search

AdguardTeam / AdGuardHome

Network-wide ads & trackers blocking DNS server
https://adguard.com/adguard-home.html
GNU General Public License v3.0
25.46k stars 1.83k forks source link

Search by response fields (IPs, CNAMEs, etc) in query log #1933

Open Heshmatkhah opened 4 years ago

Heshmatkhah commented 4 years ago

Problem Description

I need to be able to search in the responses (especially CNAM records) from the server to the clients in order to figure out is the response poisoned through the DNS poisoning attack or not.

Iran government do DNS poisoning in addition to IP filtering and blocking DNS over HTTPS Servers, So I need to be able to search in the responses so I can search and specify a correct upstream for that domain

Proposed Solution

filter query log based on responses in addition to client and request

Alternatives Considered

If the server supports an external database for logging or a logging system (like Syslog servers) everyone how needs an advanced search can use that database for storing and searching in Query Log.

ainar-g commented 2 years ago

This is largely blocked on #2290. Once that is resolved, this could become possible.

KamistixX commented 2 years ago

Thank you, this would be a major enhancement indeed.