What's New in 3.3.1
- Fixed issue with rainbow lists not returning non-A/AAAA answers.
- Fixes issue with CNAME flattening sanity check.
- pfSense 3.3.1_4
What's New in 3.3.0-11
- Fixed issue with host file entries that match the domain name.
- Added support for aarch64.
- Support for Debian 9. (see https://cloud.docker.com/u/adamnet/repository/docker/adamnet/dnsthingy)
- Fixed a CNAME flattening related crash
- Disabled CNAME blocking for blacklists.
- Removed case-lowering of entity name in netbios module.
- Adds support for the SG-1100
What's New in 3.2.1-4
- Modified partner ip address (used for geolocation).
- Fixed duplicate entries in reporting on gateway ip addresses.
- Fixed NS parser immediate pointer resolution.
- No changes
- Fixes some PHP errors on installation
- Fix compatibility with pre-2.4.4 installs
What's New in 3.2.1-2
- Added new configuration flag "ipe-min-ttl" which can be set to a value such as 60 and prevent browser DNS caching from preventing page loads due to low DNS TTL values in the case where DTTS is enabled.
- Fixed brain ipaddr resolution accepting AR records instead of AN only.
- IPE minimum TTL is set to 60 by default
What's New in 3.2.0-1980
- Fixed wan access issue for both iptables and pf.
- Fixed parsers to treat tab character as space.
- Resolved issue with corrupted packet: for non-reading / non-writing commands.
- Fix PHP error when installing on some fresh pfSense installations.
- No changes
What's New in 3.2.0-1935
- Fixed httpproxy issue with exhausting ip address pool
- Fixed EDNS0 parsing
- Now only one IP4 or IP6 host will be stored per host name in the host file
- New --private-subnets flag allows blocking specified subnets from upstream responses. Can be used for DNS rebind protection.
- If DNS Rebind Check is enabled DNSthingy will also apply the same DNS rebind protections.
- DNSthingy will now automatically pickup new interfaces if all is selected.
- When DTTS auto-firewall is enabled, adds a message to the firewall rule list to inform the user how rules are processed behind the scenes.
- We now allow other built-in resolvers to be enabled alongside DNSthingy as long as they are not running on conflicting ports or interfaces. User is now responsible for removing that conflict if it does exist.
- DNSthingy now appears in the Service Status widget.
- We've renamed our package to "dnsthingy" to resolve conflict with official packages.
What's New in 3.2.0-1876
- Active monitoring of hosts and DHCP entries.
- Allow custom port for rainbow list forwarder.
Backwards incompatible changes
files-to-monitor option replaces previous flags for local resolve, hosts, and leases files.
- UI messaging when DTTS configuration issues are detected.
- Automatic Cloud Backup support.
What's New in 3.2.0-1741
- In pfsense package 3.2.0_20 support for 2.3 amd64 is fixed
What's New in 3.2.0-1726
- Resolves a problem where profile flags were not being reset automatically on profile changes.
- Resolved issue with 32-bit 2.3.x installations.
- When applying changes the text output now shows what port the built-in DNS resolver was set to.
What's New in 3.2.0-1723
- Resolved issue with DTTS feature on pfSense 2.4
- If the system resolv.conf does not contain upstream DNS resolvers, we now use Google DNS by default.
What's New in 3.2.0-1721
- Resolves an issue where in a small number of cases a CNAME resolution could cause a memory issue.
- Block page now sends "Cache-Control" header to prevent browser caching.
- Warn user is an existing firewall rule blocks all traffic and DTTS auto mode is also being turned on. [ Credit to Ian Morris for reporting ]
- We now automatically kill the dnsmasq process if it prevents dnsthingy from starting.
What's New in 3.2.0-1688
- Block page now utilizes an IP subnet (vs a single static IP on the LAN interface). This allows for faster unblock page processing to support a new feature coming soon.
Better NetBIOS name discovery. In cases where our service host is not the DHCP server, better name discovery is now included.
IP enforcement and DNS services combined into a single service. Previously there were two processes in place to facilitate load balancing across devices, but in cases where only one appliance is in use, a single process is more efficient.
Under mytools.management/log, logging capability has been enhanced with many view filter options (Status, IP, Name, Answer, Rule, Rule Kind, etc).
- Logging capability addition for traffic logging in order to easily visualize blocked/allowed packets while narrowing the list down by source, destination or blocked/allowed status.