Firewalla app version 1.61 is now available to all users!
Note that in this release, we've merged Users with device groups to simplify device management. See the UI Remodeling section below for more details.
New Features
1. User Activity Time Limits
User Activity Time Limits Video Tutorial
In 1.60, we introduced Users to help you track when people access certain apps (even via a browser) on your network. With this release, you can now control when and for how long they have access with Time Limits. For example, you can limit your kids to 2 hours per day of Fortnite on weekends or set a daily 1-hour limit for YouTube or Netflix. There are two ways to set time limits for Users:
- Directly from the User's detail page
- By creating a new rule
To set a time limit from the User's detail page, scroll down and tap Add Time Limit under the activity chart, select an app, and set a daily or weekly time limit.
To set a time limit by creating a Rule, tap on Rules from your box's main screen, then tap Add Rule. Choose Time Limit as the action, select an app, select a User, and then set a daily or weekly time limit. Time Limits can only be applied to Users.
If you create a Time Limit and set the schedule for Every Week, the limit will apply to each day individually. For example, a 2-hour Roblox limit for Saturday and Sunday means that the user will have 2 hours of Roblox access each day.
Activity information for devices and device groups
We've now added app usage activity information (previously available only for Users) to devices and device groups. If there's any app activity detected, you'll see an Activities tab (next to Flows). Tap it to see when and for how long certain apps and websites were used for each device or group. Tap Activities to see a detailed breakdown of app usage over time.
If you don't see the Activities/Flows tabs on your device or device group detail pages, it means there has been no app activity detected over the past 7 days. The list of Firewalla supported apps can be found in our Users tutorial. We'll continue to expand our list of apps that you can track and limit with Firewalla – stay tuned for more updates soon!
2. System Vulnerability Scan
System Vulnerability Scan Video Tutorial
Discover weak credentials on commonly used ports with Firewalla's new System Vulnerability Scan! This scan can detect issues like:
- Services that do not have password protection
- Services that may have a default password
- Services that may be using a common/simple password
The following protocols will be checked:
- SSH
- Telnet
- FTP
- HTTP basic authentication
- Redis
- MySQL
Firewalla will check each port's protections against our extensive intelligence database of common username and password pairs.
To start a system vulnerability scan, tap Scan on your box's main screen, then tap Scan System Vulnerabilities. Once the scan is done, you'll receive a push notification on your phone. Firewalla will list any weak usernames and passwords on your devices' ports.
If you see any weak usernames and passwords, we recommend that you first log into your device and verify if the scan result is correct. If you see a suspicious number of passwords matching a single port on one device, then they are likely false positives. We suggest you try logging into that port with one or two of the scan results to confirm. The following devices may return false positives:
- Netgear NightHawk router
Note that this scan may register as suspicious activity or password guessing to devices with anti-virus enabled. Additionally, during the scan, some devices may restrict login due to too many login attempts.
Note that depending on the complexity of your network, this scan may take up to several hours to finish. However, you can continue using the app while the scan runs in the background. Learn more about Firewalla's scanning capabilities in our article on our Scan features.
3. Dynamic Control Buttons
Dynamic Control Buttons Video Tutorial
Firewalla's control buttons now always accurately reflect the status of the target, allowing you to easily determine whether a target is blocked on a certain device, group, user, or network.
For example, if you have a scheduled rule that blocks all video sites from 9 PM to 7 AM every day, during this timeframe, the "Video" control button will display as "blocked". You can temporarily pause the block by tapping the button to reward your kids with additional screen time. Additionally, when managing users, you can create or edit your time limit rules on apps that support time limits.
To make the dynamic control buttons more accessible, you can pin your devices to the box's main screen. The app will show and automatically prioritize the control buttons by relevance, ensuring that the target you want to control is always within one tap's reach.
4. Rule Shortcuts
To make controlling access on your network easier and faster, you can now add a rule to your box's main screen. Activate or pause any rule with one tap.
To add a rule to the main screen, tap on your rule from the Rules list. Then, scroll down and tap Add to Main Screen. You'll see the rule appear above any recent/pinned devices. Tap the switch to pause or resume the rule.
Note that only one rule can be added to the main screen at a time (If you need more rules on the main screen, please let us know!). Additionally, the on/off status of the switch only indicates whether the rule is paused or not. Scheduled rules are still only active during their scheduled time.
5. Sorting and Grouping by Device Type
Sorting and Grouping by Device Type Video Tutorial
Easily see all your similar devices in one place by grouping them by device type. For example, you can quickly check if any of your security devices are down, or see what the personal devices on your network (phones, laptops, tablets, etc) were doing last.
Tap on Devices from your box's main screen, then tap the sorting icon on the top right of the screen. Tap Group By Device Type to list devices together by type.
UI Remodeling
1. Users Merged with Device Groups
Thanks to community feedback, we've updated Users to integrate all the features supported on Device Groups with Users. Users will no longer have an associated device group – instead, you can now create rules, apply features, or mute alarms directly on Users.
If you already have a user created, tap on the user's name on the Devices -> Groups list. You'll see the Activities chart and the top-used apps list side-by-side with the Flows count and Data Transferred chart.
The Users button on the box's main screen is still the main way to access the Users feature. Creating or editing Users can be done from there.
2. The Apps Tab Removed from Flows
We've removed the Apps tab from the Flows page – the app activity detection method we used for the Apps tab generalized flows to apps, which sometimes resulted in inaccuracies. Our new app usage detection method, which focuses on specific apps, is much more accurate.
