Hello everyone! 👋
I've created my first OPNsense plugin:
https://github.com/hacesoft/opnsense-devicemonitor
And would like to share it with you. It's called Device Monitor - a tool for automatic network device monitoring and detection.
What the plugin does:
🔍 Automatic network device scanning (ARP + DNS)
📊 Online/offline status display
🔔 Email notifications for new device detection
🏷� Manufacturer identification using OUI database
📈 Dashboard with device overview
Technical details:
Python daemon with configurable scan interval
MVC architecture following OPNsense standards
REST API for control
Czech and English translations
The plugin is fully functional, but definitely not perfect. I would love to hear your feedback:
What could I improve?
What features would be useful?
Where did I make mistakes or violate best practices?
Any suggestions for improvements!
I'm open to constructive criticism and looking forward to your insights. Thanks for your time! 🙏
Looks interesting, and remembers me on NetalertX.
Few questions here:
QuoteRequirements
1. OPNsense 24.x or newer
2. Working SMTP configuration (System → Settings → Notifications)
3. SSH access enabled (System → Settings → Administration → Secure Shell)
4. Root password
2. Working SMTP configuration (System → Settings → Notifications)
Would it be possible to have as well notifications via webhook e.g to support ntfy instances?
3. SSH access enabled (System → Settings → Administration → Secure Shell)
4. Root password
Does this work only with a Root account? Or does this work with any active admin account with proper permissions?
Regards,
S.
Hello,
there is a new hostdiscovery service on the OPNsense roadmap that uses a rust written daemon that captures arp and ndp messages via pcap to build a database of known devices.
https://github.com/opnsense/hostwatch
https://github.com/opnsense/core/pull/9354
So something comparable is a core feature soon and integrated into a few components like aliases and captive portal.
So as feedback, you could use the existing sqlite database of the hostwatch service since its in core anyway if you want your own GUI around it.
Quote from: Seimus on January 02, 2026, 01:27:06 PMLooks interesting, and remembers me on NetalertX.
Few questions here:
QuoteRequirements
1. OPNsense 24.x or newer
2. Working SMTP configuration (System → Settings → Notifications)
3. SSH access enabled (System → Settings → Administration → Secure Shell)
4. Root password
2. Working SMTP configuration (System → Settings → Notifications)
Would it be possible to have as well notifications via webhook e.g to support ntfy instances?
3. SSH access enabled (System → Settings → Administration → Secure Shell)
4. Root password
Does this work only with a Root account? Or does this work with any active admin account with proper permissions?
Regards,
S.
Good day, it definitely wouldn't be a problem to use a webhook to send data instead of email notifications. I have something similar planned at home, where I will be sending data to a protocol center that I have on my NAS in BSD format (RFC 3164). I have the ROOT account disabled on the firewall, and I have my own Admin account on which the plugin works nicely.
Quote from: Monviech (Cedrik) on January 02, 2026, 01:29:13 PMHello,
there is a new hostdiscovery service on the OPNsense roadmap that uses a rust written daemon that captures arp and ndp messages via pcap to build a database of known devices.
https://github.com/opnsense/hostwatch
https://github.com/opnsense/core/pull/9354
So something comparable is a core feature soon and integrated into a few components like aliases and captive portal.
So as feedback, you could use the existing sqlite database of the hostwatch service since its in core anyway if you want your own GUI around it.
Have a nice day, it's not yet :), so I'll use my own solution. My plugin can even display devices that don't have an IP address :). And in the DHCP settings, 'Deny unknown clients' is enabled, then I only get the MAC address, which is what I wanted :). And to send the result by email :). If the future add-on works the same or even better, I'll use that, for now I have this :).
Quote from: Seimus on January 02, 2026, 01:27:06 PMWould it be possible to have as well notifications via webhook e.g to support ntfy instances?
Have a nice day, I added support for webhook, ntfy and custom
Quote from: hacesoft on January 03, 2026, 07:39:28 PMI added support for webhook, ntfy and custom
Wow thanks!
Regards,
S.
Wow this is amazing!
thanks for creating and sharing this tool. I'll Give it a try.
Good day, here is a link to the latest version of my Device monitor plugin: https://github.com/hacesoft/opnsense-devicemonitor
Version 2.0 is released today. Completely redesigned :). And it already looks usable :).
