I'm not sure what's going on with my Blue, but it looks like a internet blocking rule is being ignored. The rule hierarchy is this:
Allow: VPN IP ranged
Block: Domains for 3 geo regions
Block: Traffic FROM the internet (This can only be done using the Beta web app)
IP Cameras Group:
Allow:Domains smtp.gmail.com and pool.ntp.org
Block: All internet traffic
With that rule set I would expect devices in the Cameras group to inherit the All Devices group's 'from the internet' blocking rule and then basically override it with its own 'from and to the internet' blocking rule, and then allow requests to the to allowed domains. So, I'm surprised to see that the camera group's traffic showing the cameras successfully phoning home the manufacturer (p2p.reolink.com). It almost looks like the rule-builder has looked at the 'from and to the internet' rule of the cameras group and then not applied it because it identified an existing internet blocking rule of All Devices, even though the All Devices rule is only a 'from the internet' block.
If I remove the pool.ntp.org Allow rule then the camera group traffic continues to show successful requests to pool.ntp.org
If I remove the 'from the internet' blocking rule of All Devices then there's no difference in behaviour.
Maybe tellingly, the 'to and from the internet' blocking rule DOES work as expected for other device groups. Also I'm wondering if the issue is related to this issue that I raised about the web beta app, because it is the same Camera group that's being affected https://help.firewalla.com/hc/en-us/community/posts/1500000266542-Web-Beta-Rule-applied-to-All-Devices-instead-of-the-group The only difference between the Cameras group and other other groups is that Camera group is alphabetically the first group (shrug)
Any thoughts anyone?
Please sign in to leave a comment.