You can find app activity measurements for individual devices, device groups, and users by tapping into their detail page (see activity information for devices and device groups above).
Enhancements
1. Hit count on the rules list
Quickly see each of your rules' hit counts right from the rules list. This is helpful for understanding which of your policies is most "popular" and which may be unnecessary. Tap on Rules from your box's main screen, then tap on any list of rules. Each rule's hit count will be shown on its right side.
With this release, you can also reset the total hit count of all rules from the Rules page.
2. Ingress Firewall safeguards (Router Mode only)
When in Router mode, Firewalla automatically includes a default ingress firewall that blocks unwanted connections attempting to intrude into your network (in previous versions of the app, this is the "Block Traffic from the Internet on All Devices" rule).
To ensure your network is always protected, we're introducing some safeguards to make it harder to accidentally disable the ingress firewall. On your Rules list, you'll now see that the ingress firewall is shown separately from the other rules. If it gets turned off, we'll show a warning asking for confirmation.
Bug Fixes
- Fixed the issue where the Internet Speed Limit may be set to 1 Mbps in Smart Queue rules after using Auto-Configuration wizard.
- Fixed the issue where the “Block” function is not available in the dynamic button when multiple rules are applied matching the same target.
- Fixed the issue where creating QoS rules may fail using the iOS app.
- Added warnings/descriptions on potential false positive results in Vulnerability Scan.
- Fixed the issue where IGMP Proxy was not displayed on WAN connections with link aggregation. (Android Only)
-
Fixed the issue where BSSID was not displayed in the Wi-Fi test due to the lack of location permission.
- Fixed the issue where IP region feedback was not always available for top upload/download flows.
- Fixed the issue where the last month of 2023 may be displayed as 2024 in the Data Usage feature.
- Fixed the issue where the Abnormal Upload alarm notification would sometimes display an empty default description.
Known Issues
- [App Block & Time Limit] App Block and Time Limit rules matching TikTok, Instagram and YouTube may not work properly after being edited or paused & resumed.
How to fix: Delete the rule and recreate it. This issue will be improved in the upcoming app release. - [Time Limit] App Activities may not be cut off by Time Limit rules immediately after the activity time reaches its limit. Blocking might be delayed by up to 10 minutes or until the current gaming session ends.
How to fix: This issue will be improved in the upcoming box release. - We will allow more "rule" shortcuts in the next app release.
Comments
11 comments
Hi, is it possible to block 2 devices when their combined time online is exceeded. Say, an Xbox and iMac my son plays games on. I would like to limit his combined time on these devices to 2 hours a day? Thanks
@Andrew, you can put both devices under the user "Son" (for example). And then you can limit the game (say roblox), it will be applied to the cumulative of the two devices.
> If you need more rules on the main screen, please let us know!
I need more rules on the main screen! At least 2 please.
We will increase that limit to more than 10 in app 1.62
Thank you for the activity time limit. This was very much needed. I’m looking forward to the further expansion of this function beyond specific apps. Here I mean for instance gaming irrespectively of the platform (steam, warthunder, etc.) Also this list should be available in time usage monitor. Now I could see time spent on YouTube, but gaming or social media are not reported which makes it unreliable. Thanks for you effort and continuous improvements.
Will this release work on Firewall Blue Plus device?
yes, please see version table https://help.firewalla.com/hc/en-us/articles/360060538813-Firewalla-Software-Version-Summary
Vulnerability scans take a long time. During that time, the screen does show "Stop Scan," but it's really hard to know if the process is still going if you don't have many or any vulnerabilities. Some sort of indication or animation showing that the scans are still running, maybe even naming the current target would be good.
Can we set a time limit to a network instead of a user? With apple devices and changing IP addresses, I have created a network for each child and would like to apply rules to the network. So can I add all devices in a network to a user? Or can I apply time based rules to a network instead?
I would love to see the 'User > Time Limit' rule extended to capture any 'Traffic from & to internet' rather than having to specify exact times for each application. Very similar to what you support with a 'Block' action type rule.
I think a lot of users (parents) want this reading through these comments and others from the reddit 1.61 release forum.
https://www.reddit.com/r/firewalla/comments/1awjla2/time_limit_rule_app_161/
This would allow me to set a maximum time for each user (child), where my child could access the internet for any application/website across their devices within the maximum daily time set, allowing them to self manage where they spend their time.
Currently, the time limits can only be applied to a small set of Apps, which I think is useful, but it doesn't capture all the other internet based sites/apps out there and it requires a lot of thinking by parent and child as to what and for how long they spend on each app.
My exact setup required is:
- set scheduled start/stop times per day, i.e. my 13 year old can access any of their devices between 3pm and 8pm - YES, you support this via a block schedule rule.
- set max time per application, i.e. my 13 year old can have 30 mins of Snapchat a day, and 30 mins of Instagram - YES, you support this (well sort of, Instagram is supported on the 'Time Limit' action type rule, but not Snapchat, even though Snapchat is in your apps for the 'Block' action type)
- set overall max time for any/all internet traffic, this would mean once their overall time is used, they could not use the internet at all. - NO, you do not support this. This is a critical missing feature to have a maximum time overall spent regardless of where the users chose to use it.
I actually purchased the Firewalla Gold recently assuming this would be supported, and hope it is on the backlog somewhere?
The only reason I bought this router is because I thought I could set a global internet usage per profile. As in, my kid can choose how to spend their 2 hours of internet per day, but once they hit 2 hours, they're done.
Giving limits per app isn't very helpful at all. Will this be updated soon, or should I return the router?
Please sign in to leave a comment.