[PATCH] mac: use networksetup so other apps can resolve dns

Thu Apr 7 13:05:34 PDT 2016

# HG changeset patch
# User Sean Farley <sean at farley.io>
# Date 1460059508 18000
#      Thu Apr 07 15:05:08 2016 -0500
# Node ID 34bf51d491067420cb6c674a0624bc42794f72f2
# Parent  b52b4b5c56a2d3553bd3506292725b52b2cebfb4
mac: use networksetup so other apps can resolve dns

It seems that this is the only way to have mac applications actually resolve
the dns on a vpn. Admittedly, this is a bit of hack. Is there a better way? I
do not know but please tell me if you find out.

diff --git a/vpnc-script b/vpnc-script
--- a/vpnc-script
+++ b/vpnc-script
@@ -419,10 +419,20 @@ search $CISCO_DEF_DOMAIN"
 			# Skip for pre-10.4 systems
 			4.*|5.*|6.*|7.*)
 				;;
 			# 10.4 and later require use of scutil for DNS to work properly
 			*)
+				# Get the name of the primary network interface
+				echo 'show State:/Network/Global/IPv4' | scutil | grep PrimaryInterface | cut -d: -f2 | xargs echo )
+				SERVICE_NAME=$( networksetup -listnetworkserviceorder | grep "$IFACE" | cut -d: -f2 | cut -d, -f1 | xargs echo )
+
+				# Backup the current DNS settings
+				networksetup -getdnsservers "$SERVICE_NAME" | grep -v "There are" > /var/run/vpnc/networksetup.dns-backup
+
+				# Append the DNS servers used by the VPN to the list we use
+				networksetup -setdnsservers "$SERVICE_NAME" $( cat /var/run/vpnc/networksetup.dns-backup ) $INTERNAL_IP4_DNS
+
 				OVERRIDE_PRIMARY=""
 				if [ -n "$CISCO_SPLIT_INC" ]; then
 					if [ $CISCO_SPLIT_INC -lt 1 ]; then
 						# Must override for correct default route
 						# Cannot use multiple DNS matching in this case
@@ -498,10 +508,21 @@ restore_resolvconf_generic() {
 			# Skip for pre-10.4 systems
 			4.*|5.*|6.*|7.*)
 				;;
 			# 10.4 and later require use of scutil for DNS to work properly
 			*)
+				# Get the name of the primary network interface
+				IFACE=$( echo 'show State:/Network/Global/IPv4' | scutil | grep PrimaryInterface | cut -d: -f2 | xargs echo )
+
+				SERVICE_NAME=$( networksetup -listnetworkserviceorder | grep "$IFACE" | cut -d: -f2 | cut -d, -f1 | xargs echo )
+
+				BACKUP_DNS=$( cat /var/run/vpnc/networksetup.dns-backup )
+				[ -z "$BACKUP_DNS" ] && BACKUP_DNS="Empty"
+				# Restore the previous DNS settings and remove the backup file
+				networksetup -setdnsservers "$SERVICE_NAME" "$BACKUP_DNS"
+				rm -f /var/run/vpnc/networksetup.dns-backup
+
 				scutil >/dev/null 2>&1 <<-EOF
 					open
 					remove State:/Network/Service/$TUNDEV/IPv4
 					remove State:/Network/Service/$TUNDEV/DNS
 					close

