Show hotnames instead of IPs?
-
I wonder if there is setting that would allow to see resolved alias names instead of IPs in pfSense logs?
Thx
-
you mean like if you create an alias that has like allowed with say network 1.2.3.0/12 and then user hits 1.2.3.52 you want it to show allowed vs 1.2.3.4 or what the PTR of 1.2.3.52 actually resolves too? When you click the resolve button in the log?
Is this what you want?
-
you mean like if you create an alias that has like allowed with say network 1.2.3.0/12 and then user hits 1.2.3.52 you want it to show allowed vs 1.2.3.4 or what the PTR of 1.2.3.52 actually resolves too? When you click the resolve button in the log?
Is this what you want?
Hello @johnpoz :D !
Actually I misspoke, I wanted to say "host names". In other words, I have a host named "xxx" and I want to be able to see it when I search in System Logs/ Firewall logs for example. Is it possible?
You said "When you click the resolve button in the log?", maybe that's it, but I don't know what it is. Where it can be found ?
Thx
-
Click the little "i" in the logs and if pfsense can resolve the IP it will.
Any hosts you have locally setup in pfsense should resolve - see example attached.. Where client tried to hit pfsense interface for ntp… I have to allow that I guess ;) hehehe
If pfsense can resolve your own local hosts, how do you have pfsense setup for dns?
-
Click the little "i" in the logs and if pfsense can resolve the IP it will.
Any hosts you have locally setup in pfsense should resolve - see example attached.. Where client tried to hit pfsense interface for ntp… I have to allow that I guess ;) hehehe
If pfsense can resolve your own local hosts, how do you have pfsense setup for dns?
Yes I knew about the "i"
I am really looking for a way to say and see host names when you filter logs, for example => enter host name in Source IP Address or Destination IP Address, as well as be able to maybe use alias name as well if its an IP.
"appetite comes with eating" a? :o
My pfSense has no DNS names defined at all and I use only resolver. All queries to port 53 outside of pfSense blocked and only pfSense queries to 53 port allowed.
-
You know if I were to dream about a good new feature for pfSense, I'd say - imagine you have a search box somewhere on the top of the dashboard page and as user types in it , it do aka ajax auto-complete of all matches (resoling host names, alias etc.) and after selecting a line takes user to an appropriate place of pfSense box.
Like we have now, when alias for host/network/port is defined and user types it in a rule screen, but on global level.
Do you like it ? Wonder if you had similar requests from community…
-
This seems like same question from 2014… I have the same response to auto resolving as I did back then.
https://forum.pfsense.org/index.php?topic=84657.0
So I put in say 192.168.9.100.. Takes me where exactly - really don't see a point to such a search feature. To the alias page, the multiple firewall tabs that might be on. To the interface of pfsense? To the dhcp leases, to the dhcp server page since its setup as a reservation, etc. etc.
If you want the IP to resolve when you click the I and its one of your IPs that is easy enough to fix.. But if you want them all to resolve - which they might NOT.. Send your logs to a syslog and do all kinds of fancy shit you want to do on the logs there.. Like resolve all the IPs ;) Or attempt.