Bug #13793
openfilterdns does not reconcile modelled tables with the current state of filter tables
0%
Description
filterdns tracks changes in the sets of addresses associated with hostnames to generate add/delete events for those addresses to apply to filter tables. This results in a relatively fast mechanism to update changes to a table which, because of the nature of DNS, should usually be quite small sets of additions and deletions. This model, however, fails to account for the fact that filterdns does not have exclusive access to filter tables and they may be changed out-of-band. The most prominent out-of-band change occurs when a user clears a table from the GUI. As filterdns is not aware of this out-of-band action, it maintains the assumption that all known table->host->address mappings are consistent with the state of the filter table, and will not restore entries that are removed out-of-band or remove entries that are added out-of-band.
Unfortunately, this probably means each interval we will need to read the tables and do a set comparison of each. I will also look into the pf code to see if tables might have a change reference of some kind that we could refer to, and specifically target only those tables for which the changeref differs from what we expect.
Related issues
Updated by Reid Linnemann almost 2 years ago
- Related to Bug #9296: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries added
Updated by Marcos M over 1 year ago
- Target version changed from 2.7.0 to CE-Next
- Plus Target Version changed from 22.05 to Plus-Next
Updated by Jim Pingle over 1 year ago
- Plus Target Version changed from Plus-Next to 23.09
Updated by Jim Pingle about 1 year ago
- Plus Target Version changed from 23.09 to 24.01
Updated by Jim Pingle about 1 year ago
- Plus Target Version changed from 24.01 to 24.03
Updated by Jim Pingle 9 months ago
- Plus Target Version changed from 24.03 to 24.07
Updated by Jim Pingle 7 months ago
- Plus Target Version changed from 24.07 to 24.08
Updated by Jim Pingle 2 months ago
- Plus Target Version changed from 24.08 to 24.11
Updated by Jim Pingle 2 months ago
- Plus Target Version changed from 24.11 to 25.01
Updated by Jim Pingle 2 days ago
- Plus Target Version changed from 25.01 to 25.03