hello, does anybody now how to change dns settings over cellular data?i can do that for wifi but not for cellular data…
1 Like
As far as i know, there is no settings option to change the DNS server on cellular network, but you can do this using connmanctl. You may need to install connman-tools first.
To change the DNS run connmanctl in a terminal and enter services. This will show you a list of all network connections. Copy the service name of your cellular connection (starts with cellular_).To actually change the DNS, enter config <service> --nameservers <dns1> [<dns2>] [<dns3>].
10 Likes
Is this still doable on the newest update? I can’t seem to get it to work… 
Can you please provide a clearer tutorial or some other (fairly easy) way to change the DNS to, let’s say, Quad9, system-wide?
Setting DNS server with connmanctl still seems to be possible, but the configuration will get lost on every network change.
Instead I use (Quad9 example)
iptables -t nat -A OUTPUT -p udp -d 127.0.0.1 --dport 53 -j ACCEPT
iptables -t nat -A OUTPUT -p udp ! -d 9.9.9.9 --dport 53 -j DNAT --to 9.9.9.9
Problems here:
- Only UDP here, but size-exceeded should not be a problem for only A or AAAA. TCP can be added if needed.
- Does not work with DoH, DoT.
- Might cause problems in walled gardens where external DNS is blocked but not redirected.
2 Likes
Good idea, I’ll try it out. Thanks a lot, Martin.
Since Sailfish 5.0 supports WireGuard VPN tunnelling, the most elegant way to set your own DNS servers is through using WireGuard. Prepend them, separated by comma, in the DNS servers option of the Communications section in the Advanced preferences of your WireGuard VPN connection.
A brute-force method that works with older Sailfish versions and when not using WireGuard is to edit /etc/resolv.conf and then make it immutable with chattr so that it survives restarting the phone in general and connmand in particular. I’ve used this with no issues in the past, but be warned it can cause unexpected trouble.
1 Like
I understand the need for a general disclaimer, but how specifically can it cause trouble on SFOS?
FWIW, systemd-resolved treats /etc/resolv.conf as desired if it’s a file (not a symlink). I don’t know much about connman, but it looks like it can accomodate for that.
With software, anything can cause trouble… An immutable file in /etc might also cause trouble with buggy software. That’s what my warning is all about.
So not specifically. Got it.
Connman also respects /etc/resolv.conf if it’s a regular file.
So you can compile your regular resolv.conf:
rm /etc/resolv.conf
cat <<EOF >/etc/resolv.conf
nameserver <IP1>
nameserver <IP2>
namserver <IP3>
EOF
systemctl restart connman
This does not interfere with hotspot functionality though the namservers do not appear to be forwarded to the connecting machine. I wasn’t able to test for when the phone connects to wifi, but I see no reason why it shouldn’t work because nothing is interface-specific here.
PS: systemd-networkd is not active on SFOS and not required here; it was just a comparison
PPS: I wonder if this can be done in a way that one can still benefit from ConnMan’s DNS caching.
1 Like
There is one issue with using a custom /etc/resolv.conf file… DNS resolving on port 53 won’t work for network sharing clients.
One workaround is to also use a custom /etc/resolv.conf file on the devices that access Internet through the Sailfish device. That’s because the default-provided nameserver of 172.28.172.1 is not working. This is true for both Wifi and Bluetooth network sharing.