tag:blogger.com,1999:blog-32797070.post436344440816736910..comments2024-03-03T10:06:40.354-07:00Comments on Warner's Random Hacking Blog: silly vpn hackWarner Loshhttp://www.blogger.com/profile/11922167595789336900noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-32797070.post-78387248630593402892011-03-23T07:14:34.733-06:002011-03-23T07:14:34.733-06:00The dhclient-script has two functions that call ou...The dhclient-script has two functions that call out to dhclient-enter-hooks and dhclient-exit-hooks, if they exist, to run arbitrary local commands. I use the exit-hooks routine to specify alternate execution instructions to apply addresses to my Mac as the ipconfig calls in the standard script don't really service me.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-32797070.post-8776888216993865542010-07-21T10:31:54.956-06:002010-07-21T10:31:54.956-06:00Can't you use the script keyword inside your i...Can't you use the script keyword inside your interface declaration to run your own local dhclient-script?TJhttps://www.blogger.com/profile/15256046011166077508noreply@blogger.comtag:blogger.com,1999:blog-32797070.post-65588901351414545202010-06-09T00:07:47.787-06:002010-06-09T00:07:47.787-06:00/sbin/dhclient-script is run when dhclient events .../sbin/dhclient-script is run when dhclient events happens. However, it doesn't allow you to run arbitrary commands without hacking the shell script itself. It does all the stuff itself. I'd have to hack it to do what I want, and then track the changes to it each time I do an installworld.<br /><br />I don't want to send all my DNS traffic via the corporate firewall just because I have the VPN up. I only use the VPN for traffic to my employer, and nothing else. It is generally best to not have some remote DNS server doing queries on your behalf, since we live in a world where things are optimized for your location (both geographically and network-wise).Warner Loshhttps://www.blogger.com/profile/11922167595789336900noreply@blogger.comtag:blogger.com,1999:blog-32797070.post-30565190275402974782010-06-01T06:26:06.190-06:002010-06-01T06:26:06.190-06:00Err, doesn't /sbin/dhclient-script provide hoo...Err, doesn't /sbin/dhclient-script provide hooks to run any arbitrary command or script on any dhclient event? I think you could hook into that for updating your named.conf.<br /><br />FWIW, the way I normally see VPNs handled is that all DNS queries are sent internally to a DNS server that can resolve both internal and external names.jhbnoreply@blogger.com