Firewall rules question

Comments

3 comments

  • Avatar
    Chris Thomas

    https://help.firewalla.com/hc/en-us/articles/360008521833-Manage-Rules

    It's a little different than a traditional firewall.  It's a default Allow, Allows override Blocks, and there is no 'ordering', but they are culminative, or layered.  When you look at a device, you can see any rules defined for that Device (or Device Group) and the rules inherited from the Network.

    For instance...

     

    Network = IOT_NETWORK

    1. Block "Traffic to All Local Networks'


    Device Group = home_iot_speakers

    1. Block "Traffic to Internet"
    2. Allow to region "United States"
    3. Allow to domain "scdn.co:443"

     

    Effect;

    * Devices within home_iot_speakers would be able to access any IP registered to US, and where the domain is scdn.co on port 443, even if it's outside the region.  (scdn.co happens to be Spotify CDN, and my speakers keep hitting IPs registered to Sweden)

    * All other devices within IOT_NETWORK would be blocked from accessing other local networks, but allowed to internet.

     

    0
    Comment actions Permalink
  • Avatar
    A M

    This was super helpful! Thanks.

    I also saw another similar question a from a week ago where some rules default to being bi-directional and others are not. This is all very different from what I’m used to in other firewalls (not saying bad, just different and would like to really understand it). Is there a full comprehensive explanation document of how the rules work in the FWG? Everything that I’ve read is relatively high level.

    0
    Comment actions Permalink
  • Avatar
    Chris Thomas

    I just posted about this in the General Discussion space in an effort to bring awareness to it.

    https://help.firewalla.com/hc/en-us/community/posts/4406900595219

     

     

    1
    Comment actions Permalink

Please sign in to leave a comment.