Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

Traffic Flows that originate from 'firewalla' device should appear under traffic flows

Follow
Avatar
Chris Thomas

Is there a way to see the flows originated by the firewalla box itself?

There is a device in my device list which represents the firewalla gold, it shows all 5 mac addresses, and as of the latest beta update this device is now showing the WAN IP instead of the ip address of the last interface that was added to the box.  But, it doesn't show rest of the IPv4 or IPv6 addresses associated with the box, nor does it let me see the traffic flows which originate from the box itself.  I'd like to see where the box is making connections to.

 

...ct

0

Comments

5 comments

Sort by Date Votes
  • Avatar
    Firewalla
    • Edited

    You can tap on "manage network" to see the addresses.  They should be showing up in the network manager.

    As of the local traffic, not showing the local traffic is historical.  When we build the red and then the blue, the box was totally a different device ... it was a virtual firewall, and has no routing capabilities.  And because the red/blue boxes are somewhat like a router on a stick (single port router), everything will terminate and originate on the box.  Hence we can't really account for that traffic the same way.  

    Now, since we are now allowing more containers running on the box, we will likely in the future (not immediately) to start showing container traffic (these are the most interesting ones).   Not committed date yet, we are waiting to get some stats on the container usage. 

    0
    Comment actions Permalink
  • Avatar
    Chris Thomas

    I can see the 'configured' IPv4 addresses in network manager, but I have no idea what the IPv6 or IPv6 link-local addresses are.  They should show up under the device, just like all of the other devices.

    I was specifically asking about flows that 'originate' from the firewalla box, such as the outbound connection to Firewalla Cloud servers, connections to NTP servers, and the like.  Routers, and thus the firewalla, do not 'terminate and re-initiate' sessions, they simply route traffic and in most cases perform NAT for IPv4.  In the case of Firewalla, you are intercepting DNS traffic, so that would be a flow that is initiated from the box itself.

     

    0
    Comment actions Permalink
  • Avatar
    Chris Thomas

    Although, you tend to lump all of the addresses in a single line, and that might make it difficult to see which addresses are assigned to which interface.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Local traffic + VPN traffic will likely be in the near future release after we stabilize 1.971.

    What do you mean "lump all the addresses in a single line?"  can you share a screenshot? I'll have a dev look it.

    0
    Comment actions Permalink
  • Avatar
    Chris Thomas

    That statement is specifically references the way you display IPv6 addresses under a device in the Web UI.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post