From 82b4e58ad0b2c0c3efb310b32da46eff2fc92281 Mon Sep 17 00:00:00 2001
From: Zoltan Papp <zoltan.pmail@gmail.com>
Date: Fri, 20 Dec 2024 16:20:50 +0100
Subject: [PATCH] Do not start DNS forwarder on client side (#3094)

---
 client/internal/engine.go | 44 ++++++++++++++++++++++++++++-----------
 1 file changed, 32 insertions(+), 12 deletions(-)

diff --git a/client/internal/engine.go b/client/internal/engine.go
index 9724e2a2257..042d384dc82 100644
--- a/client/internal/engine.go
+++ b/client/internal/engine.go
@@ -802,14 +802,12 @@ func (e *Engine) updateNetworkMap(networkMap *mgmProto.NetworkMap) error {
 		e.acl.ApplyFiltering(networkMap)
 	}
 
-	var dnsRouteFeatureFlag bool
-	if networkMap.PeerConfig != nil {
-		dnsRouteFeatureFlag = networkMap.PeerConfig.RoutingPeerDnsResolutionEnabled
-	}
-	routedDomains, routes := toRoutes(networkMap.GetRoutes())
-
-	e.updateDNSForwarder(dnsRouteFeatureFlag, routedDomains)
+	// DNS forwarder
+	dnsRouteFeatureFlag := toDNSFeatureFlag(networkMap)
+	dnsRouteDomains := toRouteDomains(e.config.WgPrivateKey.PublicKey().String(), networkMap.GetRoutes())
+	e.updateDNSForwarder(dnsRouteFeatureFlag, dnsRouteDomains)
 
+	routes := toRoutes(networkMap.GetRoutes())
 	if err := e.routeManager.UpdateRoutes(serial, routes, dnsRouteFeatureFlag); err != nil {
 		log.Errorf("failed to update clientRoutes, err: %v", err)
 	}
@@ -874,12 +872,18 @@ func (e *Engine) updateNetworkMap(networkMap *mgmProto.NetworkMap) error {
 	return nil
 }
 
-func toRoutes(protoRoutes []*mgmProto.Route) ([]string, []*route.Route) {
+func toDNSFeatureFlag(networkMap *mgmProto.NetworkMap) bool {
+	if networkMap.PeerConfig != nil {
+		return networkMap.PeerConfig.RoutingPeerDnsResolutionEnabled
+	}
+	return false
+}
+
+func toRoutes(protoRoutes []*mgmProto.Route) []*route.Route {
 	if protoRoutes == nil {
 		protoRoutes = []*mgmProto.Route{}
 	}
 
-	var dnsRoutes []string
 	routes := make([]*route.Route, 0)
 	for _, protoRoute := range protoRoutes {
 		var prefix netip.Prefix
@@ -890,7 +894,6 @@ func toRoutes(protoRoutes []*mgmProto.Route) ([]string, []*route.Route) {
 				continue
 			}
 		}
-		dnsRoutes = append(dnsRoutes, protoRoute.Domains...)
 
 		convertedRoute := &route.Route{
 			ID:          route.ID(protoRoute.ID),
@@ -905,7 +908,24 @@ func toRoutes(protoRoutes []*mgmProto.Route) ([]string, []*route.Route) {
 		}
 		routes = append(routes, convertedRoute)
 	}
-	return dnsRoutes, routes
+	return routes
+}
+
+func toRouteDomains(myPubKey string, protoRoutes []*mgmProto.Route) []string {
+	if protoRoutes == nil {
+		protoRoutes = []*mgmProto.Route{}
+	}
+
+	var dnsRoutes []string
+	for _, protoRoute := range protoRoutes {
+		if len(protoRoute.Domains) == 0 {
+			continue
+		}
+		if protoRoute.Peer == myPubKey {
+			dnsRoutes = append(dnsRoutes, protoRoute.Domains...)
+		}
+	}
+	return dnsRoutes
 }
 
 func toDNSConfig(protoDNSConfig *mgmProto.DNSConfig) nbdns.Config {
@@ -1243,7 +1263,7 @@ func (e *Engine) readInitialSettings() ([]*route.Route, *nbdns.Config, error) {
 	if err != nil {
 		return nil, nil, err
 	}
-	_, routes := toRoutes(netMap.GetRoutes())
+	routes := toRoutes(netMap.GetRoutes())
 	dnsCfg := toDNSConfig(netMap.GetDNSConfig())
 	return routes, &dnsCfg, nil
 }