManager[1315]: <info> [1494209444.6796] vpn-connection[0x563fc05d8180,9fcd6b62-3762-424f-9b2e-e1cfe38b3fa7,"Italy",0]: VPN plugin: state changed: stopping (5) May 8 04:10:44 tuxedo NetworkManager[1315]: <info> [1494209444.6796] vpn-connection[0x563fc05d8180,9fcd6b62-3762-424f-9b2e-e1cfe38b3fa7,"Italy",0]: VPN plugin: state changed: stopped (6) May 8 04:10:44 tuxedo NetworkManager[1315]: <info> [1494209444.6809] policy: set 'MakiNET2' (wlp3s0) as default for IPv4 routing and DNS May 8 04:10:44 tuxedo NetworkManager[1315]: <info> [1494209444.6816] device (tun0): state change: activated -> unmanaged (reason 'unmanaged') [100 10 3] And here it falls back to the google DNS, I dont know why, but they are really persistent. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 8.8.8.8. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 8.8.4.4. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 2001:4860:4860::8888. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 2001:4860:4860::8844. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 8.8.8.8. May 8 04:10:44 tuxedo whoopsie[1311]: [04:10:44] Cannot reach: https://daisy.ubuntu.com May 8 04:10:44 tuxedo whoopsie[1311]: [04:10:44] offline May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 8.8.4.4. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 2001:4860:4860::8888. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 2001:4860:4860::8844. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 8.8.8.8. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 8.8.4.4. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 2001:4860:4860::8888. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 2001:4860:4860::8844. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 8.8.8.8. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 8.8.4.4. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 2001:4860:4860::8888. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 2001:4860:4860::8844. May 8 04:10:44 tuxedo systemd-resolved[1439]: Switching to fallback DNS server 8.8.8.8. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1652525 Title: DNS leak in ubuntu 16.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1652525/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
