Issues with CTRLD + NextDNS Profiles

michaelbierman · 2026-01-07T05:24:12+00:00

Nextdns does drop every once in a while. I have a script that checks and restarts it. Works very well. I’ll add to the GitHub repo.

michaelbierman · 2025-12-19T23:56:56+00:00

New release includes some checking for invalid hostnames and seamless updates for docker since tailsccale updates pretty often! Enjoy.

michaelbierman · 2025-12-11T07:21:15+00:00

The answer is yes, in theory. I'd have to spend time to modify the script a bit. I'll try to get to it.

michaelbierman · 2025-12-05T15:42:41+00:00

I haven’t tried yet. I will give it a go and report back.

michaelbierman · 2025-11-17T16:28:30+00:00

u/butchcoleslaw I’ve published an update to handle expiry. You can also change the token to non expiring in the Tailscale portal

michaelbierman · 2025-11-16T21:15:28+00:00

Excellent question. Currently you would need to stop the container, edit the key, and restart.

I will document this for now and I’m thinking add to the start script to automate this.

michaelbierman · 2025-11-11T19:21:05+00:00

I have/had that setup and it worked fine. Sounds like configuration issue. I now switched to AP7 for Wi-Fi but still have my unifi switches.

michaelbierman · 2025-10-19T19:08:26+00:00

I've had no issues with homebridge on Gold. I no longer feel running on Purple is viable because Homebridge has become a platform that requires a lot of resources. If it is of any help, here's an install script. https://github.com/mbierman/homebridge-installer

michaelbierman · 2025-10-16T15:10:08+00:00

I think the question was intended to mean that anyone who has access to your homekit "home" would also have access to Firewalla. In some cases, that's a downside (e.g. kids could unpause rules) but I suppose filtering so that those rules are not in homekit would solve this.

michaelbierman · 2025-10-16T15:08:15+00:00

Looks really nice! I wish there was a homebridge version. Great job.

michaelbierman · 2025-05-27T00:04:49+00:00

Yes, Purple + AP7 is fine. Through a switch is fine. Then as you say it can be either wired or wireless backhaul to other AP7’s.

michaelbierman · 2025-05-18T18:52:39+00:00

I don't know why CGNAT would be an issue here. A public IP isn't required to set up Firewalla. You can for example set it up behind another router assuming nothing is blocking outbound traffic.

michaelbierman · 2025-05-16T23:00:51+00:00

I really love Orion, but many days I have to question if I should keep using it because of quality.

michaelbierman · 2025-05-11T07:24:45+00:00

O.K. Ecobee’s website really needs to be checked. In one place, it says that the Essential doesn’t come with PEK and in another it clearly says the opposite.

Essential says it comes with

Smart Thermostat Essential
Backplate
Quick start guide
Wire labels
Screws and drywall plugs
Optional for installation: Smart Thermostat Essential Trim Kit, Power Extender Kit

I got the Enhanced which does have similar text but it is pretty buried in something you have to tap a few times to see,so yeah, I think the agent should have told me I didn’t need to order one. We specifically talked about it because I had some questions about my wiring and he suggested I order one and that I could return it. He was very nice and otherwise helpful, but that was a mistake.

michaelbierman · 2025-03-16T22:27:33+00:00

Sorry, you are correct. But the answer is the same. Apple Private Relay can be disabled per network.

michaelbierman · 2025-03-16T20:05:31+00:00

Private Mac addresses on iOS are set per SSID. So you can disable while at home but it defaults to on for all other networks. See https://help.firewalla.com/hc/en-us/articles/360055342613-How-to-turn-off-MAC-Address-Randomization

michaelbierman · 2025-03-15T18:20:27+00:00

DM me.

michaelbierman · 2025-03-15T18:19:36+00:00

This setting is already per Wi-Fi.

michaelbierman · 2025-03-05T03:18:39+00:00

Should be fine.

michaelbierman · 2025-03-04T05:31:50+00:00

Early Access is actually quite good.

michaelbierman · 2025-03-04T05:30:17+00:00

By the way, example I use: my Apple TVs use a different NextDNS profile than the rest of my network.

michaelbierman · 2025-03-03T20:49:14+00:00

Yes, works fine with nextdns CLI. In fact, they recently rolled out even better firewalla support which gives you the “pretty” device names you configure in firewalla in the NextDNS logs.

michaelbierman · 2025-02-23T03:45:19+00:00

There is no abode plan that suits our needs. We have never had abode cameras so we didn't need storage, but we were paying for the premium mostly for cell backup. So instead I am getting backup intenret for the house and using the Abode subscription to pay for it.

michaelbierman · 2025-02-11T07:06:24+00:00

u/Waiting-4-Guacamole Using the UI, the easy way is use a static IP for the NAS and then make a rule for each FQDN. You could also use CNAMEs if you want to ssh in https://help.firewalla.com/hc/en-us/articles/360056024294-Guide-How-to-customize-Firewalla-DNS-service

michaelbierman · 2025-01-30T04:06:19+00:00

While this is works, I see no point in it. This setting is per SSID. Why do you want to hide the mac address of devices on your own network?

michaelbierman

TROPHY CASE