From efd9884154a626bafaa97b36799b3d225a16deef Mon Sep 17 00:00:00 2001
From: i40e <120920147+i40e@users.noreply.github.com>
Date: Tue, 10 Oct 2023 13:26:34 +0800
Subject: [PATCH] Disable Windows DNS registration

---
 internal/winipcfg/luid.go  | 22 ++++++++++++++++++++++
 internal/winipcfg/netsh.go | 19 +++++++++++++++----
 tun_windows.go             |  3 +++
 3 files changed, 40 insertions(+), 4 deletions(-)

diff --git a/internal/winipcfg/luid.go b/internal/winipcfg/luid.go
index 0c898b8..1f97314 100644
--- a/internal/winipcfg/luid.go
+++ b/internal/winipcfg/luid.go
@@ -385,3 +385,25 @@ func (luid LUID) SetDNS(family AddressFamily, servers []netip.Addr, domains []st
 func (luid LUID) FlushDNS(family AddressFamily) error {
 	return luid.SetDNS(family, nil, nil)
 }
+
+func (luid LUID) DisableDNSRegistration() error {
+	guid, err := luid.GUID()
+	if err != nil {
+		return err
+	}
+
+	dnsInterfaceSettings := &DnsInterfaceSettings{
+		Version:             DnsInterfaceSettingsVersion1,
+		Flags:               DnsInterfaceSettingsFlagRegistrationEnabled,
+		RegistrationEnabled: 0,
+	}
+
+	// For >= Windows 10 1809
+	err = SetInterfaceDnsSettings(*guid, dnsInterfaceSettings)
+	if err == nil || !errors.Is(err, windows.ERROR_PROC_NOT_FOUND) {
+		return err
+	}
+
+	// For < Windows 10 1809
+	return luid.fallbackDisableDNSRegistration()
+}
diff --git a/internal/winipcfg/netsh.go b/internal/winipcfg/netsh.go
index 4f8e5b1..2c298cb 100644
--- a/internal/winipcfg/netsh.go
+++ b/internal/winipcfg/netsh.go
@@ -51,10 +51,11 @@ func runNetsh(cmds []string) error {
 }
 
 const (
-	netshCmdTemplateFlush4 = "interface ipv4 set dnsservers name=%d source=static address=none validate=no register=both"
-	netshCmdTemplateFlush6 = "interface ipv6 set dnsservers name=%d source=static address=none validate=no register=both"
-	netshCmdTemplateAdd4   = "interface ipv4 add dnsservers name=%d address=%s validate=no"
-	netshCmdTemplateAdd6   = "interface ipv6 add dnsservers name=%d address=%s validate=no"
+	netshCmdTemplateFlush4              = "interface ipv4 set dnsservers name=%d source=static address=none validate=no"
+	netshCmdTemplateFlush6              = "interface ipv6 set dnsservers name=%d source=static address=none validate=no"
+	netshCmdTemplateAdd4                = "interface ipv4 add dnsservers name=%d address=%s validate=no"
+	netshCmdTemplateAdd6                = "interface ipv6 add dnsservers name=%d address=%s validate=no"
+	netshCmdTemplateDisableRegistration = "interface ipv6 set dnsservers name=%d register=none"
 )
 
 func (luid LUID) fallbackSetDNSForFamily(family AddressFamily, dnses []netip.Addr) error {
@@ -106,3 +107,13 @@ func (luid LUID) fallbackSetDNSDomain(domain string) error {
 	key.Close()
 	return err
 }
+
+func (luid LUID) fallbackDisableDNSRegistration() error {
+	// the DNS registration setting is shared for both IPv4 and IPv6
+	ipif, err := luid.IPInterface(windows.AF_INET)
+	if err != nil {
+		return err
+	}
+	cmd := fmt.Sprintf(netshCmdTemplateDisableRegistration, ipif.InterfaceIndex)
+	return runNetsh([]string{cmd})
+}
diff --git a/tun_windows.go b/tun_windows.go
index 656251f..1d5e941 100644
--- a/tun_windows.go
+++ b/tun_windows.go
@@ -88,6 +88,9 @@ func (t *NativeTun) configure() error {
 			return E.Cause(err, "set ipv6 dns")
 		}
 	}
+	if len(t.options.Inet4Address) > 0 || len(t.options.Inet6Address) > 0 {
+		_ = luid.DisableDNSRegistration()
+	}
 	if t.options.AutoRoute {
 		if len(t.options.Inet4Address) > 0 {
 			if len(t.options.Inet4RouteAddress) > 0 {