Firewalla App version 1.56 is available on both Android and iOS.
Some of the new features require box version 1.977 or above. This version is available to Firewalla Gold, Gold SE, Purple, Purple SE, Blue Plus.
New Features
- Wi-Fi Performance Test Tool
- Better Flow Filtering with Exclusion
- Custom "Pause Until" Time
- Smart Queue - CAKE (Public Beta)
- Better Device Identification
- Local Port in Smart Queue Rules
- Server Certificate in AnyConnect
1. Wi-Fi Performance Test Tool (Requires Box 1.977)
Wi-Fi Performance Test Tool Video Tutorial
Wi-Fi Test makes it easy to find the best and worst Wi-Fi spots around your house.
When your phone is connected to Firewalla’s local network, you can use Wi-Fi Test to test the connection speed from your phone to the Firewalla box. A live chart displays the test results. You can switch between download, upload, and ping latency tests. Walk around your house or room to visualize where you get better and worse Wi-Fi connections.
Wi-Fi Roaming Detection is supported in this version. If you run around the house with your phone, you can now see the AP roaming event and which AP your phone is connecting to.
- If you’re connected to the VPN server, the feature will be displayed as VPN Test instead of a Wi-Fi Test. VPN Test will show you the speed from your phone to your Firewalla box via VPN.
2. Better Flow Filtering with Exclusion (Requires Box 1.977)
Better Flow Filtering with Exclusion Video Tutorial
If your network flows are clogged with inbound blocked flows or minor traffic from the same 1-2 devices, it can be hard for you to find the network activities that you care about.
In this release, network flows are now more navigable with our new "Exclude" function. In the Flows page, tap Exclude, and you can easily exclude unwanted traffic to hide them from view.
- Inbound Flows: Flows that are coming from outside. These are typically blocked.
- Blocked Flows: Flows that have been intercepted by Firewalla.
- System Noise: Excluding system noise will filter out background traffic on your OS system and commonly seen apps (including ads, tracking, telemetry, software updates, analytics, NTP, and public cloud services). It helps you focus on important activities within your network.
Additionally, you can add specified devices or targets to exclude. For example, if you don't want to see the blocked flows from a certain quarantined device, you can exclude it from appearing in Blocked Flows.
3. Custom "Pause Until" Time
Custom "Pause Until" Time Video Tutorial
Many of our users have requested more flexible customization when pausing rules. In addition to pausing a rule for a certain amount of time, we now support specifying exactly when a rule should be resumed (within 24 hours).
4. Smart Queue - CAKE (Public Beta)
Smart Queue - CAKE Video Tutorial
CAKE (Common Applications Kept Enhanced) is a shaping-capable queue discipline which uses both AQM and FQ.
Smart Queue - CAKE is available in all Gold, Purple, and Purple SE boxes in this release. To switch to CAKE, tap Smart Queue on the box's main screen, tap Queue Type -> CAKE, and save.
- CAKE is best used with low-speed Internet.
- CAKE is in Public Beta. If you have any feedback, please post it here.
5. Better Device Identification (Requires Box 1.977)
Better Device Identification Video Tutorial
Firewalla can now identify the type of devices in your network more quickly. You can also change your device's device type if Firewalla's identification isn't correct.
6. Local Port in Smart Queue Rules
Local Port in Smart Queue Rules Video Tutorial
We now support specifying a Local Port as the target in Smart Queue Rules.
7. Server Certificate in AnyConnect
We now support Server Certificate for AnyConnect configurations in Firewalla's VPN Client.
Special Features
WireGuard VPN Device Limit Increased
You'll now be able to create and manage a maximum of 25 VPN devices connected to your WireGuard VPN server on boxes running in the production version.
Note: If your box runs in beta/early access, you can create up to 100 devices. Learn more from App Release 1.55.
Enhancements
1. [Port Forwarding] Supported editing port forwarding.
In Network Manager -> NAT Settings -> Port Forwarding, you can tap any port forwarding rule to edit it directly. UPnP-opened ports cannot be edited.
2. [QR Code Scan] Supported loading in photos when scanning QR codes for pairing or opening support access.
