לאתר זה תהיה פונקציונליות מוגבלת בזמן שאנו מתחזקים אותו לשיפור החוויה שלך. אם מאמר מסויים לא פותר את הבעיה שלך וברצונך לשאול שאלה, קהילת התמיכה שלנו מחכה לעזור לך ב־Twitter תחת ‎@FirefoxSupport וב־Reddit תחת ‎/r/firefox.

חיפוש בתמיכה

יש להימנע מהונאות תמיכה. לעולם לא נבקש ממך להתקשר או לשלוח הודעת טקסט למספר טלפון או לשתף מידע אישי. נא לדווח על כל פעילות חשודה באמצעות באפשרות ״דיווח על שימוש לרעה״.

מידע נוסף

Why is Firefox 36 on Windows receiving connections from DNS servers? Option network.dns.get-ttl

  • 1 תגובה
  • 3 have this problem
  • 16 views
  • תגובה אחרונה מאת jayelbe

more options

Subsequent to updating to Firefox 36, my firewall has been inundating me with requests to allow external connections from the Internet to my browser. Looking into this in more detail, Comodo Firewall is indicating that external Internet sites are trying to connect to Firefox, from port 53 to an arbitrary port on my machine.

If I disable the new FF36 option network.dns.get-ttl, this stops. I can't find any documentation or help on this option.

Why is Firefox doing this? Is Comodo incorrect when it labels this as an external attempt to connect? (It's normally been extremely good at differentiating between inbound & outbound traffic). I'm assuming that Firefox is trying to determine TTL for DNS caching, but it doesn't make sense why DNS servers are then trying to connect back to me.

I'm loathe to create a firewall rule that states arbitrary connections from the Internet to my machine are OK as long as they originated on port 53, so advice on how to manage whatever this new feature is securely would be appreciated.

Thanks in advance for any assistance.

Subsequent to updating to Firefox 36, my firewall has been inundating me with requests to allow external connections from the Internet to my browser. Looking into this in more detail, Comodo Firewall is indicating that external Internet sites are trying to connect to Firefox, from port 53 to an arbitrary port on my machine. If I disable the new FF36 option network.dns.get-ttl, this stops. I can't find any documentation or help on this option. Why is Firefox doing this? Is Comodo incorrect when it labels this as an external attempt to connect? (It's normally been extremely good at differentiating between inbound & outbound traffic). I'm assuming that Firefox is trying to determine TTL for DNS caching, but it doesn't make sense why DNS servers are then trying to connect back to me. I'm loathe to create a firewall rule that states arbitrary connections from the Internet to my machine are OK as long as they originated on port 53, so advice on how to manage whatever this new feature is securely would be appreciated. Thanks in advance for any assistance.

פתרון נבחר

Hi grammarye,

Yep, you're right in thinking that Firefox is attempting to look up the TTL. This is new behaviour in Firefox 36 and was introduced because services with frequently changing DNS records (like Cloudflare) weren't working correctly for Firefox users.

Firefox makes asynchronous DNS lookups - meaning it will make a DNS request and then proceed to do other work instead of waiting for a response.

Your ISP's DNS server will only cache a domain's TTL for a short time, so if it doesn't have the current TTL, it will query with other DNS servers to find it.

IANAE, but presumably what's happening is thus:

  1. Firefox attempts to lookup the DNS record for the domain you wish to connect to
  2. Your ISP's DNS server doesn't have the current TTL, so connects with other DNS servers to find it
  3. During the delay, Firefox busies itself with something else
  4. DNS server then reconnects to give you the full DNS record, including TTL
  5. Comodo sees the packets from the DNS server and panics

I completely agree that whitelisting arbitrary ports is a bad idea, but in this case the behaviour is completely innocuous.

You may wish to whitelist Firefox in your Comodo firewall, or continue to leave network.dns.get-ttl disabled.

(edited to fix broken links and add a sentence)

Read this answer in context 👍 0

כל התגובות (1)

more options

פתרון נבחר

Hi grammarye,

Yep, you're right in thinking that Firefox is attempting to look up the TTL. This is new behaviour in Firefox 36 and was introduced because services with frequently changing DNS records (like Cloudflare) weren't working correctly for Firefox users.

Firefox makes asynchronous DNS lookups - meaning it will make a DNS request and then proceed to do other work instead of waiting for a response.

Your ISP's DNS server will only cache a domain's TTL for a short time, so if it doesn't have the current TTL, it will query with other DNS servers to find it.

IANAE, but presumably what's happening is thus:

  1. Firefox attempts to lookup the DNS record for the domain you wish to connect to
  2. Your ISP's DNS server doesn't have the current TTL, so connects with other DNS servers to find it
  3. During the delay, Firefox busies itself with something else
  4. DNS server then reconnects to give you the full DNS record, including TTL
  5. Comodo sees the packets from the DNS server and panics

I completely agree that whitelisting arbitrary ports is a bad idea, but in this case the behaviour is completely innocuous.

You may wish to whitelist Firefox in your Comodo firewall, or continue to leave network.dns.get-ttl disabled.

(edited to fix broken links and add a sentence)

השתנתה ב־ על־ידי jayelbe