[Multi-VLAN scanning] - Githubissues

leiweibau / Pi.Alert

Scan the devices connected to your WIFI / LAN and alert you the connection of unknown devices. It also warns if a "always connected" device disconnects. In addition, it is possible to check web services for availability. For this purpose HTTP status codes and the response time of the service are evaluated.

https://leiweibau.net

GNU General Public License v3.0

334 stars 25 forks source link

[Multi-VLAN scanning] #299

Closed dustingrady closed 1 month ago

dustingrady commented 2 months ago

It would be very nice to be able to scan across multiple VLANS by specifying the IP ranges (such as 192.168.0.0/16).

Currently, it appears to only scan the /24 of the network it is installed on.

leiweibau commented 2 months ago

Pi.Alert can scan all networks to which it is connected via a physical or virtual network card.

['192.168.1.0/24 --interface=eth0','192.168.2.0/24 --interface=eth1']
The last configuration is necessary if several networks are to be monitored. 
For each network to be monitored, a corresponding network card must be configured.
This is necessary because the "arp-scan" used is not routed, i.e. it only works within its own subnet. 
Each interface is entered here with the corresponding network. 
The interface designation must be adapted to the conditions of the system.

dustingrady commented 2 months ago

Thanks so much for the reply! So if I have this running on a trunk'd interface, I should just be able to specify as follows using the same interface?

SCAN_SUBNETS = [ '192.168.1.0/24 --interface=ens18', '192.168.2.0/24 --interface=ens18', '192.168.3.0/24 --interface=ens18' ]

leiweibau commented 2 months ago

It may be that this also works. I have only tried it a few times in a virtual environment with several interfaces. With the virtual interfaces, I actually had these in mind

SCAN_SUBNETS = [ '192.168.1.0/24 --interface=ens18', '192.168.2.0/24 --interface=ens18:0', '192.168.3.0/24 --interface=ens18:1' ]

dustingrady commented 2 months ago

Ah, so each interface would be assigned to a different VLAN. That makes sense. Is there by chance a way to scan the different SCAN_SUBNETS definitions via ICMP (iterating over a range of IPs) or is that not currently supported?

leiweibau commented 2 months ago

Is there by chance a way to scan the different SCAN_SUBNETS definitions via ICMP (iterating over a range of IPs) or is that not currently supported?

Unfortunately not. This option is not available at the moment. I have addressed the difficulty of implementation here.

https://github.com/leiweibau/Pi.Alert/issues/271#issuecomment-1992650670

https://github.com/leiweibau/Pi.Alert/issues/272#issuecomment-2021257018

https://github.com/leiweibau/Pi.Alert/issues/272#issuecomment-2021531373

dustingrady commented 1 month ago

I was actually able to accomplish this using 1 Pi Alert instance and setting multiple network interfaces on the Proxmox instance that hosts the VM. I then setup each interface to the corresponding VLAN using the /etc/network/interfaces config. This works for me, but I understand it is not a straight forward solution.