From b5834a604b80441e23a07e368e60d0e073d11d1f Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Mon, 19 Sep 2022 16:39:38 +0200
Subject: [PATCH] wireguard: specify dns server

without this Android clients will do DNS lookups outside of WireGuard,
which a) is leaking and b) may or may not work at all.
---
 mitmproxy/addons/dns_resolver.py | 8 +++++++-
 mitmproxy/proxy/mode_servers.py  | 1 +
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/mitmproxy/addons/dns_resolver.py b/mitmproxy/addons/dns_resolver.py
index f4b5ac59e..92624de46 100644
--- a/mitmproxy/addons/dns_resolver.py
+++ b/mitmproxy/addons/dns_resolver.py
@@ -139,7 +139,13 @@ async def resolve_message(
 class DnsResolver:
     async def dns_request(self, flow: dns.DNSFlow) -> None:
         should_resolve = (
-            isinstance(flow.client_conn.proxy_mode, mode_specs.DnsMode)
+            (
+                isinstance(flow.client_conn.proxy_mode, mode_specs.DnsMode)
+                or (
+                    isinstance(flow.client_conn.proxy_mode, mode_specs.WireGuardMode)
+                    and flow.server_conn.address == ("10.0.0.53", 53)
+                )
+            )
             and flow.live
             and not flow.response
             and not flow.error
diff --git a/mitmproxy/proxy/mode_servers.py b/mitmproxy/proxy/mode_servers.py
index 3bc515f27..60762626b 100644
--- a/mitmproxy/proxy/mode_servers.py
+++ b/mitmproxy/proxy/mode_servers.py
@@ -352,6 +352,7 @@ class WireGuardServerInstance(ServerInstance[mode_specs.WireGuardMode]):
             [Interface]
             PrivateKey = {self.client_key}
             Address = 10.0.0.1/32
+            DNS = 10.0.0.53
 
             [Peer]
             PublicKey = {wg.pubkey(self.server_key)}