Dashboard Guide
The VeloGuardian DNS web dashboard provides full visibility into your network’s DNS activity. Access it at http://<appliance-ip>:8080 from any device on your network.
The home page gives you an at-a-glance overview of DNS activity.
Statistics cards across the top show:
| Stat | Description |
|---|---|
| Total Queries | Number of DNS queries in the selected period |
| Blocked Queries | Number blocked, with percentage of total |
| Cached Queries | Number served from cache (faster, no upstream lookup) |
| Average Latency | Mean response time in milliseconds |
Query activity chart shows total, blocked, and cached queries over time. Toggle between 24 hours and 7 days views. The chart auto-refreshes every 30 seconds.
Below the chart, three tables show the Top 10 Domains, Top 10 Blocked Domains, and Top Clients by Query Volume.
Query Log
Section titled “Query Log”A searchable, paginated log of every DNS query the appliance has processed.
Columns:
| Column | Description |
|---|---|
| Time | When the query was received |
| Domain | The requested domain name |
| Type | DNS record type (A, AAAA, CNAME, MX, etc.) |
| Client | IP address of the requesting device |
| Status | Allowed, Blocked, Cached, or Error |
| Response | Time taken in milliseconds |
| Reason | Why a query was blocked (blocklist name, category, custom rule) |
Filters (combined with AND logic):
- Domain — text search (substring match)
- Client IP — text search
- Status — dropdown: All, Allowed, Blocked, Cached, Error
Results are sorted newest-first with 50 entries per page.
Local DNS
Section titled “Local DNS”Create custom DNS records that override upstream resolution. Useful for internal hostnames, split DNS, or testing.
Supported record types:
| Type | Value format | Example |
|---|---|---|
| A | IPv4 address | 192.168.1.50 |
| AAAA | IPv6 address | fd00::1 |
| CNAME | Target domain | server.internal.example.com |
Local DNS records are checked before the filter engine and upstream resolvers. CNAME records are automatically chased — the appliance resolves the target to include A/AAAA answers.
Each record has an Enabled toggle so you can temporarily disable it without deleting.
Reports
Section titled “Reports”Generate PDF reports summarizing DNS activity over a time period, optionally scoped to specific clients.
IP Groups
Section titled “IP Groups”Group client IPs together (e.g., “Kids devices”, “Office workstations”) so you can scope reports to specific sets of devices.
Report configurations
Section titled “Report configurations”Each report configuration defines:
| Setting | Options |
|---|---|
| Time range | Last 24 hours, 7 days, 30 days, or custom date range |
| Scope | All clients, specific IPs, or an IP group |
| Schedule | None (manual), daily, weekly, or monthly |
| Email delivery | Send the PDF to an email address on generation |
| Retention | Maximum reports to keep (default 10, oldest auto-deleted) |
Click Generate to create a report immediately, or let the schedule run automatically.
PDF report contents
Section titled “PDF report contents”Each generated PDF includes:
- Summary cards — total queries, block rate, average latency
- Top 10 allowed domains — bar chart
- Top 10 blocked domains — bar chart with category labels
- Category breakdown — pie chart showing the distribution of blocked categories
- Security breakdown — separate pie chart for security-relevant categories (malware, phishing, botnet, etc.)
- Top clients — bar chart (omitted when scoped to specific IPs)
- Hourly activity — area chart showing query patterns over time
Reports are available for download from the dashboard or delivered by email if SMTP is configured.
Settings
Section titled “Settings”Upstream DNS
Section titled “Upstream DNS”Configure which DNS servers the appliance queries for domains that aren’t blocked or cached.
| Type | Description | Example |
|---|---|---|
plain | Standard DNS (UDP/TCP) | 1.1.1.1:53 |
doh | DNS-over-HTTPS | https://cloudflare-dns.com/dns-query |
dot | DNS-over-TLS | tls://1.1.1.1 |
Multiple upstreams are tried in order. Changes take effect immediately — no restart needed.
Blocklist update schedule
Section titled “Blocklist update schedule”A cron expression controlling when blocklists are re-downloaded and the filter index is rebuilt. Default: 0 4 * * * (daily at 4 AM).
Runtime settings
Section titled “Runtime settings”| Setting | Description | Default |
|---|---|---|
| Log level | Verbosity: debug, info, warn, error | info |
| Blocking mode | How blocked queries are answered | nxdomain |
| Custom blocking IP | IP to return when blocking mode is custom_ip | — |
| Safe search | Force safe search on Google, Bing, YouTube | Off |
| YouTube restrict | Safe search level for YouTube: moderate or strict | — |
| Rate limit | Max queries per second per client | 100 |
| Query log retention | Days to keep query logs | 30 |
| Anonymize clients | Mask the last octet of client IPs in logs | Off |
Blocking modes:
| Mode | Behavior |
|---|---|
nxdomain | Respond with NXDOMAIN (domain does not exist) |
null_ip | Respond with 0.0.0.0 / :: |
custom_ip | Respond with a custom IP address |
Password
Section titled “Password”Change the dashboard login password. Enter your current password and the new password twice to confirm.
DNS cache
Section titled “DNS cache”View the current cache size and flush the entire cache. Flushing forces all subsequent queries to go to upstream resolvers until the cache rebuilds naturally.
DNS service control
Section titled “DNS service control”Restart DNS performs a graceful restart — the DNS listener rebinds without dropping the web dashboard. Use this after major configuration changes or if DNS resolution seems stuck.
Backup and restore
Section titled “Backup and restore”- Download Backup — exports the database and configuration as an encrypted ZIP file
- Restore from Backup — upload a previously exported ZIP to restore all settings, profiles, blocklists, and logs
Configure email delivery for reports and test emails.
| Setting | Description |
|---|---|
| Host | SMTP server hostname |
| Port | SMTP port (default: 587) |
| Username | SMTP authentication username |
| Password | SMTP authentication password |
| From address | Sender email address |
| Security | none, starttls, or ssl |
| Skip TLS verification | Bypass certificate validation (for self-signed certs) |
Use the Test Email button to verify your configuration before relying on scheduled report delivery.
System Status
Section titled “System Status”Displays appliance health:
- Hostname, uptime, CPU cores, app version
- Memory usage — bar with color coding (green < 70%, yellow < 90%, red > 90%)
- Disk usage — same color coding
- Load averages — 1, 5, and 15 minute
- Updates — check for new versions, download, upload, and apply
System Logs
Section titled “System Logs”Live view of the appliance’s system log (journalctl output). Configurable line count (50–500) with auto-refresh every 5 seconds. Log lines are color-coded by level: red for errors, yellow for warnings.