Device Monitor - a tool for automatic network device monitoring and detection

Started by hacesoft, Today at 01:01:40 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 01:01:40 PM

Hello everyone! 👋
I've created my first OPNsense plugin:
https://github.com/hacesoft/opnsense-devicemonitor

And would like to share it with you. It's called Device Monitor - a tool for automatic network device monitoring and detection.
What the plugin does:

🔍 Automatic network device scanning (ARP + DNS)
📊 Online/offline status display
🔔 Email notifications for new device detection
🏷� Manufacturer identification using OUI database
📈 Dashboard with device overview

Technical details:

Python daemon with configurable scan interval
MVC architecture following OPNsense standards
REST API for control
Czech and English translations

The plugin is fully functional, but definitely not perfect. I would love to hear your feedback:

What could I improve?
What features would be useful?
Where did I make mistakes or violate best practices?
Any suggestions for improvements!

I'm open to constructive criticism and looking forward to your insights. Thanks for your time! 🙏
Today at 01:27:06 PM #1
Looks interesting, and remembers me on NetalertX.

Few questions here:
QuoteRequirements

    1. OPNsense 24.x or newer
    2. Working SMTP configuration (System → Settings → Notifications)
    3. SSH access enabled (System → Settings → Administration → Secure Shell)
    4. Root password

2. Working SMTP configuration (System → Settings → Notifications)
Would it be possible to have as well notifications via webhook e.g to support ntfy instances?


3. SSH access enabled (System → Settings → Administration → Secure Shell)
4. Root password
Does this work only with a Root account? Or does this work with any active admin account with proper permissions?

Regards,
S.
Networking is love. You may hate it, but in the end, you always come back to it.

OPNSense HW
APU2D2 - deceased
N5105 - i226-V | Patriot 2x8G 3200 DDR4 | L 790 512G - VM HA(SOON)
N100   - i226-V | Crucial 16G  4800 DDR5 | S 980 500G - PROD
Today at 01:29:13 PM #2 Last Edit: Today at 01:44:21 PM by Monviech (Cedrik)
Hello,

there is a new hostdiscovery service on the OPNsense roadmap that uses a rust written daemon that captures arp and ndp messages via pcap to build a database of known devices.

https://github.com/opnsense/hostwatch

https://github.com/opnsense/core/pull/9354

So something comparable is a core feature soon and integrated into a few components like aliases and captive portal.

So as feedback, you could use the existing sqlite database of the hostwatch service since its in core anyway if you want your own GUI around it.
Hardware:
DEC740
Today at 01:56:14 PM #3
Quote from: Seimus on Today at 01:27:06 PMLooks interesting, and remembers me on NetalertX.

Few questions here:
QuoteRequirements

    1. OPNsense 24.x or newer
    2. Working SMTP configuration (System → Settings → Notifications)
    3. SSH access enabled (System → Settings → Administration → Secure Shell)
    4. Root password

2. Working SMTP configuration (System → Settings → Notifications)
Would it be possible to have as well notifications via webhook e.g to support ntfy instances?


3. SSH access enabled (System → Settings → Administration → Secure Shell)
4. Root password
Does this work only with a Root account? Or does this work with any active admin account with proper permissions?

Regards,
S.

Good day, it definitely wouldn't be a problem to use a webhook to send data instead of email notifications. I have something similar planned at home, where I will be sending data to a protocol center that I have on my NAS in BSD format (RFC 3164). I have the ROOT account disabled on the firewall, and I have my own Admin account on which the plugin works nicely.
Today at 02:02:13 PM #4
Quote from: Monviech (Cedrik) on Today at 01:29:13 PMHello,

there is a new hostdiscovery service on the OPNsense roadmap that uses a rust written daemon that captures arp and ndp messages via pcap to build a database of known devices.

https://github.com/opnsense/hostwatch

https://github.com/opnsense/core/pull/9354

So something comparable is a core feature soon and integrated into a few components like aliases and captive portal.

So as feedback, you could use the existing sqlite database of the hostwatch service since its in core anyway if you want your own GUI around it.

Have a nice day, it's not yet :), so I'll use my own solution. My plugin can even display devices that don't have an IP address :). And in the DHCP settings, 'Deny unknown clients' is enabled, then I only get the MAC address, which is what I wanted :). And to send the result by email :). If the future add-on works the same or even better, I'll use that, for now I have this :).
Print
Go Up Pages1
User actions