Comment 21 for bug 1652525

Sadly, the option block-outside-dns is only supported on Windows clients. Which is a real shame, because systemd-resolved is leaking DNS queries everywhere by design. This is a problem with the hardcoded design of the gnome network manager integrating (or rather...not integrating) with systemd-resolved. I attempted to understand GIO proxy bus calls but honestly patching the network manager is beyond my capabilities.