firewalla-mcp
Provides tools for managing Firewalla network security boxes, including listing and inspecting boxes, alarms, devices, and flows, as well as creating, pausing, resuming, and deleting firewall rules and target lists through the Firewalla MSP API.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@firewalla-mcplist devices on my Firewalla"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
firewalla-mcp
A local MCP server exposing the Firewalla MSP API — boxes, alarms, rules, devices, flows, target lists, and trends — as tools for Claude Code and other MCP-compatible clients.
Full read/write: list and inspect your Firewalla boxes, alarms, devices, and flows, and create/pause/resume/delete firewall rules and target lists, all from natural-language requests to your AI assistant.
Prerequisites
An MSP-managed Firewalla box, and an MSP API personal access token (Firewalla MSP dashboard → Settings → API)
uvinstalled (curl -LsSf https://astral.sh/uv/install.sh | sh)
Related MCP server: Firewalla MCP Server
Setup
git clone https://github.com/djuntgen/firewalla-mcp.git
cd firewalla-mcp
uv syncThe server reads two environment variables at startup:
Variable | Description |
| Your MSP domain, e.g. |
| Your Firewalla MSP API personal access token |
Export them however fits your workflow — a .env file loaded by your shell, a secrets manager, or directly:
export FIREWALLA_MSP_DOMAIN="your-alias.firewalla.net"
export FIREWALLA_TOKEN="$(op read 'op://Vault/Firewalla PAT/password')" # example using 1Password CLIRegister with Claude Code
claude mcp add firewalla --env FIREWALLA_MSP_DOMAIN="your-alias.firewalla.net" --env FIREWALLA_TOKEN="your-token" -- uv run --project /path/to/firewalla-mcp firewalla-mcpThis registers the server at local scope (machine-specific, not committed to a shared .mcp.json).
Tools
One tool per Firewalla MSP API v2 operation:
Category | Tools |
Boxes |
|
Devices |
|
Alarms |
|
Rules |
|
Flows |
|
Target Lists |
|
Trends |
|
Full read/write — there is no server-side dry-run gate on writes. Rely on your MCP client's normal confirmation prompts before destructive actions (delete_rule, delete_target_list, delete_alarm).
Error handling
HTTP 4xx responses fail immediately. HTTP 5xx responses and connection errors are retried once (0.5s backoff) before failing, raising FirewallaAPIError(status_code, body).
Development
uv sync
uv run pytest -vTests are fully mocked (respx) — no real Firewalla API calls or credentials are needed to run the suite. See CONTRIBUTING.md.
License
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/djuntgen/firewalla-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server