While scanning a QR code, you can tap the photo icon in the top right corner to load a photo from your photos library instead. You can also tap the paste icon to paste a string from your clipboard.
3. [Data Usage] More Accurate Calculation on WAN Interface in Router Mode
Firewalla Data Usage helps you monitor your online data usage trends over 12 months and notifies you when your usage is close to reaching your ISP's data plan limit. As mentioned in the Bandwidth Usage Monitoring doc, previous versions did not count IP and MAC headers in your data packets, which would sometimes cause a ~10% deviation. Additionally, data related to some features, including VPN, Speed Test, and Docker containers, were not included in the calculation.
With this release, Firewalla can calculate your data usage more accurately by catching the exact amount of data going out of your WAN port to your ISP. You won't need to worry about over-consuming data without being notified first.
Note: This new method counts all incoming and outgoing traffic on your WAN interface. so if there is upstream multicast traffic and your ISP excludes upstream multicast traffic, the data usage calculated by Firewalla may be higher than that reported by your ISP.
4. Better Detection of Captive Portals
When traveling with Firewalla, Purple's short-distance Wi-Fi allows you to connect your Firewalla to a public Wi-Fi network to give your devices Internet access while still being protected by your Trusted LAN.
Some public Wi-Fi networks use a captive portal that users must pass through before connecting to the Internet. With release 1.977, we've improved how we detect different types of captive portals to make the experience of traveling with Firewalla easier and smoother.
Bug Fixes
- Fixed an issue where FaceID system-wide failure may occur if Kid Lock fails upon resuming from the backend. (iOS 1.56.92 or later)
- Fixed an issue where the app would crash on iOS version 17 while filtering alarms with no results. (iOS 1.56.92 or later)
- Fixed incorrect Internet Outage duration calculation in Network Performance. (Android Only)
- Fixed the issue of failing to recognize 100.64.0.0/14 as a private network.
- Fixed the issue of the WireGuard VPN network showing in mDNS reflector configurations while it's not supported.
- Fixed the issue of the displaying time format not following the OS default format. (iOS only)
- Fixed the issue where the Firewalla box time zone was not up to date.
- Fixed the issue where "Device Groups" were not migrated during the initial setup migration.
- Fixed the issue where VPN Client - AnyConnect did not work on Firewalla Blue Plus.
- Fixed the issue where IPv6 did not work for dual-WAN setups if the IPv6 configuration on the WAN was changed.
- Fixed the issue where Country and City info were mismatched in the destination details of flows and alarms.
-
Fixed the issue where WAN IP was not being renewed automatically after the WAN's DHCP range was changed.
- Fixed the issue with parsing malformed intel data from the cloud.
- Fixed the issue that the box's timezone info not being migrated when restoring/replacing a box during the initial setup.
- Supported Hardware Troubleshooting on iOS that includes Reset to Factory Default, Show Logs, Check MAC Address and Console Password without pairing with the Firewalla box.
Open Issues
- [Live Throughput] IPv6 and UDP traffic may not be counted in live throughput stats for the device and device group. There is no impact on live throughput stats on the network level. Will be fixed in the next release.
- [Device Name] Apple devices may be mis-identified as other devices if they've been connected to certian networking services.
Resolved Issues
- [Alarms] App may crash when tap on the alarms button if there are alarms containing certain Xiaomi devices.
How to fix: It is already fixed on iOS version 1.56.1. - [Pause Rule / Emergency Access] "Pause For Today" or "Turn On Emergency Access For Today" may not work in Rules on iOS app.
How to fix: It is already fixed on iOS version 1.56.1. - [Smart Queue] Smart Queue rules with target matching the combination of a domain + remote ports, or an IP address/IP range + remote ports cannot be created or edited. The previously created rules will continue to work.
How to fix: It is already fixed on iOS version 1.56.1. - [Wi-Fi Test] The new Wi-Fi Performance Test Tool does not work on Firewalla Gold Rev B, and Firewalla Gold with Ubuntu 20 image installed.
How to fix: It is already fixed on box version 1.977.
Comments
1 comment
I really like the Flow "Exclude" filter. Will that functionality also be added to the Web UI and MSP?
Please sign in to leave a comment.