NetAlertX icon indicating copy to clipboard operation
NetAlertX copied to clipboard

Published 20 hours ago β€’ verified publisher icon jokob-sk

[setup] nmap find devices but doesn't add them to the database

Open azertylr opened this issue 5 months ago β€’ 11 comments

Is there an existing issue for this?

  • [X] I have searched the existing open and closed issues and I checked the docs https://github.com/jokob-sk/NetAlertX/tree/main/docs

Current Behavior

Hello,

I have an internet router, subnet is 192.168.1.0/24 and I have another router with another subnet 192.168.2.0/24, connected to the main router. NetAlertX is running on the second router, on subnet 192.168.2.0/24. I'm using nmap to detect device on main network, and it does find the devices (see logs) but doesn't add them to the database.

Example

17:31:15 [NMAPDEV] nm[host]: {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.102'}, 'vendor': {}, 'status': {'state': 'up', 'reason': 'echo-reply'}}
17:31:15 [NMAPDEV] Hostname: (unknown), IP: 192.168.1.102, MAC: , Vendor: 
17:31:15 [NMAPDEV] Skipping: (unknown), IP or MAC missing

Thanks !

Expected Behavior

add 192.168.1.102 to database of found devices

Steps To Reproduce

No response

app.conf

#-----------------AUTOGENERATED FILE-----------------#
#                                                    #
#         Generated:  2024-09-02_17-28-26            #
#                                                    #
#   Config file for the LAN intruder detection app:  #
#      https://github.com/jokob-sk/NetAlertX         #
#                                                    #
#-----------------AUTOGENERATED FILE-----------------#


# General
#---------------------------
LOADED_PLUGINS=['ARPSCAN','CSVBCKP','DBCLNP','DDNS','DHCPLSS','DHCPSRVS','INTRNT','INTRSPD','MAINT','NBTSCAN','NMAP','NMAPDEV','NSLOOKUP','NTFPRCS','OMDSDN','SETPWD','SNMPDSC','SYNC','UI','UNDIS','UNFIMP','VNDRPDT']
LOADED_PLUGINS__metadata="                      {}\n                    "
SCAN_SUBNETS=['192.168.1.0/24 --interface=ens18']
SCAN_SUBNETS__metadata="                      {}\n                    "
LOG_LEVEL='verbose'
LOG_LEVEL__metadata="                      {}\n                    "
TIMEZONE='Europe/Paris'
TIMEZONE__metadata="                      {}\n                    "
PLUGINS_KEEP_HIST=250
PLUGINS_KEEP_HIST__metadata="                      {}\n                    "
REPORT_DASHBOARD_URL='http://netalertx'
REPORT_DASHBOARD_URL__metadata="                      {}\n                    "
DAYS_TO_KEEP_EVENTS=90
DAYS_TO_KEEP_EVENTS__metadata="                      {}\n                    "
HRS_TO_KEEP_NEWDEV=0
HRS_TO_KEEP_NEWDEV__metadata="                      {}\n                    "
API_CUSTOM_SQL='SELECT * FROM Devices WHERE dev_PresentLastScan = 0'
API_CUSTOM_SQL__metadata="                      {}\n                    "
NETWORK_DEVICE_TYPES=['AP','Gateway','Firewall','Hypervisor','Powerline','Switch','WLAN','PLC','Router','USB LAN Adapter','USB WIFI Adapter','Internet']
NETWORK_DEVICE_TYPES__metadata="                      {}\n                    "

docker-compose.yml

services:
  netalertx:
    image: jokobsk/netalertx:latest
    container_name: netalertx
    restart: unless-stopped
    network_mode: host
    environment:
      - TZ=Europe/Paris
    volumes:
      - /home/docker/netalertx/config:/app/config
      - /home/docker/netalertx/db:/app/db

What branch are you running?

Production

app.log

17:30:55 [Plugin utils] display_name: NMAP Device discovery 17:30:55 [Plugins] Executing: python3 /app/front/plugins/nmap_dev_scan/nmap_dev.py 17:30:55 [NMAPDEV] In script 17:30:55 [Database] Opening DB 17:30:55 [NMAPDEV] subnets: ['192.168.1.0/24 --interface=ens18'] 17:30:55 [NMAPDEV] scan_args: ['sudo', 'nmap', '-sn', '-PR', '-oX', '-', '192.168.1.0/24', '-e', 'ens18'] 17:31:15 [NMAPDEV] Number of hosts: 4 17:31:15 [NMAPDEV] nm[host]: {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.100'}, 'vendor': {}, 'status': {'state': 'up', 'reason': 'echo-reply'}} 17:31:15 [NMAPDEV] Hostname: (unknown), IP: 192.168.1.100, MAC: , Vendor: 17:31:15 [NMAPDEV] Skipping: (unknown), IP or MAC missing 17:31:15 [NMAPDEV] nm[host]: {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.101'}, 'vendor': {}, 'status': {'state': 'up', 'reason': 'echo-reply'}} 17:31:15 [NMAPDEV] Hostname: (unknown), IP: 192.168.1.101, MAC: , Vendor: 17:31:15 [NMAPDEV] Skipping: (unknown), IP or MAC missing 17:31:15 [NMAPDEV] nm[host]: {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.102'}, 'vendor': {}, 'status': {'state': 'up', 'reason': 'echo-reply'}} 17:31:15 [NMAPDEV] Hostname: (unknown), IP: 192.168.1.102, MAC: , Vendor: 17:31:15 [NMAPDEV] Skipping: (unknown), IP or MAC missing 17:31:15 [NMAPDEV] nm[host]: {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.103'}, 'vendor': {}, 'status': {'state': 'up', 'reason': 'echo-reply'}} 17:31:15 [NMAPDEV] Hostname: (unknown), IP: 192.168.1.103, MAC: , Vendor: 17:31:15 [NMAPDEV] Skipping: (unknown), IP or MAC missing 17:31:15 [NMAPDEV] Devices found: 0 17:31:15 [NMAPDEV] Script finished 17:31:15 [Plugins] No output received from the plugin NMAPDEV - enable LOG_LEVEL=debug and check logs 17:31:15 [Plugin utils] --------------------------------------------- 17:31:15 [Plugin utils] display_name: DB cleanup

Debug enabled

  • [X] I have read and followed the steps in the wiki link above and provided the required debug logs and the log section covers the time when the issue occurs.

azertylr avatar Sep 02 '24 15:09 azertylr