How To Dynamically Update MacOS DNS When Traveling

When using CleanBrowsing DNS resolvers you will experience an issue logging into Free Wifi hotspots that require authentication. This happens because the Wifi Hotspot provider is hijacking the DNS, routing the traffic to an authentication page. This will prevent you from making use of the Wifi, or force you to remove the CleanBrowsing DNS resolvers.

The quickest way to address this is to update your DNS via terminal, it’ll save you countless steps navigating the different GUI’s. To assist, we’ve put together a script to help in the process.

Understanding what the script is doing:

  1. It allows you to quickly set your local DNS to the dynamic DNS provided by the hotspots router. This allows you to authenticate and get WiFi access.
  2. It then allows you to quickly reset your local DNS back to CleanBrowsing based on your preferred free option. This alleviates the need to remember what IP was for which filter.

These are the available options:


Option Description Command
local Pulls the Dynamic DNS values from the router and set it as your local DNS resolver. ./dnsupdate.sh local
family Sets your DNS resolvre to the CleanBrowsing Family filters. ./dnsupdate.sh family
security Sets your DNS resolver to the CleanBrowsing Security filters. ./dnsupdate.sh security
adult Sets your DNS resolver to the CleanBrowsing Adult filters. ./dnsupdate.sh adult

This script will help you authenticate with public Wi-Fi hotspots when traveling. Examples include Starbucks, Airports, Hotels, and a wide range of other Wi-Fi hotspots that might require you to first authenticate with their service provider before accessing their network.

Copy the content below into a local file (example: dnsupdate.sh):

  
#!/bin/bash
#Created by CleanBrowsing team. 
#Purpose: To help automate the dynamic switching of local DNS resolver when traveling
 
RED='\033[0;31m'
NC='\033[0m'
bold=$(tput bold)
normal=$(tput sgr0)
 
if [ "x$1" = "xlocal" ] ; then
     ip="$(ipconfig getpacket en0 |grep domain_name_server | cut -d " " -f 3 | sed 's/{//' |  sed 's/}//')"
     sudo networksetup -setdnsservers Wi-Fi $ip
     output="$(networksetup -getdnsservers Wi-Fi)"
     echo Your DNS resolver is set to: "$output"
 elif [ "x$1" = "xfamily" ] ; then
     sudo networksetup -setdnsservers Wi-Fi 185.228.168.168
     output="$(networksetup -getdnsservers Wi-Fi)"
     echo Your DNS resolver is set CleanBrowsing Family filter: "$output"
 elif [ "x$1" = "xadult" ] ; then
     sudo networksetup -setdnsservers Wi-Fi 185.228.168.10
     output="$(networksetup -getdnsservers Wi-Fi)"
     echo Your DNS resolver is set CleanBrowsing Adult filter: "$output"
 elif [ "x$1" = "xsecurity" ] ; then
     sudo networksetup -setdnsservers Wi-Fi 185.228.168.9
     output="$(networksetup -getdnsservers Wi-Fi)"
     echo Your DNS resolver is set CleanBrowsing Security filter: "$output"
 else
     echo " "
     echo "Please pass one of the following options into the script:" 
     echo " "
     echo "${bold}local${normal} ->  Pulls the Dynamic DNS values from the router and set it as your local DNS resolver."
     echo " "
     echo -e "       Run the following command: ${RED}$0 local${NC}"
     echo " "
     echo "${bold}family${normal} -> Sets your DNS resolvre to the CleanBrowsing Family filters."
     echo " "
     echo -e "       Run the following command: ${RED}$0 family${NC}"
     echo " "
     echo "${bold}security${normal} -> Sets your DNS resolver to the CleanBrowsing Security filters."
     echo " "
     echo -e "       Run the following command: ${RED}$0 security${NC}"
     echo " "
     echo "${bold}adult${normal} -> Sets your DNS resolver to the CleanBrowsing Adult filters."
     echo " "
     echo -e "       Run the following command: ${RED}$0 adult${NC}"
     echo " "
 fi

I created the file in ~/Documents. Make the file executable:

$ chmod +x /Documents/dnsupdate.sh

Now when traveling, if you want to access public Wi-Fi run the command via terminal and it’ll set it local DNS to the one provided by the hotspot router:

 $ cd ~/Documents
$ ./dnsupdate.sh local

The output will tell you the local DNS IP. Authenticate with the network. Once you’re done, run the script and choose your desired option:

$ ./dnsupdate.sh security

The command is run using sudo so be prepare to authenticate locally with your admin user (hint: should be the same user you log in with).

$ ./dnsupdate.sh security
Password:

The output will show the new local DNS IP:

$ ./dnsupdate.sh security
Password:
Your DNS resolver is set CleanBrowsing Security filter: 185.228.168.9

If you check your Network Settings GUI you’ll see the same configuration:

Don’t worry about remembering the options or IP’s, if you run the script it’ll tell you which options exist.

Sharing is caring!

Leave a Comment

Your email address will not be published. Required fields are marked *