Hi. On Thu, Feb 23, 2023 at 11:31:44AM +0100, daven...@tuxfamily.org wrote: > > If it is DHCP: You might do a countermeasure in > > /etc/dhcp/dhclient.conf. On my system I have an entry as below. > > > > interface "wlp4s0" { > > supersede domain-name-servers 127.0.0.1; > > Unfortunately, I can't use supersede parameter because I need to use > different resolvers at different times/in different contexts. > > I would need something more… conditional > > IF openconnect is running and has modified resolv.conf, leave that > file alone unless you are openconnect Otherwise, when there's no VPN > active, you can do normal DHCP requests and accept whatever > currently-active network's router/DHCP tells you and update resolve > conf accordingly
openconnect has that helpful --script option, which calls /usr/share/vpnc-scripts/vpnc-script by default. All you need is to make a copy of that script, modify dhclient.conf at "connect" and "disconnect" phases accordingly, and then call your modified script from openconnect. Reco