Home/stef-openclaw-skills
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: add nordvpn macos dns plan

Browse Source
This commit is contained in:
Stefano Fiorini
2026-03-12 01:35:32 -05:00
parent ca33b2d74a
commit 6bc21219a7
2 changed files with 51 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
docs/plans/2026-03-12-nordvpn-macos-dns-design.md Normal file
View File

@@ -0,0 +1,40 @@
# NordVPN macOS DNS Design
## Goal
Keep NordVPN DNS while connected on macOS, but only apply it to active physical services so the WireGuard backend does not break Tailscale or other virtual interfaces.
## Behavior
- Keep the generated WireGuard config free of `DNS = ...`
- During `connect` on macOS:
- detect active physical network services
- snapshot current DNS/search-domain settings
- set NordVPN DNS only on those physical services
- During `disconnect`:
- restore the saved DNS/search-domain settings
- During failed `connect` after DNS changes:
- restore DNS before returning the error
## DNS Values
- IPv4 primary: `103.86.96.100`
- IPv4 secondary: `103.86.99.100`
- No IPv6 DNS for now
## Service Selection
Include only enabled physical services from `networksetup`.
Exclude names matching:
- Tailscale
- Bridge
- Thunderbolt Bridge
- Loopback
- VPN
- utun
## Persistence
- Save DNS snapshot under `~/.nordvpn-client`
- Overwrite on each successful connect
- Clear after successful disconnect restore
## Verification
- Unit tests for service selection and DNS snapshot/restore helpers
- Direct logic/config tests
- Avoid live connect tests from this session unless explicitly requested because they can drop connectivity

11
docs/plans/2026-03-12-nordvpn-macos-dns.md Normal file
View File

@@ -0,0 +1,11 @@
# NordVPN macOS DNS Plan
1. Add macOS DNS state file support under `~/.nordvpn-client`.
2. Implement helpers to enumerate eligible physical services and snapshot existing DNS/search-domain settings.
3. Implement helpers to apply NordVPN DNS only to eligible physical services.
4. Implement helpers to restore previous DNS/search-domain settings on disconnect or failed connect.
5. Add unit tests for service filtering and DNS state transitions.
6. Update skill/docs to explain macOS physical-service DNS management.
7. Sync the installed workspace copy.
8. Run tests and non-destructive verification.
9. Commit and push.