#85 Network Boundary Shield leaks DNS Server when using different Proxys and Firefox container
Opened 8 days ago by m-u-m-p-i-t-z. Modified 8 days ago

Summary

Hi,
I use the Container Function of Firefox with the addon Container Proxy with which I can assign an own proxy to each container to be connected once with a VPN service and at the same time with my true IP. For this to work correctly you need a squid web proxy on your own router.

How to reproduce

-Container 1 is connected to squid web proxy
-container 2 is connected to an external http proxy via VPN service

If I check with the page ip-leak
-Container 1 has my true IP and DNS servers of my router &
-container 2 has a VPN IP and the DNS servers from the VPN service.

if I now install the addon JShelter and enable JS with option Recommend, NBS On and FPD On it looks a bit different
-Container 1 my true IP and the DNS servers of my router plus the DNS servers of the VPN service &
-Container 2 is fortunately unchanged.

Expected result

unchanged DNS-Server in both container

Actual result

DNS-Leak with container with real IP

Reproducibility

tried only firefox

Workarounds

If I deactivate the Network Boundary Shield everything is correct again.

Have you tried other steps to solve the issue?

I have checked all installed addons individually and found the problem to be UBlock Origin and JShelter and have gone through each option to find the error.

Additional information / notes

I can't tell you why, but I had the same problem with the addon uBlock Origin.
but after disabling the function Uncloak canonical names the problem doesn't exist anymore.

Likewise, if you try without squid web proxy, you have the IP of the VPN service and the DNS servers of the VPN service plus those of the router, which is of course disastrous and is also propagated everywhere as DNS leak.

If I understood everything I read about the two options it must be the way the DNS query of the addon is done. Apparently the connected proxies are not taken into account. But why this information can be queried from the outside, no idea.

I am not a programmer but just a small insignificant user who tries everything to ensure his security and privacy and my knowledge is limited, but I think that this DNS leak with the true IP to betray the DNS servers of the VPN service is not in the sense of an addon, which is supposed to ensure me privacy.

Best regards and Thank you!


Login to comment on this ticket.

Metadata