Update networkmanager privacy configs

root/etc/NetworkManager/conf.d/llmnr-mdns.conf

@@ -1,8 +1,39 @@
-# Disable link-local name resolution protocols.
+# Control link-local name resolution protocols for connections.
 #
-# LLMNR and mDNS allow devices on the same LAN to resolve hostnames
-# without DNS. They are rarely needed on managed networks and can
-# expose system information to the local network.
+# LLMNR (Link-Local Multicast Name Resolution) and mDNS (Multicast DNS)
+# allow hosts on the same local network to resolve hostnames without
+# using a traditional DNS server. They use multicast queries on the
+# local link and are commonly used for ad-hoc discovery (for example
+# resolving nearby machines or services).
+#
+# These protocols can leak hostnames to the local network and may allow
+# spoofing attacks on untrusted networks. For this reason they are often
+# disabled on laptops that regularly join public or unknown networks.
+#
+# NetworkManager can control these features per connection when the
+# active DNS plugin supports them (for example: dns-systemd-resolved).
+#
+# Values:
+#
+#   0 / "no"
+#       Disable the protocol entirely for the interface.
+#       No hostname registration and no multicast resolution.
+#
+#   1 / "resolve"
+#       Allow resolving hostnames via multicast queries but do not
+#       announce (register) this host's hostname on the network.
+#
+#   2 / "yes"
+#       Fully enable the protocol. The host registers its hostname and
+#       also performs multicast resolution.
+#
+# If the DNS backend does not support these protocols the settings have
+# no effect.
+#
+# Per-connection override examples:
+#   nmcli connection modify <connection> connection.llmnr resolve
+#   nmcli connection modify <connection> connection.mdns resolve
+
 [connection]
-connection.llmnr=0
-connection.mdns=0
+llmnr=1
+mdns=1