Disable hosts file sorting?



  • I hope that I haven't missed something obvious here, but I am stumbling in the dark at the moment.

    Is there some over-riding reason that the hosts file must be sorted alphabetically?  Since CNAMEs are not supported, the order of the file is significant because reverse lookups simply scan it in sequence.  Let's say you have a server name "xyzzy.example.org" at a.b.c.d and it happens to currently be your SMTP and FTP server.  The (previously CNAME) entries "mail.example.org" and "ftp.example.org" are added into the hosts file.  When you do a reverse lookup of a.b.c.d, the result is "ftp.example.org" instead of the primary name "xyzzy.example.org". What would help is to be able to add the aliases at the end of the primary like "a.b.c.d  xyzzy.example.org xyzzy mail ftp".  Does dnsmasq properly grok the full hosts syntax? Is there a way to add aliases to a hosts entry?

    Worse, with the alphabetic sorting, the IPs are all jumbled up and I can't figure out where I have grouped different clusters of IPs based on function.  I think that sorting on IP address would be more useful.

    I have the same problem with the firewall alias list.  Host names, ports, networks, are all jumbled together.

    Thanks-

    Andrew

    Edit: I thought we had tinyDNS instead of dnsmasq by default, sorry.



  • I just tried it, dnsmasq can properly grok multiple aliases on a line in the hosts file.

    Andrew

    Edit: However, I see that system_hosts_generate() in /etc/inc/system.inc is one-dimensional, and the data in the $config['dnsmasq'] sub-table has already been pre-sorted by the XML generator & parser.  Is there any interest in extending this or should I move to tinyDNS or go back to BIND?


  • Rebel Alliance Developer Netgate

    I'm not sure why it's sorted, so it may be up for debate. Checking the commit history I see where twice someone fixed the sorting, but I don't see where it was added, it may have been a holdover from m0n0wall. Might be worth opening a (low priority) ticket in redmine to look into doing. Would be a trivial change (cut a couple lines out of /usr/local/www/services_dnsmasq_edit.php) so it's more of a philosophical discussion than technical.



  • @jimp:

    I'm not sure why it's sorted, so it may be up for debate. Checking the commit history I see where twice someone fixed the sorting, but I don't see where it was added, it may have been a holdover from m0n0wall. Might be worth opening a (low priority) ticket in redmine to look into doing. Would be a trivial change (cut a couple lines out of /usr/local/www/services_dnsmasq_edit.php) so it's more of a philosophical discussion than technical.

    I vote for a numerical sort on IP to order the hosts file.  In addition, can we add an "aliases" field to allow for the equivalent of CNAMEs?  Yes, it has occurred to me that this use of the word "alias" will conflict with the firewall configuration GUI use of "alias".  And the "alias" list there is also sorted alphabetically, rather than by function, which I think would be better.

    Thanks-

    Andrew


  • Rebel Alliance Developer Netgate

    @andrewinhawaii:

    I vote for a numerical sort on IP to order the hosts file.

    Not sure why that would make much sense either, if you're looking to get rid of sorting to have it respect the ordering of hosts in the list (to make sure reverse resolution does what you intend) then any kind of sorting can break that.

    @andrewinhawaii:

    In addition, can we add an "aliases" field to allow for the equivalent of CNAMEs?  Yes, it has occurred to me that this use of the word "alias" will conflict with the firewall configuration GUI use of "alias".  And the "alias" list there is also sorted alphabetically, rather than by function, which I think would be better.

    Having that as a separate entry may not really make a lot of sense. The way that /etc/hosts supports "aliases" is by having them on the same line like:
    x.x.x.x host1 alias1 alias2

    Perhaps enhancing the validation to let there be multiple space-separated hostnames in the second box might be one solution.

    Meanwhile dnsmasq's advanced options box could be used to cname to hosts in /etc/hosts

    # Provide an alias for a "local" DNS name. Note that this _only_ works
    # for targets which are names from DHCP or /etc/hosts. Give host
    # "bert" another name, bertrand
    #cname=bertand,bert
    


  • @jimp:

    @andrewinhawaii:

    I vote for a numerical sort on IP to order the hosts file.

    Not sure why that would make much sense either, if you're looking to get rid of sorting to have it respect the ordering of hosts in the list (to make sure reverse resolution does what you intend) then any kind of sorting can break that.

    Numerical sort allows you to group hosts by subnets.  All my wifi hosts here, all my static DHCP hosts here, lab equipment, servers, workstations, etc, in say, for example, separate /24 subnets.  This makes adding firewall rules between the functional groups much easier (by creating "aliases" for an entire subnet) and allowing for network growth.  Leaving the ordering by when a host entry happened to be added is not going to work either, unless we implement the same "move before/after" mechanism used for the firewall rules.

    In addition, can we add an "aliases" field to allow for the equivalent of CNAMEs?  Yes, it has occurred to me that this use of the word "alias" will conflict with the firewall configuration GUI use of "alias".  And the "alias" list there is also sorted alphabetically, rather than by function, which I think would be better.

    Having that as a separate entry may not really make a lot of sense. The way that /etc/hosts supports "aliases" is by having them on the same line like:
    x.x.x.x host1 alias1 alias2

    Yes, that is what I meant.  dnsmasq does the resolve properly in this case.

    Perhaps enhancing the validation to let there be multiple space-separated hostnames in the second box might be one solution.

    This would work if all the host aliases were in one box, and the hosts entry line had all the names with and without the domain name concatted on like this:

    w.x.y.z  host.domain.com host alias1.domain.com alias1 alias2.domain.com alias2

    I have just tested it out and this performs exactly as would be desired.

    Meanwhile dnsmasq's advanced options box could be used to cname to hosts in /etc/hosts

    # Provide an alias for a "local" DNS name. Note that this _only_ works
    # for targets which are names from DHCP or /etc/hosts. Give host
    # "bert" another name, bertrand
    #cname=bertand,bert
    

    Yeah, that gets kind of messy pretty quickly, I think.  It's not very straightforward, and would not be the obvious solution to anyone using pfSense for the first time.  That's how I'm approaching this: as a new user from an initial usability angle.

    Andrew



  • To sort by IP change the following line in /usr/local/www/services_dnsmasq_edit.php:

           return strcasecmp($a['host'], $b['host']);
    

    to

            return !ip_less_than($a['ip'], $b['ip']);
    

    This will sort by IP in increasing order.  Allowing a list of multiple names to be entered for the same IP is trickier because they will need to be exploded into an array, then checked individually against the existing names, which may also be a list which may need to be exploded if not stored as an array already, and checked.

    I don't understand the underlying data structure well enough to be sure that I'm not going to damage it by changing the 'host' element to a linear array or a space delineated list of elements.  Fortunately, space is not a valid host name component (look at the mess created by GNU make because it can't figure out if a file name has a space in it).  Nor am I confident about editing such a list.  Is there any overall guide to the data structure used by pfSense?

    Thanks,

    Andrew


Log in to reply