4. Firewall Log DNS Lookup Dialog Box Missing in 2.1.5

Firewall Log DNS Lookup Dialog Box Missing in 2.1.5

  • N

    The dialog box method for DNS lookup in firewall logs is missing in 2.1.5.
    Don't recall seeing anything about this in the release notes.

    Really don't like having to browse away from the firewall logs page and back again just to get the DNS info of an entry.
    Cumbersome and not user friendly.  Lower usability factor.

    May be related to this firewall logs widget issue.  Think it probably uses some of the same code.
    bug in 2.1.5 firewall logs widget 
    https://forum.pfsense.org/index.php?topic=81076.0

    0
  • Rebel Alliance Developer Netgate

    On 2.2 it's handled via AJAX, but on 2.1.x it was handled by an insecure GET call that was a security issue so it was removed. It was mentioned in the release notes.

    https://doc.pfsense.org/index.php/2.1.5_New_Features_and_Changes

    Remove javascript alert DNS resolution action from the firewall log view. It was already removed from 2.2, and it's better not to allow a GET action to perform that action

    EDIT: Also - Don't want to navigate away? Middle click or right click, open in new tab.

    0
  • N

    Couldn't it have been made secure, like the DNS lookup page, instead of removing?

    I consider opening the DNS lookup page in new window/tab to be same as browsing away and having to return.  And just as inconvenient and cumbersome.

    As for the 2.2.  Not so sure I like the idea of en-mass DNS lookup.  Think I'd rather it be per entry and also have an option for auto lookup at time the activity is logged and keep the name in the log.  DNS names can change and my be different, or even gone, at a later time when manual lookup is done than at the time the activity is logged.

    0
  • Rebel Alliance Developer Netgate

    There was no time to spend on developing a "secure" solution. There is no way to make that work without major coding or backporting the 2.2 version, it was the most prudent course of action.

    On 2.2 you click one IP and it only resolves that one IP to its corresponding hostname, it just happens to replace it everywhere it's found on the page. It doesn't do a mass lookup, it's still single, but it's handled via AJAX/JS.

    If someone wants to code a JS/AJAX version that does a domTT or similar style "pop up" with more detail (that isn't an alert or a separate window), feel free to submit a pull request.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy