install dhclient (n.b. deprecated)
pacman -S dhclient
systemctl enable dhclient@eno1.service
systemctl start dhclient@eno1.service
dhclient overwrites /etc/resolv.conf
which is a
problem if using vpn, etc.
see
arch forum - dhclient overwrites resolv.conf even when
resolvconf is installed
I can't get this to work, resolvconf processes it in the wrong
order
this could be fixed by hardcoding or just ignoring DNS
altogether (I get my DNS server from mullvad or 1.1.1.1
anyways)
patch from arch forum in
/etc/dhclient-enter-hooks
# if [ -f /etc/resolv.conf ]; then
# chown --reference=/etc/resolv.conf $new_resolv_conf
# chmod --reference=/etc/resolv.conf $new_resolv_conf
# fi
# mv -f $new_resolv_conf /etc/resolv.conf
# use resolvconf
cat $new_resolv_conf | /usr/bin/resolvconf -a $interface
rm $new_resolv_conf
use
unbound to
prevent DNS servers being in the wrong order
error journalctl -u dhclient@eno1.service
Jun 11 16:22:03 neko dhclient[687]: send_packet: Operation not permitted
Jun 11 16:22:03 neko dhclient[687]: dhclient.c:2996: Failed to send 300 byte long packet over fallback interface.
sudo tcpdump > out.txt
note that bootps
is usually port 67 and
bootpc
is usually port 68
02:58:43.767759 IP neko.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from b0:25:aa:44:bd:c2 (oui Unknown), length 300
02:58:43.770219 ARP, Request who-has res388d-128-61-95-198.res.gatech.edu (Broadcast) tell _gateway, length 46
02:58:43.773852 IP _gateway.bootps > neko.bootpc: BOOTP/DHCP, Reply, length 300
02:58:43.774738 IP _gateway.bootps > neko.bootpc: BOOTP/DHCP, Reply, length 300
iptables -A OUTPUT -p udp --sport 1024:65535 --dport 67 -j ACCEPT
iptables -A OUTPUT -p udp --sport 68 --dport 67 -j ACCEPT
iptables -A INPUT -p udp --sport 1024:65535 --dport 68 -j ACCEPT
iptables -A INPUT -p udp --sport 67 --dport 68 -j ACCEPT
ebtables-nft --list
iptables -F
ebtables-nft -F
# exclude dhclient from vpn, also from firewall
mullvad split-tunnel pid add "$(pgrep --oldest dhclient)"