pfSense

Currently to use a FQDN in a firewall rule you need to add an alias for it. The alias documentation states:
"Hosts must be specified by their IP address or fully qualified domain name (FQDN). FQDN hostnames are periodically re-resolved and updated."

In single source/destination rules it's an cumbersome process to add and manage aliases for single hosts and then use the alias in a rule. So why can't this same source code to do reverse FQDN resolving be implemented directly in the firewall rule system?

Desired functionality: When you add a rule, the source or destination will allow the user to input a FQDN. Then pfsense is doing a reverse lookup to determine IP, the same as the alias system would do.

As I see it this can be implemented in two ways from the user perspective:
A) That the "Single host or alias" option accepts FQDN's in additions to IP's and aliases.
B) New option in the list called "FQDN" that is separate from the others.

If this is added it will be much easier to manage rules. For instance if you need network subnet X to access myhost.mydomain.com, you can click "add rule", source --> subnet X, destination --> myhost.mydomain.com, save.

As a bonus this will make the rule lists very tidy, as the rule overview state directly the FQDN, not as the current solution where an alias could potentially be some other domain (typo, humans, errors happen).

Today and in the future it is and will be just more and more important of having proper DNS configured in networks where pfsense is deployed (with the coming IPv6 "rush" in the future years). Many users already have reverse DNS working with the use of "registration of DHCP client names" in DNS and static DCHP or DNS entries.

This will also probably be one step in right direction in terms of dual stack rules (myhost.mydomain.com can for instance return both IPv4 & IPv6, easy, one rule to allow access to one host on both IPv4 and IPv6 dynamically following the DNS entries).