DNS leaks
I keep getting DNS leaks using the bitmask-systray snap app (current v 0.10.5+git) OS: Linux Mint 18.3 No previous firewall rules for possible conflicts
The firewall rules seem to be ok but for some reason the traffic is not being routed properly
iptables -L -v output:
Chain bitmask (1 references) pkts bytes target prot opt in out source destination 2958 539K ACCEPT all -- any enp0s7 anywhere 192.168.0.0/24 0 0 ACCEPT udp -- any enp0s7 192.168.0.0/24 anywhere udp dpt:domain 0 0 ACCEPT tcp -- any enp0s7 192.168.0.0/24 anywhere tcp dpt:domain 0 0 RETURN udp -- any enp0s7 anywhere 239.255.255.250 udp dpt:1900 0 0 RETURN udp -- any enp0s7 anywhere 224.0.0.251 udp dpt:mdns 19959 3785K ACCEPT all -- any enp0s7 anywhere anon.riseup.net 0 0 ACCEPT all -- any enp0s7 anywhere garza.riseup.net 0 0 ACCEPT all -- any enp0s7 anywhere 5.79.86.180 38 2140 REJECT all -- any enp0s7 anywhere anywhere reject-with icmp-port-unreachable
iptables -t nat -S output:
-P PREROUTING ACCEPT -P INPUT ACCEPT -P OUTPUT ACCEPT -P POSTROUTING ACCEPT -N bitmask -N bitmask_postrouting -A OUTPUT -j bitmask -A POSTROUTING -j bitmask_postrouting -A bitmask -d 127.0.1.1/32 -p udp -m udp --dport 53 -j ACCEPT -A bitmask -d 127.0.0.1/32 -p udp -m udp --dport 53 -j ACCEPT -A bitmask -d 127.0.0.53/32 -p udp -m udp --dport 53 -j ACCEPT -A bitmask -p udp -m udp --dport 53 -j DNAT --to-destination 10.41.0.1:53 -A bitmask -p tcp -m tcp --dport 53 -j DNAT --to-destination 10.41.0.1:53 -A bitmask_postrouting -d 10.41.0.1/32 -p udp -m udp --dport 53 -j MASQUERADE -A bitmask_postrouting -d 10.41.0.1/32 -p tcp -m tcp --dport 53 -j MASQUERADE
Any clue?