Firewalla App version 1.51 is available on iOS / Android.
Some of the new features require box version 1.9742 or above, it is available on Firewalla Gold, Firewalla Purple, and Blue Plus.
New Features
- Alarm Sensitivity Tuning
- Alarm Filter
- UPnP Per-Network Settings
- Rules Hit Count
- Adding Destinations to Your Target Lists
- Feedback on Wrong Alarm and Speed Test Results
- Muting Activity Alarms Temporarily
- Shortcuts for flows: Allow and Route
- Temporary Access for MSP
Enhancements
- Wi-Fi WAN: 2.4ghz-only for stability
- Wi-Fi LAN: Channel Selection
- DHCP option 61
- The WiFi Speed test can now test VPN speed under network performance
1. Alarm Sensitivity Tuning (Requires box version 1.9742)
Firewalla's intelligent core constantly analyzes your behavior and sends you alarms when it detects activity that’s out of the ordinary. These algorithms offer you an extra level of protection that you can control.
In this release, we provide you with an option to tune the Alarm Sensitivity so that the behavioral alarms will be generated less or more frequently.
Tap the alarm setting icon(yes, we created a new icon) on the top right corner of the alarms list, you'll be able to set the default alarm sensitivity setting for all behavioral alarms. Two options are provided:
- Moderate: Moderate sensitivity is the current sensitivity set by Firewalla;
- Low: When choosing Low sensitivity, alarms will be generated less frequently.
As of 1.51, only abnormal upload, video activity, and gaming activity can be tuned, and each type can be set separately.
Learn more about Managing Alarms.
"Archived Alarms" is moved to the Alarm Settings page.
2. Alarm Filter
If you have a lot of alarms but are only interested in a few alarm types, instead of muting all the other alarms, you can now configure your Alarm Filter to make a list showing certain types of alarms.
The filter will be kept on your app, so if you configured the alarm filter and then quit that app, the filter items will remain selected when launching the app next time.
The rest of the alarms will be generated normally, so if the alarm filter is reset to "All Alarms", you'll be able to see all of the alarms.
3. UPnP Per-Network Settings
For users who only want to enable UPnP for specific networks, say a gaming VLAN, we are now providing the ability to configure it on your local networks separately.
In Network Manager, go to NAT Settings->Port Forwardings, tap Apply To->Specific Networks, and you can check/uncheck your networks.
4. Rules Hit Count (Requires box version 1.9742)
To help you better understand how effective your rules are, we've added a rule stats section for each rule. As of the 1.51 release, you'll be able to see how many flows are hit by a certain rule and when did the last hit happen.
The system will start to count the flows by the time the feature is released, and you may reset the count to zero for each rule separately.
If no port forwarding is placed, all incoming request will be blocked before checking rules hit count. You may see inbound blocking rule hit counts is 0.
5. Adding Destinations to Your Target Lists (Requires box version 1.9742)
A target list is a set of targets that can be used as a building block to create rules or prioritize a group of targets. Before 1.51, target Lists can only be created and updated on Firewalla Web Interface.
Now we've supported the ability to quickly add a domain or an IP address from a flow or an alarm to a target list you've created.
For example, if you already have a rule that blocks a list of targets, by simply adding a new domain to the target list, the rule will be updated automatically to block the new target.
Learn more about Target Lists.
6. Feedback on Alarms and Speed Test Results
In addition to alarm sensitivity tuning, if you found any issue with certain alarms, like being too frequent or not easy to understand, you can now provide feedback on that alarm and share your insight with us.
Incorrect category/region and inaccurate speed test results can also be reported directly through the app without opening a support case.
By making the reporting process more reachable, we hope to collect more feedback from you and improve the system further.
7. Muting Activity Alarms Temporarily (Requires box version 1.9742)
Some users have told us that, from time to time, they would like to temporarily turn off the activity alarms but do not wish to mute the alarm completely in case they forget to turn it back on. To address this issue, we are now supporting the ability to mute all Gaming Activity and Video Activity alarms on all devices for 1 hour or until the end of the day.
