How to remove nameservers from resolv.conf after vpn disconnect?

Question

I have this resolv.conf even after disconnecting from VPN server (connection was established using openvpn --config <path>.ovpn):

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers
nameserver 10.4.X.X
nameserver 10.4.Y.Y
nameserver 127.0.0.53
search Z.ac.in

I want to get rid of search Z.ac.in and the 10.4 ns. However, I can't find them in /etc/resolvconf/resolv.conf.d/{head,base,tail}. I even did grep 10.4.X.X inside the /etc/resolvconf directory with no result. Similarly, my /etc/network/interfaces file is mostly empty:

# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback

For now I have just been restarting my pc to remove them. But how to remove them properly from the resolv.conf file?

score 2 · Accepted Answer · answered Jul 13 '20 at 13:57

Use sudo systemd-resolve --revert --interface vpn0 to reset resolv.conf after getting off the VPN.

If that works, you can run it automatically when disconnecting from the VPN by creating /etc/network/if-post-down.d/vpn0 with the following contents:

#!/bin/sh
if [ "$IFACE" = "vpn0" ]; then
    systemd-resolve --revert --interface vpn0
fi

Then chmod 755 /etc/network/if-post-down.d/vpn0 to allow it to execute.

Replace vpn0 in all above with your vpn interface.

score 1 · Answer 2 · answered Jul 16 '20 at 12:24

Probably, these settings are cleared when you force a network-manager restart. Try
sudo service network-manager restart

Still a rather brute solution but one level better than pc restart. If it works, it can be automated by putting a script in /etc/NetworkManager/dispatcher.d with contents:

#!/bin/sh
if [[ "$2"="vpn-down" ]]; then  
    /usr/sbin/service network-manager restart
fi

You could even diversify on the network interface by using parameter $1 in the test. Do not forget to make the script executable by :
sudo chmod +x /etc/NetworkManager/dispatcher.d/<yourscriptname>

score 1 · Answer 3 · answered Jul 17 '20 at 10:06

1

Try

sudo vi /run/resolvconf/interface/NetworkManager

You ma also use nano editor, Remove or replace nameserver and then run

sudo resolvconf -u

For more information see this or this.

answered Jul 17 '20 at 10:06

saad-ameer

11

How to remove nameservers from resolv.conf after vpn disconnect?

3 Answers3