pfSense

Since the change in #12902 the sequence of DNS servers loaded by dnsmasq changed.

Before the change: no-resolv was missing, as such system defined DNS server were included, by default behavior of dnsmasq, after those ones specified in command line (which included any server specified in pfSense custom options textbox from the web conf.)

After the change: no-resolv is used, no loading of system defined DNS servers occurs outside of what is explicitly written in the command line (well done👍), but the PHP code is now adding system defined DNS servers explicitly before those ones loaded by custom config options.

Taking into account the removal of "--all-servers" (well done👍) it is now impossible to let DNS defined in custom options to take precedence over system defined ones, unless those last ones are entirely disabled by new ignore option #14165.

This breaks all those scenarios in which an higher priority DNS server was configured by custom options.

We have addressed this internally by patching the changes in #12902 by moving the (now conditional #14165) foreach loop after the custom options inclusion, so the old behavior is somehow restored.