Firewall Log DNS Lookup Dialog Box Missing in 2.1.5
-
The dialog box method for DNS lookup in firewall logs is missing in 2.1.5.
Don't recall seeing anything about this in the release notes.Really don't like having to browse away from the firewall logs page and back again just to get the DNS info of an entry.
Cumbersome and not user friendly. Lower usability factor.May be related to this firewall logs widget issue. Think it probably uses some of the same code.
bug in 2.1.5 firewall logs widget
https://forum.pfsense.org/index.php?topic=81076.0 -
On 2.2 it's handled via AJAX, but on 2.1.x it was handled by an insecure GET call that was a security issue so it was removed. It was mentioned in the release notes.
https://doc.pfsense.org/index.php/2.1.5_New_Features_and_Changes
Remove javascript alert DNS resolution action from the firewall log view. It was already removed from 2.2, and it's better not to allow a GET action to perform that action
EDIT: Also - Don't want to navigate away? Middle click or right click, open in new tab.
-
Couldn't it have been made secure, like the DNS lookup page, instead of removing?
I consider opening the DNS lookup page in new window/tab to be same as browsing away and having to return. And just as inconvenient and cumbersome.
As for the 2.2. Not so sure I like the idea of en-mass DNS lookup. Think I'd rather it be per entry and also have an option for auto lookup at time the activity is logged and keep the name in the log. DNS names can change and my be different, or even gone, at a later time when manual lookup is done than at the time the activity is logged.
-
There was no time to spend on developing a "secure" solution. There is no way to make that work without major coding or backporting the 2.2 version, it was the most prudent course of action.
On 2.2 you click one IP and it only resolves that one IP to its corresponding hostname, it just happens to replace it everywhere it's found on the page. It doesn't do a mass lookup, it's still single, but it's handled via AJAX/JS.
If someone wants to code a JS/AJAX version that does a domTT or similar style "pop up" with more detail (that isn't an alert or a separate window), feel free to submit a pull request.
