Project

General

Profile

Actions
Copy link

Bug #8531

closed

URL Table aliases don't support FQDNs or names that return >1 IP

Added by → luckman212 almost 6 years ago. Updated over 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Luiz Souza
Category:
Aliases / Tables
Target version:
2.4.5
Start date:
05/21/2018
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

In my testing (pfSense 2.4.3-p1 as well as 'master') the only Alias type that supports FQDNs is "Host". This is limiting. One of the things I want to be able to do with aliases is to centrally distributing white- or black-lists containing a mix of IPs, subnets, and FQDNs. Some of these FQDNs may return multiple IPs, or a mix of IPv4 and IPv6 records, e.g.

$ dig +short cnn.com A cnn.com AAAA
151.101.1.67
151.101.193.67
151.101.129.67
151.101.65.67
2a04:4e42::323
2a04:4e42:200::323
2a04:4e42:400::323
2a04:4e42:600::323

I created a quick patch that enables URL Table aliases to return a mix of IPv4/IPv6 entries as well as accomodate multiple entries per FQDN. I did very limited testing with this but "it works for me". Before I submit a PR could someone please comment? Please go easy on me it's been a year since I've touched pfSense code...

Patch is below:
https://github.com/luckman212/pfsense/commit/08769cb1ee9c5e257b65f33583b55383bcbb03fe

Actions
Copy link
 #1

Updated by → luckman212 almost 6 years ago

I added timeout values to the dig command, but rather than 2 separate commits for this tiny patch, I made a new branch that has them squashed:
https://github.com/luckman212/pfsense/commit/063fa3a4a0832da86f9076040417903aa5d4ca7c

Actions
Copy link
 #2

Updated by Luiz Souza over 5 years ago

  • Assignee set to Luiz Souza
  • Target version set to 48
Actions
Copy link
 #3

Updated by → luckman212 over 5 years ago

Also, I should probably redo this patch in pure PHP and use dns_get_record() http://php.net/manual/en/function.dns-get-record.php instead of shell functions to avoid the forking.

Actions
Copy link
 #4

Updated by Jim Pingle about 5 years ago

  • Target version changed from 48 to 2.5.0
Actions
Copy link
 #5

Updated by Jim Pingle over 4 years ago

  • Category set to Rules / NAT
Actions
Copy link
 #6

Updated by Jim Pingle over 4 years ago

  • Category changed from Rules / NAT to Aliases / Tables
Actions
Copy link
 #8

Updated by Jim Pingle over 4 years ago

  • Status changed from New to Pull Request Review
Actions
Copy link
 #9

Updated by Renato Botelho over 4 years ago

  • Status changed from Pull Request Review to Feedback
  • Target version changed from 2.5.0 to 2.4.5
  • % Done changed from 0 to 100

PR has been merged. Thanks!

Actions
Copy link
 #10

Updated by Viktor Gurov over 4 years ago

  • Status changed from Feedback to Resolved

Renato Botelho wrote:

PR has been merged. Thanks!

tested on 2.4.5.a.20200108.1746

works as expected

Actions
Copy link

Also available in: Atom PDF