Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall Log DNS Lookup Dialog Box Missing in 2.1.5

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    4 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      NOYB
      last edited by

      The dialog box method for DNS lookup in firewall logs is missing in 2.1.5.
      Don't recall seeing anything about this in the release notes.

      Really don't like having to browse away from the firewall logs page and back again just to get the DNS info of an entry.
      Cumbersome and not user friendly.  Lower usability factor.

      May be related to this firewall logs widget issue.  Think it probably uses some of the same code.
      bug in 2.1.5 firewall logs widget 
      https://forum.pfsense.org/index.php?topic=81076.0

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        On 2.2 it's handled via AJAX, but on 2.1.x it was handled by an insecure GET call that was a security issue so it was removed. It was mentioned in the release notes.

        https://doc.pfsense.org/index.php/2.1.5_New_Features_and_Changes

        Remove javascript alert DNS resolution action from the firewall log view. It was already removed from 2.2, and it's better not to allow a GET action to perform that action

        EDIT: Also - Don't want to navigate away? Middle click or right click, open in new tab.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • N
          NOYB
          last edited by

          Couldn't it have been made secure, like the DNS lookup page, instead of removing?

          I consider opening the DNS lookup page in new window/tab to be same as browsing away and having to return.  And just as inconvenient and cumbersome.

          As for the 2.2.  Not so sure I like the idea of en-mass DNS lookup.  Think I'd rather it be per entry and also have an option for auto lookup at time the activity is logged and keep the name in the log.  DNS names can change and my be different, or even gone, at a later time when manual lookup is done than at the time the activity is logged.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            There was no time to spend on developing a "secure" solution. There is no way to make that work without major coding or backporting the 2.2 version, it was the most prudent course of action.

            On 2.2 you click one IP and it only resolves that one IP to its corresponding hostname, it just happens to replace it everywhere it's found on the page. It doesn't do a mass lookup, it's still single, but it's handled via AJAX/JS.

            If someone wants to code a JS/AJAX version that does a domTT or similar style "pop up" with more detail (that isn't an alert or a separate window), feel free to submit a pull request.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.