Hi,
Nice tool, not perfect yet but provides a good overview.
But what doesn't seem to work at all is the hostname, which is always unfilled?
Steffen
I would like to see this software rolled into one plugin together with the device discovery service added to OPNsense recently. There's some overlap in functionality.
Then again, unless the information is accumulated over a multi-layer network, i.e. across routers, I could just as well query the network management software for it. I can see how filtering MACs into FW Aliases can be useful if one manages networks on the basis of MAC addresses, but I don't.
Quote from: SteffenDE on April 20, 2026, 03:16:58 PMHi,
Nice tool, not perfect yet but provides a good overview.
But what doesn't seem to work at all is the hostname, which is always unfilled?
Steffen
Hi Steffen,
The hostname field works as follows: the plugin pulls the hostname from Services → ISC DHCPv4 / DHCPv6 → DHCP Static Mappings — specifically the Hostname field for each entry. If a device doesn't have a static mapping with a hostname defined there, the field will simply remain empty, as the plugin has no other automatic source for this information.
You can also fill in the hostname manually directly in the plugin, but note that this is stored only in the plugin's own database — it does not propagate back to OPNsense DHCP or any other system.
So the short answer: populate the Hostname field in your DHCP static mappings and it will appear automatically.
Quote from: mooh on April 21, 2026, 03:30:38 PMI would like to see this software rolled into one plugin together with the device discovery service added to OPNsense recently. There's some overlap in functionality.
Then again, unless the information is accumulated over a multi-layer network, i.e. across routers, I could just as well query the network management software for it. I can see how filtering MACs into FW Aliases can be useful if one manages networks on the basis of MAC addresses, but I don't.
The primary motivation for building this plugin was notifications — automatically alerting me (via email or webhook) whenever a new or unknown device appears on the network. That's the core value-add, and it's something OPNsense still doesn't provide natively. Everything else — custom hostnames, clickable URLs, having it all in one place — is convenience on top of that.
An important part of the plugin is also device identification — it works on several levels: hostname (pulled from DHCP static mappings, or filled in manually by the admin), a custom admin note, and vendor identification resolved from the MAC address prefix (OUI lookup). This has been part of the plugin since v1.0.
Regarding merging with the native discovery service: Device Monitor v2.0 already builds directly on the hostwatch database (/var/db/hostwatch/hosts.db), so that overlap has been intentionally addressed. Interestingly, hostwatch didn't exist at all when I started writing the plugin — it was added somewhere between v1.0 and v2.0, and I was happy to take advantage of it. The plugin no longer does its own ARP/tcpdump scanning. A nice case of the platform catching up mid-project. 🙂
On your multi-layer network point: you're right — like hostwatch itself, this plugin only sees devices on directly connected segments. For deeper topologies a dedicated NMS like LibreNMS or Zabbix would be the proper tool. This plugin targets setups where OPNsense is the network edge.
Not every plugin is for everyone — install what fits your needs. 🙂
Quote from: hacesoft on April 21, 2026, 06:38:33 PMHi Steffen,
The hostname field works as follows: the plugin pulls the hostname from Services → ISC DHCPv4 / DHCPv6 → DHCP Static Mappings — specifically the Hostname field for each entry. If a device doesn't have a static mapping with a hostname defined there, the field will simply remain empty, as the plugin has no other automatic source for this information.
As far as I can see what you call the Hostname is in fact the Description field in my Dnsmasq Hosts and not the Hostname.
Quote from: hacesoft on April 21, 2026, 06:51:56 PMNot every plugin is for everyone — install what fits your needs. 🙂
I didn't mean to belittle your effort. In fact, I appreciate every effort to improve OPNsense.
I just not sure what the size of the target audience for all this host discovery stuff is, yours and the new component of OPNsense. If I want to know what's going on on my network, I ask it directly via SNMP or an all-in-one solution like Unifi or Omada. Only small, unmanaged networks don't already provide that functionality. How many are there using OPNsense?
I have an older version of Device Monitor installed and working. It is great !!!
I am happy with it, but is there a way to update to this new version, or do I need to fully uninstall/reinstall?
Thank you.
