Hi,
Please let me know how to reproduce this issue, we have stress tests of DNS on the latest version firmware, and there is no leakage.
The test router is enabled ADG, setup multi tunnels, and Include/Exclude client MAC.
I’m using 4.8.0-OP24, has that received the same scrutiny?
How to reproduce:
- Enable AdGuard
- Create a rule that sends traffic from some clients through a Wireguard tunnel
- Set “All other traffic” to OFF (= block all other traffic)
- Observe how clients not in the tunnel keep making DNS requests via AdGuard (AdGuard log shows the requests)
By the way, unlike OP, I’m not able to connect to Wireguard (via the Android Wireguard app) when the Android client is blocked via the “All Other Traffic” switch. However, the DNS requests still make it through (as shown in the AdGuard log).
What device & build is that setup running, Bruce? IIRC GL just pushed a recent update to address it with 4.8.1 2025-08-20 on the Flint v3, didn't they?
I'm not even sure if OP is running a Beryl (GL-MT1300) or Beryl AX (GL-MT3000). I'm guessing a Beryl AX as the last stable for the MT1300 was v4.3.25.
It seems not to be the same issue; the R&D team is checking the codes.
Update:
It did not meet expectations and submitted to the R&D department to fix.
I just tested 4.8.2-OP24 and the AdGuard DNS leaks are gone. Thank you.
I just tested it, and this issue still reproduced.
R&D is under checking.
Interesting. 4.8.2-OP24 has been running for ~13 hours and my AdGuard still looks clean … usually there would be XX to YYY queries by now.
You want me to re-flash the Flint to see if the default config breaks the killswitch for Adguard DNS? Right now it seems to be working.
It is also ok to reset firmware in GL GUI, without re-flashing the firmware.
Just wondering what configuration affects ADG's failure to receive DNS requests, or see if the DNS request is abnormal?
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.