On Mar 18, 2025, altoid via Dng wrote:

> [...]
> [code]
> --- snip ---
> # update /etc/resolv.conf based on received values    # <---- wthf?
>   make_resolv_conf() {
>       local new_resolv_conf
> --- snip --- 
> [/code]

>
> Not in any way script savvy but it seemed I had found the hijacker,
> so to speak.

Yes, it's your DHCP client (dhclient) updating your DNS server details.
This is quite standard for DHCP to get a network-defined DNS server in
addition to IP address / netmask / gateway.

As I recall (read: poorly), you can tell dhclient to ignore
DHCP-assigned DNS servers (or other options) in dhclient.conf. I forget
the exact syntax, but I believe it's listed under the 'supersede'
keyword in the manpage.

Though with this being said, if you're using network manager, it has its
own methodology for setting "DHCP for IP Address Only". I've never used
conman though.

> According to [jed], the whole snippet is from line 39 to line 125 and
> it would seem (?) to be the routine that constantly overwrites
> [/etc/resolv.conf] just because some idiot thought it was a good idea
> to do so.

That would probably be the ITEF, in RFC 1531 from 1993.

Or perhaps the Internet System Consortium, who wrote/maintained dhclient
(not 100% sure whether they still are, with kea taking over the
server-side of things).

--
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1 E067 6D65 70E5 4CE7 2860