Quote from: hacesoft on April 21, 2026, 06:38:33 PMHi Steffen,
The hostname field works as follows: the plugin pulls the hostname from Services → ISC DHCPv4 / DHCPv6 → DHCP Static Mappings — specifically the Hostname field for each entry. If a device doesn't have a static mapping with a hostname defined there, the field will simply remain empty, as the plugin has no other automatic source for this information.
You can also fill in the hostname manually directly in the plugin, but note that this is stored only in the plugin's own database — it does not propagate back to OPNsense DHCP or any other system.
So the short answer: populate the Hostname field in your DHCP static mappings and it will appear automatically.
I have hostnames defined at Dnsmasq because I think ISC is deprecated. So it would be nice to support Dnsmasq too.
Quote from: pc44 on April 23, 2026, 04:26:58 AMI have an older version of Device Monitor installed and working. It is great !!!
I am happy with it, but is there a way to update to this new version, or do I need to fully uninstall/reinstall?
Thank you.
Figured it out. Deleted the existing /tmp/opnsense-devicemonitor folder. Then downloaded, unzipped, and copied over the new files. Then just re-ran sh install.sh.
Now up-to-date. ☑️
Quote from: pc44 on April 23, 2026, 09:42:44 PMQuote from: pc44 on April 23, 2026, 04:26:58 AMI have an older version of Device Monitor installed and working. It is great !!!
I am happy with it, but is there a way to update to this new version, or do I need to fully uninstall/reinstall?
Thank you.
Figured it out. Deleted the existing /tmp/opnsense-devicemonitor folder. Then downloaded, unzipped, and copied over the new files. Then just re-ran sh install.sh.
Now up-to-date. ☑️
Good day, exactly as you asked. If you use sh install.sh, everything except the database will be deleted before installation. After installation, the plugin will be started again. If you use sh uninstall.sh, everything will be removed.
Quote from: SteffenDE on April 23, 2026, 07:49:14 AMQuote from: hacesoft on April 21, 2026, 06:38:33 PMHi Steffen,
The hostname field works as follows: the plugin pulls the hostname from Services → ISC DHCPv4 / DHCPv6 → DHCP Static Mappings — specifically the Hostname field for each entry. If a device doesn't have a static mapping with a hostname defined there, the field will simply remain empty, as the plugin has no other automatic source for this information.
You can also fill in the hostname manually directly in the plugin, but note that this is stored only in the plugin's own database — it does not propagate back to OPNsense DHCP or any other system.
So the short answer: populate the Hostname field in your DHCP static mappings and it will appear automatically.
I have hostnames defined at Dnsmasq because I think ISC is deprecated. So it would be nice to support Dnsmasq too.
Good day, I just converted my home network from ISC to DNSmasq and it will take a while before I get to it and modify the plugin. but don't worry, it will happen :).
Quote from: mooh on April 21, 2026, 10:01:40 PMQuote from: hacesoft on April 21, 2026, 06:51:56 PMNot every plugin is for everyone — install what fits your needs. 🙂
I didn't mean to belittle your effort. In fact, I appreciate every effort to improve OPNsense.
I just not sure what the size of the target audience for all this host discovery stuff is, yours and the new component of OPNsense. If I want to know what's going on on my network, I ask it directly via SNMP or an all-in-one solution like Unifi or Omada. Only small, unmanaged networks don't already provide that functionality. How many are there using OPNsense?
Hello, I recently switched from pfSense to OpnSense and this option was standard in the system and I use it to check if an uninvited guest is connecting. Or when I connect a device, I find out its IP address. I don't have unifi, or rather I only use AP AC RL and I have a classic L2, L3 switch. So OpnSense will provide me with the necessary information :). I originally wrote the plugin just for myself, but I decided to share it with others... I would like the plugin to be offered as a standard package, but that's too much for me for now :).
Good day, I have released version 2.1. which supports Dnsmasq DNS & DHCP.
Again I look forward to your reactions :).
The link is:
https://github.com/hacesoft/opnsense-devicemonitor
Quote from: hacesoft on April 25, 2026, 08:09:40 PMGood day, I have released version 2.1. which supports Dnsmasq DNS & DHCP.
Again I look forward to your reactions :).
The link is:
https://github.com/hacesoft/opnsense-devicemonitor
Thank you for this, that's better - my Hostnames are now correct.