You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm seeing already a lot of IPv6 related issues here, so mine will just be a few more cents to this piggy bank.
The problem is as follows. I am using BFM with sing-box core in whitelist mode for only one app (successfully tunneling a paid VPN client), so other apps are considered blacklisted. My cellular carrier doesn't provide IPv6, so under normal circumstances the DNS leak test only shows DNS IPv4 servers belonging to my carrier. But when BFM is enabled, within blacklisted web browser I can see a set of leaking DNS IPv6 coming from Cloudflare DNS defined in my sing-box config. So, the blacklisted apps may still access the BFM's DNS and use it to resolve IPv6 requests.
For now, I've managed to soften the problem by adding "detour": "direct" parameter just to not expose the location of my VPS. But that doesn't fix the leak itself, and still looks rather suspicious. And the similar leak, but of both IPv6 and IPv4, occurs when I sharing my VPN connection via Wi-Fi tethering (but I'm not sure if it's the same thing).
ipv6="true" #changing to "false" does not make any difference
bin_name="sing-box"
network_mode="tun"
proxy_mode="whitelist"
packages_list=("targeted_application")
The text was updated successfully, but these errors were encountered:
Anderhar
changed the title
Blacklisted apps steal DNS from proxy config to resolve IPv6
Blacklisted apps steal DNS from proxy to resolve IPv6
Jun 10, 2024
I'm seeing already a lot of IPv6 related issues here, so mine will just be a few more cents to this piggy bank.
The problem is as follows. I am using BFM with sing-box core in whitelist mode for only one app (successfully tunneling a paid VPN client), so other apps are considered blacklisted. My cellular carrier doesn't provide IPv6, so under normal circumstances the DNS leak test only shows DNS IPv4 servers belonging to my carrier. But when BFM is enabled, within blacklisted web browser I can see a set of leaking DNS IPv6 coming from Cloudflare DNS defined in my sing-box config. So, the blacklisted apps may still access the BFM's DNS and use it to resolve IPv6 requests.
For now, I've managed to soften the problem by adding
"detour": "direct"
parameter just to not expose the location of my VPS. But that doesn't fix the leak itself, and still looks rather suspicious. And the similar leak, but of both IPv6 and IPv4, occurs when I sharing my VPN connection via Wi-Fi tethering (but I'm not sure if it's the same thing).The final tests were performed on the latest v1.5.0_9395bf1_20240525_debug with IPv6 DNS fix.
My settings.ini tweaks is:
My sing-box config is also here: config.json
The text was updated successfully, but these errors were encountered: