firewalla / firewalla Goto Github PK
View Code? Open in Web Editor NEWhttp://firewalla.com
Home Page: https://help.firewalla.com
License: GNU Affero General Public License v3.0
http://firewalla.com
Home Page: https://help.firewalla.com
License: GNU Affero General Public License v3.0
Although after rebooting the device, IOS app still show "try later or reboot the device" .
Not seen porn notification any more with the next-gen notification code. testing this feature is fun for sure #
This might be caused by the arp hole, or the blocked traffic is still recorded by the kernel. The traffic may leak couple.
When blocked an site/ip address in an alert and go back to main window, it's not appear in the "Blocked Sites" section. Need close the app and reopen it to see the site/ip address in the "Blocked Sites"
Color and the bar
"from": "Unamed"
},
"mtype": "msg"
}
================= request body end =================
Received jsondata { mtype: 'init',
id: 'E390D0DA-DF19-407A-8864-CB0EF77F11E1',
data: { get: '0.0.0.0' },
type: 'jsonmsg',
target: '0.0.0.0' }
Process Init load event
POST /v1/encipher/message/76025c0d-c418-4417-a2e4-f3aa96cb4f87 500 420.893 ms - 678
Error: Cannot find module 'character-parser'
at Function.Module._resolveFilename (module.js:325:15)
at Function.Module._load (module.js:276:25)
at Module.require (module.js:353:17)
at require (internal/module.js:12:17)
at Object. (/home/pi/.node_modules/jade/lib/lexer.js:4:23)
at Module._compile (module.js:409:26)
at Object.Module._extensions..js (module.js:416:10)
at Module.load (module.js:343:32)
at Function.Module._load (module.js:300:12)
at Module.require (module.js:353:17)
SOCKET newMsg From Group indicator
Received jsondata { mtype: 'init',
id: 'E390D0DA-DF19-407A-8864-CB0EF77F11E1',
data: { get: '0.0.0.0' },
type: 'jsonmsg',
target: '0.0.0.0' }
Process Init load event
TypeError: Cannot read property 'monitoringInterface' of undefined
at toJson (/home/pi/firewalla/net2/HostManager.js:1129:63)
at netBot.msgHandler (/home/pi/firewalla/controllers/netbot.js:953:38)
at /home/pi/firewalla/lib/ControllerBot.js:103:34
at /home/pi/firewalla/encipher/lib/encipherio.js:746:26
at Request._callback (/home/pi/firewalla/encipher/lib/encipherio.js:717:17)
at Request.self.callback (/home/pi/.node_modules/request/request.js:187:22)
at emitTwo (events.js:87:13)
at Request.emit (events.js:172:7)
at Request. (/home/pi/.node_modules/request/request.js:1044:10)
at emitOne (events.js:77:13)
xxxx
setAppHandler is deprecated! Pass it to the constructor instead.
2017-04-15 20:00:53.993675 Encipher[367:207496] Firewalla Request URL: http://192.168.2.226:8833/v1/encipher/message/6d097b32-3e9f-4fc3-a71c-6e6231466f83
2017-04-15 20:00:53.995750 Encipher[367:207496] [Firewalla] Channels LAN,CLOUD are selected
2017-04-15 20:00:53.995846 Encipher[367:207496] Trying to send message via LAN
2017-04-15 20:00:53.996090 Encipher[367:207496] Start sending direct message to url http://192.168.2.226:8833/v1/encipher/message/6d097b32-3e9f-4fc3-a71c-6e6231466f83
2017-04-15 20:00:53.997131 Encipher[367:207496] Firewalla Request URL: http://192.168.2.226:8833/v1/encipher/message/6d097b32-3e9f-4fc3-a71c-6e6231466f83
2017-04-15 20:00:56.706352 Encipher[367:207496] ===reloading successfully===
2017-04-15 20:00:56.706877 Encipher[367:207496] fboxInitialized called
2017-04-15 20:00:56.710564 Encipher[367:207496] fboxInitialized called
2017-04-15 20:00:59.059184 Encipher[367:207496] ===reloading successfully===
2017-04-15 20:00:59.059519 Encipher[367:207496] fboxInitialized called
2017-04-15 20:00:59.065932 Encipher[367:207496] fboxInitialized called
2017-04-15 20:01:17.426008 Encipher[367:207496] Looking at service cameraffbe22
2017-04-15 20:01:27.246737 Encipher[367:207496] Dismiss loading dialog due to timeout
2017-04-15 20:01:46.931084 Encipher[367:207496] [Firewalla] Channels LAN are selected
2017-04-15 20:01:46.931194 Encipher[367:207496] Trying to send message via LAN
2017-04-15 20:01:46.931367 Encipher[367:207496] Start sending direct message to url http://192.168.2.226:8833/v1/encipher/message/6d097b32-3e9f-4fc3-a71c-6e6231466f83
2017-04-15 20:01:46.932226 Encipher[367:207496] Firewalla Request URL: http://192.168.2.226:8833/v1/encipher/message/6d097b32-3e9f-4fc3-a71c-6e6231466f83
2017-04-15 20:01:46.940176 Encipher[367:207496] [Firewalla] Channels LAN are selected
2017-04-15 20:01:46.940317 Encipher[367:207496] Trying to send message via LAN
2017-04-15 20:01:46.940512 Encipher[367:207496] Start sending direct message to url http://192.168.2.226:8833/v1/encipher/message/6d097b32-3e9f-4fc3-a71c-6e6231466f83
2017-04-15 20:01:46.941209 Encipher[367:207496] Firewalla Request URL: http://192.168.2.226:8833/v1/encipher/message/6d097b32-3e9f-4fc3-a71c-6e6231466f83
blocked site need to be organized under the device view. this is easier for people to look and search.
going to limit scans only /24
the ip_address might be null if the cable is not plugged in, need to double check before accessing it
6 seconds may not be enough for locations such as China.
Reenable bit bridge 6 for ipv6 support. Only in master branch please.
+ sudo cd /etc/openvpn/easy-rsa
sudo: cd: command not found
+ sudo source ./vars
sudo: source: command not found
current solution is always offer 5 min of 'rejoin' time. to have phone having opporutnity to bind to firewalla.
this is to fix the problem where people change phones ...
will need to look at this at later stage, there may be evil people:
Buildraw needs to be more flexible, reliable and use local mirrors to boost the process.
alpha testers's environment, firewalla may change ip address (very frequently), and some devices as well. need to ensure firewalla vpn will rebuild using upnp, if no upnp ... warn the user.
future need ability to bind firewalla to a specific ip
bone api some times will fail due to
2016-09-19T18:31:08.038Z - info: FlowManager:FlowSummary not enough flows
Error while requesting { [Error: connect ENETUNREACH 10.10.10.10:443]
code: 'ENETUNREACH',
errno: 'ENETUNREACH',
syscall: 'connect',
address: '10.10.10.10',
port: 443 } Error
at Request._callback (/home/pi/firewalla/lib/Bone.js:209:25)
at self.callback (/home/pi/firewalla/node_modules/request/request.js:187:22)
at emitOne (events.js:77:13)
at Request.emit (events.js:169:7)
at Request.onRequestError (/home/pi/firewalla/node_modules/request/request.js:813:8)
at emitOne (events.js:77:13)
at ClientRequest.emit (events.js:169:7)
at TLSSocket.socketErrorListener (_http_client.js:269:9)
at emitOne (events.js:77:13)
at TLSSocket.emit (events.js:169:7)
current debugging is pretty much setup via code. Problem of this, it is hard to setup a dev debugging vs production debugging. Need something like a json file to describe the debug levels of the systems
[ OK ] Started Update UTMP about System Runlevel Changes.
[ OK ] Unmounted /var/log.hdd.
[ OK ] Stopped target Local File Systems.
Starting Unattended Upgrades Shutdown...
Also hangs here
[ OK ] Stopped Create Volatile Files and Directories.
Stopping Load/Save Random Seed...
[ OK ] Deactivated swap /var/swap.
[ OK ] Stopped Load/Save Random Seed.
More
[ OK ] Stopped Restore / save the current clock.
[ OK ] Stopped Load/Save Random Seed.
[ OK ] Deactivated swap /var/swap.
More
[ OK ] Stopped target Remote File Systems.
[ OK ] Stopped target Remote File Systems (Pre).
More: With new image latest, having problems still reboot. (running 4 stress sessions)
[ OK ] Stopped /etc/rc.local Compatibility.
[ OK ] Stopped target Network is Online.
[ OK ] Stopped Network Manager Wait Online.
[ OK ] Stopped Session 7631 of user pi.
host ip address will move. acl need to know when hosts that might change ip and move the acl to a different place.
Counters are not updated
instead it should use local ISP DNS
result in NaN
2016-10-18T19:46:37.136Z - info: Flowgraph:Action: clean [{"id":0,"app":{"firewalla":[[1476791123,1476819945,7157768,8776136]],"apple":[[1476811092,1476819289,928998,3136936]],"linkedin":[[1476814256,1476819177,425518,311017]],"wechat":[[1476800807,1476819206,92462,77245]],"facebook":[[1476814343,1476818880,103503,1293882]],"youtube":[[1476814294,1476815110,14708,1296694],[1476813058,1476814294,760533,193977069]]},"activity":{"games":[[1476814357,1476814365,1642,5726],[1476814345,1476814355,1584,5713]]}}]
2016-10-18T19:46:37.136Z - debug: Removing self and apple
2016-10-18T19:46:37.136Z - debug: Removing self and apple
2016-10-18T19:46:37.136Z - info: Flowgraph:Parse:App:linkedin TimeFrame 4921 data 736535 flowcount NaN ratio NaN rate 149.67181467181467
sd card is slow thus it is very slow to copy log file to last_ log file
in file brotab
0 0/20 * 1/1 * ? * /home/pi/firewalla/etc/bro-cron2 >/dev/null 2>&1
0 0 4 1/2 * ? * sudo /sbin/shutdown -r +5
0 0 0/12 1/1 * ? * /home/pi/firewalla/scripts/clean-log
The shutdown statement is not working. seems the cron time is not correct (or standard). Need to fix this. the shutdown and reboot will help to clean things ... in case something bad happens
IPv6 bitbridge was turned off due to some issues with pulling traffic via neighbor discovery protocol. Need to debug this and deploy
Flows Send to the user pretty much is 'everything'. even if the flow is like a ping, or grab something simple. (such as wechat notification).
If flow time frame or byte is small, should just drop it as insignificant when send back to UI. (This should be done in flowmanager, and only after detection of bad things).
have user visit firewalla box and define the name of the device that the visit is from.
http://192.168.2.100/iam/JerryIPhone
or
http://firewalla.local/iam/JerryIPhone
or
http://firewalla.local/iam
// above will update name of the device visiting from to "just visited"
In "activating" status for a very very long time. (over 5 mins)
pi@Firewalla:~/.forever$ sudo systemctl status firewalla
● firewalla.service - firewalla
Loaded: loaded (/etc/systemd/system/firewalla.service; enabled; vendor preset: enabled)
Active: activating (start) since Wed 2017-04-19 13:58:35 UTC; 6min ago
Main PID: 1399 (main-run)
CGroup: /system.slice/firewalla.service
├─1399 /bin/bash - /home/pi/firewalla/scripts/main-run
├─1465 sudo systemctl start ntp
└─1467 systemctl start ntp
Apr 19 13:58:35 Firewalla systemd[1]: Starting firewalla...
Apr 19 13:58:35 Firewalla pi[1401]: Wed Apr 19 13:58:35 UTC 2017
Apr 19 13:58:38 Firewalla main-run[1399]: sudo: ntpdate: command not found
Apr 19 13:58:38 Firewalla sudo[1465]: pi : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/bin/systemctl s
Apr 19 13:58:38 Firewalla sudo[1465]: pam_unix(sudo:session): session opened for user root by (uid=0)
if there are multiple devices in the same subnet, all the later devices (except the first one) will fail to send broadcast messages. Because all of them use the same service name, bonjour lib will throw exception if the service name is already used on the network.
Date.now() at left or Date.now() at right. Comment from George.
for events, no need to show map display. map should only be there to show people that their data is far away @MelvinTo
Better discovery is needed. We are discovering device names much less accurate than a router would do. Need to tap into dhcp packet and see if we can do something quicker. Comment source: George
need to change icon or redefine it. Feedback from George
"The biggest problem I see so far is false alarm. One of the device is offline and the ip is released, new device picks up the ip, but your app still uses the old device name for the new device. It also causes the same name has two up addresses when the old one comes online again." From George.
I'd suggest updating the device list when user hit refresh button on the top right. Because the wrong mapping between ip and name is very annoying. -george
looking at DNScript and see if we make it into a feature in the future. (Customer request)
this might be a bug in systemd, even when bro crashed (the pid file is deleted). Systemd still thinks bro is up. which causes the system to pretty much dead.
Need a small cron script to double check bro. or look at brofish.service and see why it is not detecting the crash.
When sorting upload and download, the are the same result in the device screen
Always gets two notifications with same content.
This password should be dynamically set by firewalla owner once connected. And can be reset by the app
Add watchdog feature to blow up firewalla if network is dead
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.