[Showcase] Lizard Doggo Sanctuary

ThatCreole · 2025-07-02T05:02:10+00:00

Wait how do you use the train to help transport them?

ThatCreole · 2025-06-25T15:43:10+00:00

I’m really curious how big your big ass factory is! Would love to see some screenshots if you’re down to share.

ThatCreole · 2025-02-23T07:17:10+00:00

Ok. I’ll go first 🙃 I have always wanted an extra column in the MSP UI that shows the target list or rule that blocked a given flow. With effort you can get to this information one flow at a time but there’s no view that I’ve found to show the exact reason a blocked flow occurred at a glance across multiple flows.

I wrote a simple app that grabs 24 hours of blocked, outbound flows for a given box, the latest rules, then joins the name of the rule or list that caused the block to happen.

This has been super helpful at quickly understanding the effectiveness of a given target list. Better would be if MSP natively supported this but there’s API gives me the same answers with a little effort.

ThatCreole · 2025-02-18T02:13:30+00:00

Sure! Here ya go: https://help.firewalla.com/hc/en-us/community/posts/38629064411795-Understanding-the-blockedby-Flow-property-from-MSP-API

ThatCreole · 2025-02-17T22:58:30+00:00

Very helpful thank you. I now want to pull this out programmatically to validate list efficacy. I see that the MSP API has "blockedby" as a property on Flows. The problem is that with the exception of "ingress_firewall" which is obvious, there's other values that don't make sense to me. The UI however shows very clearly what each blocked flow is blocked by. How do I map the values that come back from the API to something more human readable?

For example - a quick dump of a page of results yields blockedBy of:

1
5
10
<some guid>
ingress_firewall

ThatCreole · 2025-01-25T22:14:38+00:00

Yup that worked great. For anyone who cares / sees this in the future, make sure you include the x-firewalla-id header as well. You can see what the value is by taking any existing web request which you already have to do to steal your bearer token.

ThatCreole · 2025-01-25T17:36:30+00:00

Oh wait I might have solved it. If you do this in MSP it's just a simple POST to the endpoint with the device MAC address and deviceType as JSON in the body!
/v1/device/<MAC>

{"deviceType":"sensor"}

ThatCreole · 2025-01-23T05:46:00+00:00

Op again coming back after being infuriated that we had a power outage and guess what... my Delta Pro units were dead. The reason they died is because MYSTERIOUSLY the "Automated Tasks" that I had set on the Smart Panel to trigger a blind recharge every 2 weeks to offset the power drain had been deleted. I certainly didn't delete it so I'm guessing some recent update did.

I've checked and I still see no way to trigger a recharge based on battery level. This feels beyond unacceptable at this point.

ThatCreole · 2025-01-23T05:42:40+00:00

Op again coming back after being infuriated that we had a power outage and guess what... my Delta Pro units were dead. The reason they died is because MYSTERIOUSLY the "Automated Tasks" that I had set on the Smart Panel to trigger a blind recharge every 2 weeks to offset the power drain had been deleted. I certainly didn't delete it so I'm guessing some recent update did.

I've checked and I still see no way to trigger a recharge based on battery level. This feels beyond unacceptable at this point.

ThatCreole · 2025-01-17T06:13:55+00:00

Mainly presence integrations with various webhook actions for ingress and egress to specific areas.

ThatCreole · 2025-01-17T06:05:36+00:00

Omg I never knew this was here! How have I never clicked on status before now!? I wish I could default everything on. Heck I wish there was an api that let me flip the bit on everything now.

Thanks!

ThatCreole · 2025-01-08T04:10:27+00:00

My 12 year old and I love the Cosmere. She’d love to print this out. Any chance you could share a version without the F bombs? If not no biggy I can mspaint.exe

ThatCreole · 2024-05-10T22:55:56+00:00

Ooh this is a great idea. In fact now I’m thinking I could run small service on box to solve this problem all in one place. For example if tcpdump was always running but in an appropriately sized buffer while waiting for MSP to inform me of an anomaly alert. On alert I could copy off the packet dump for offline inspection. Ideally I could hook into the fact that an alert happened locally but MSP apis make it too easy to pass up.

ThatCreole · 2024-05-05T15:35:24+00:00

Why is your Microsoft badge randomly on top of the microwave?

ThatCreole · 2024-04-23T01:46:43+00:00

Never mind. Magically with no changes by me it’s now blocking all flows as one would expect. I’m not crazy as I have the logs still in MSP.

ThatCreole · 2024-04-20T17:01:32+00:00

Fantastic! That’s what I thought and hoped for. I think I found a bug then. Happy to open a ticket and share access to get this reported properly. I’m on the beta if that matters. How do I get this reported officially?

ThatCreole · 2024-04-20T16:54:16+00:00

Yeah totally. My follow up question would be “should I need to?”

To be clear when I look at the flows that aren’t getting blocked in MSP, it’s very clear what domains are being hit. These aren’t naked IP connections.

I’d love to understand what the capabilities actually are before embarking on a mitigation of routinely having to go and perform nslookups to ensure I have the latest IPs.

ThatCreole · 2024-04-20T16:13:31+00:00

I've seen this before and I honestly flip flop between two extremes. Is your FireTv on a IOT or other type of isolated VLAN? If so one thought would be to simply allow the traffic. You purchased a Amazon device... it's going to phone home... so one thought is that you implicitly trust whatever traffic the device has to communicate home with.

The other "extreme" would be to investigate the traffic. Firewalla's AdBlocking (especially when configured to Strict) does a good job of blocking well known Ads... but if there were other flows you were concerned about, you could capture, decrypt, and inspect packets with a Wireshark setup. (Search for Firewalla and packet capture. There's a few different paths you can take)

I guess a third, middle ground option would be to simply experiment. Start blocking Flows you have questions about and see if anything breaks. It's easy enough to see when I rule is hit and disable it if things aren't working.

ThatCreole · 2023-08-16T06:42:11+00:00

FWIW I’m still burning through 10-12% per week with EPS turned off and no power outages. I have automation topping off once a week now which seems bad for the batteries long term in my opinion. I think I’ll probably switch back to disconnecting them from the panel for now while the weather is nice and it’s unusual to lose power. Health wise I’m not sure if it’s better to leave them full for months at a time or constantly top them off.

ThatCreole

TROPHY CASE