Firmware openwrt-ar750s-3.201-0402.tar, possible still same DNS leak or again

  • I don’t have a problem. I am using a configuration which are not affected by this leak. I described the two available non leaky ways already.

  • The gl firmware have problem which are used by some thousand customers which possible not checking by self what the firmware are doing.

  • I think, security bugs should be fixed at minimum.

It can be NextDNS and Cloudflare are getting the same information about the router location, a only Cloudflare are use this for offering the closest DNS server…

If I remember right, I have seen a “Cloudflare Bug” and a fix on open wrt bug tracker some month ago …

Any news about bugfixing ?

Are you trolling or something? You wrote above that you have no problems and we checked and confirmed that there are no leaks in the new firmware, then what fixes do you need? :smiley:

You confirmed the DNS leak yourself. Follow your own words:

@Henry_Bruns
I understand you still have DNS leak. But we tested and still cannot replicate the problem. But I do believe there may be a problem somewhere that we didn’t think of. We prefer to release 3.203 now and continue to investigate.

Its easy to to protect the possible 80% of user which don’t check by self what the firmware are doing, by gray out the offered leaky cloudlare menu point, so long the DNS leak are not fixed.

See follow 3.201 related:

What are a possible conclusion?

  • So I guess the available open wrt fix for this are possible not installed for every hardware versions of openwrt-ar750s-3.203-0701.tar beta 4 firmware version, p.e. not on gl-ar750s firmware version.

Firmware version should not be the case. As we checked before. The problem was identified as default vpn policy change. So we fixed that. Surely checked AR750S

Firmware or Cloudflare related DNS leak. One of them. If no fix are possible. Disable the Cloudfllare menue item for protecting user which dont check by self what the router are doing by selcting this menue item. Remember. The 3.105 firmware doont have this DNS leake.

By the way. If you mean the 3.2.03 firmware fixing a known 3.201 DNS leak, it can be it will be a good idea to remove this firmware version from download for protecting gl customer.

You are right. We will remove 3.201 then

1 Like

Does there are any news about bug fixing DNS leak or deactivating leaky menu item ?

Sorry I still cannot verify that Cloudflare leaks while NextDNS not.

Any news about bug fixing DNS leak or deactivating leaky menu item ?
It can be openwrt can do this task for gl. If I remember right, they offer help like this.

As I said, I cannot verify this. So no progress on this.

Can be a external testing and bug fixing can be one way. If I remember right, p.e. openwrt are offering service like this.

See forward.

Any news about bug fixing DNS leak or deactivating leaky menu item ?
It can be openwrt can do this task for gl. If I remember right, they offer help like this.

I have a question: If you are testing with windows, did you set up dns server on your windows pc?

I dont have windows PCs in the testing envirement.

Does it mean its from your point of view still the follow:

I believe there must be a problem. Just need to find out.

OK that is fine. Recently got some feedback that router’s encrypted dns does not work. Finally find out it is because when the user set 8.8.8.8 or 1.1.1.1 in Windows system, the system automatically encrypted DNS so not possible for the router to override the DNS query. So asking if this could be your case.

Ok. Thats sounds for me, its still the follow from gl side:
Does it mean its from your point of view still the follow:

Now the good news. The follow firmware dont have the DNS leak !!!:

  • Firmware 3.211 Beta1

Tested by me:

  • on 3 installations
  • on 3 endpoints
  • and 3 time with and without cloudflare

Congratulation. Its looks for me, the the bug are possible fixed by updating some components (p.e. components from openwrt). Thats much better, than a DNS leak. So the user can now use a newer firmware than the last known not DNS leaky one (3.104 or 3.105, i think the 3.105 one was the last not DNS leky one before the 3.211 Beta 1)

Thats great. Thanks from my side, to all people which taken care this bug.
THX

Remark:
The full list of found and solved bugs, realisized asked product improvements and possible additional proposal for product improvements can be found on:

Great to hear. But it is just very strange.