If you want to always mute the alarms matching specific domain on certain devices, just tap on "Always Mute" to configure it further.
8. Shortcuts for Flows: Allow and Route
Network Flows are a history of all inbound and outbound network traffic on your network, including the blocked ones.
Now, if you find a certain flow is being blocked unexpectedly, you can tap the "Allow" button at the bottom of the detail page of a blocked flow to create an allow rule based on the destination/source and the scope (device/group/network/all devices). Instead of having to turn off the feature ( e.g. ad block) completely or delete the related blocking rule, you can create exceptions and fine-tune the system easily.
The "Why is it blocked?" button is changed into "Diagnose," It can still be found at the bottom of the detail page of blocked flows.
Learn more about blocked flows.
If you need to send certain type/s of flows to another WAN or VPN, we also created a shortcut to help you do that. When you tap on the "route" button, a route rule will be created based on the destination/source and the device/group/network or all the flow devices.
Learn more about policy and content-based routing.
9. Temporary Access for MSP
If you are an MSP admin who helps manage customers' Firewalla boxes, you can turn on Temporary Access on any box to get full control of it using the Firewalla App on any mobile phone.
Turn on temporary access on MSP UI and use the Firewalla app to scan the code generated, and you'll be able to make complex network configurations or troubleshoot on a customer's box using the mobile app, without having to go through the pairing process or have physical access to the Firewalla box.
Learn more about Firewalla MSP.
Enhancements
- [Wi-Fi] Supported locking Wi-Fi networks to 2.4 GHz only to increase the stability of Wi-Fi WAN connections. If you are connecting the Firewalla box to a Wi-Fi network with mixed channels (5GHz & 2.4 GHz), and 5GHz is not stable, you can tap the "i" icon and turn on the option: 2.4 GHz Only. Please don't enable this feature unless this wifi SSID supports 2.4 GHz, or it may fail to connect.
- [Wi-Fi] Supported selecting a less crowded channel for Wi-Fi LAN networks.
If you are using the Firewalla Purple or the Firewalla WiFi SD in AP mode, by default, the Channel Selection method is Automatic. If this doesn't work as expected, you can tap to change the selection method to Manual, the app will list all the available channels, so you can select a better channel to avoid Wi-Fi congestion.
- [IPv6] Disabled and hid the IPv6 section on boxes in DHCP mode, as IPv6 traffic monitoring and routing are not supported in DHCP mode.
- [VPN Client] Able to show connectivity logs when VPN connections fail. The log can also be found at the bottom of each VPN profile page. Only logs of the current session will be kept, and the log for WireGuard VPN is not supported yet.
- [Search Domain] Supported clearing search domain. The app will clear the search domain instead of keeping the default value (LAN), when the search domain is deleted.
- [Flows] Able to pull down to refresh the flows/blocked flow page (iOS).
- [Local Domain] Supported a more flexible format for local domain names (iOS).
- [Simple/DHCP Mode] Able to detect large subnet on the upstream network in Simple/DHCP Mode.
- [Speed Test over VPN] Able to test the VPN speed when connecting to Firewalla VPN server from outside your network. (Network Performance -> Scroll down to the bottom)
- [DHCP Option] Supported DHCP Option 61 (Client Identifier) on WAN connections.
Bug Fixes
- Fixed the issue of showing DMZ as off when it's on. (iOS)
- Fixed the issue of showing the incorrect IP address on WireGuard VPN devices.
- Removed several unavailable options for alarm handling on Firewalla Blue and Red.
- Fixed several typos and minor UI issues.
Comments
4 comments
When will 1.9742 be available?
Gold will likely be deployed in the next few days, purple and blue plus will come later.
Loving my gold more and more. Thx Firewalla team!
ps. can you put the option to choose specific site and servers in speedy test? for example in my config i will put in São Paulo server SpeedTest Ookla company.
See ya.
We are planning something in 1.52 to turn the speed test a bit better.
Please sign in to leave a comment.