Hide blocked flow messages for a device

Comments

6 comments

  • Avatar
    Chris Hewitt

    I don’t know if this is even possible, but I wonder if you set up your own firewall rule, through an IPtable setting, you could do this.

    maybe this would be a rule that Firewalla wouldn’t report on. 

    0
    Comment actions Permalink
  • Avatar
    David Vaughan

    Hi Chris, thank you for your suggestion. If I interpret correctly, you are suggesting an iptable rule which would fire in advance of rules inserted (are they in the same table?) by Firewalla, and thus they would be blocked before the FWG even noticed. Is that the idea? It is unclear whether it would work but it may be worth a try.

    If so, I will need to do some more reading. I have not yet attempted to ssh into the FWG, my Unix skills antedating Linux and therefore being substantially forgotten, but that does not make it unable to be done.

    0
    Comment actions Permalink
  • Avatar
    Aaron R

    This is a workaround and not a solution. Create a device group and include all devices except the NVR. Then view the blocked flows and filter on the group you created. This should display the blocked flow for all devices minus the NVR

    0
    Comment actions Permalink
  • Avatar
    Roob

    I need exactly this for exactly the same reason. Can a feature request be made? or if OP has discovered a good way to do this please let me know.

    2
    Comment actions Permalink
  • Avatar
    David Vaughan

    My solution proved easy in that it was already present but I had not yet recognised the fact. My device is a Gold and the NVR is on an isolated subnet, so instead of looking at the topmost report which aggregates all subnets, it was a simple matter of looking at the network detail for the subnet of interest, thus excluding the NVR.

    Aaron R's suggestion of groups reminded me that networks are already distinct. I should have thanked him for the trigger at the time, and do so belatedly.

    0
    Comment actions Permalink
  • Avatar
    geotrouvetout67

    I was going to post a similar feature request.

    I blocked surveillance cameras from accessing the internet, these constantly ping two cloud sites from the manufacturer and generate hundreds of thousands of hits per day. There are so many that it makes hard to look at the rest. 

    My request is not to hide blocked items from a specific device but hide the items themselves.

    For example if you were to block "google.com" and see 10,000 lines a day on the block flow, add "google.com" to a hide status so it is not visible from the main block flow but a sub flow for hidden items only.

     

    1
    Comment actions Permalink

Please sign in to leave a comment.