I don't think this should be considered a 'feature request'. If you have a full-tunnel VPN, your employer will *expect* all your network traffic to go via the VPN as if you were dialled directly into the corporate network. Allowing some of the DNS traffic to "escape" to be seen by potentially malicious local DNS servers is utterly wrong.
I don't think this should be considered a 'feature request'. If you have a full-tunnel VPN, your employer will *expect* all your network traffic to go via the VPN as if you were dialled directly into the corporate network. Allowing some of the DNS traffic to "escape" to be seen by potentially malicious local DNS servers is utterly wrong.
In particular I don't agree this is a 'feature request' for 16.04 because it *used* to work there. bazaar. launchpad. net/~network- manager/ network- manager/ ubuntu/ view/head: /debian/ patches/ Filter- DNS-servers- to-add- to-dnsmasq- based-on- availa. patch
You fixed it once with this patch:
http://
That patch got dropped in an update, so this isn't just a security problem but also a regression in 16.04.
cf. https:/ /bugzilla. gnome.org/ show_bug. cgi?id= 746422 /bugzilla. redhat. com/show_ bug.cgi? id=1553634
https:/