Alert feature for blocked rules on attempt to access

Comments

14 comments

  • Avatar
    Andy

    +1

    Basically any rule should have a on/off for alerts, as some rules I don't want to know about, but others I do.

    2
    Comment actions Permalink
  • Avatar
    Martins

    Any parent who would like to see this feature on their firewalla ?

    1
    Comment actions Permalink
  • Avatar
    Rolando Nispiros

    My kids are still young, but I'd like to have this feature already there, when 'they' start to get curious.

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    Ack, agree, this is a good feature.   The only issue we have with this is technical in nature;  We are going to lump this together with the feature that does accounting of blocks. 

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    I think someone is going to build a recently blocked accesses ... 

    1
    Comment actions Permalink
  • Avatar
    Martins

    @Andy good catch !

    0
    Comment actions Permalink
  • Avatar
    Martins

    Maybe by have an switch/checkbox when creating the rules that says "Alert me if the device attempt to access this website/rule" ? 

    0
    Comment actions Permalink
  • Avatar
    Jef

    Perhaps a rule in Report Only, Report Only with alert, Block, Block with alert

    Report only might be for rules that you just want to monitor but not block?

    0
    Comment actions Permalink
  • Avatar
    James Willhoite

    This would be nice.

    0
    Comment actions Permalink
  • Avatar
    Aaron

    Agreed on this one.  There are multiple use-cases.  For example, if I create a rule and not sure what the impact will be, it's best practice to run in monitor/alert before blocking.  Second, as OP said, I'd want the option to know if my child was tripping a rule, whether blocked or allowed.  An alert switch on custom rules would certainly be nice.

    0
    Comment actions Permalink
  • Avatar
    Aaron

    Another reason this would be helpful - We came to discover that the UDP ports used by "Among Us" are not detected as gaming activity by Firewalla, and are unable to add to the category.  In this case, would be great to know when it's being played, but don't necessarily want to block.  Thanks.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Good suggestions.

    In 1.972 we will have the ability to log blocked rules, or blocks.   We can evolve this into a "block" and alert, or "trigger" to alert.  Our only problem with this alert part is, it will be too noisy. 

    0
    Comment actions Permalink
  • Avatar
    Nicholas Gazzillo

    Question, "In 1.972 we will have the ability to log blocked rules, or blocks." can we also log custom allow rule use to see whom is using? Or if being used? So can update if not being hit properly, or remove rule if not seen used, etc...

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    The regular flows will show up in the network flow section. (unless I miss understood your question)

    0
    Comment actions Permalink

Please sign in to leave a comment.