What's on my Network
Do you know who's on your network? Set up a Network Intrusion Monitor and you know. Used Pi.Alert but found an alternative, WatchYourLAN with Telegram or something.
After a while, your network becomes full of stuff. And we need a Network Intrusion Monitor. A good app lets us see what we have and can alarm us of new devices on the LAN. I've been using Pi.alert for a while, but I have been looking for an alternative. I found WatchYourLAN. It functions within Docker and can be deployed on any of your nodes. I will cover only the basics, but please feel free to experiment with all the options. I use Telegram to send alarms.
Install
WatchYourLAN is a lightweight network IP scanner with a configurable GUI.
It can also be used as a Network Intrusion Monitor with alarm functions.
- Change your path to where you want to store your
sqlitedb
database. - Change the timezone to match your location.
- Change to one or many network interface you want to use.
- If you use ssh, in a terminal run this command:
ip link show
orip a
- If you use ssh, in a terminal run this command:
version: "3"
services:
shoutrrr:
stdin_open: true
tty: true
image: containrrr/shoutrrr
command: generate telegram
wyl:
image: aceberg/watchyourlan
network_mode: host
restart: unless-stopped
environment:
- TZ=${TZ}
- IFACE=${IFACE}
- DBPATH=${DBPATH}
- GUIIP=${GUIIP}
- GUIPORT=${GUIPORT}
- TIMEOUT=${TIMEOUT}
- SHOUTRRR_URL=${SHOUTRRR_URL}
- THEME=${THEME}
- IGNOREIP=${IGNOREIP}
volumes:
- /opt/wyl:/data
networks: {}
# environment, required
TZ: Europe/Helsinki # needs your TZ for correct time
IFACE: "eth0" # 1 or more interface, space separated
# environment, optional
DBPATH: "/data/db.sqlite" # default: /data/db.sqlite
GUIIP: "0.0.0.0" # default: localhost
GUIPORT: "8840" # default: 8840
TIMEOUT: "120" # in seconds, default=60
SHOUTRRR_URL: "" # set url to notify
THEME: "solar" # Can be change in GUI
IGNOREIP: "no"
These options can be changed in the GUI - Config
- There can be one or more Interfaces, space separated
- After changing Host, Port or Path to DB options, you need to restart the app
- Timeout means time between scans (in seconds)
- Shoutrrr URL provides notifications to Discord, Email, Gotify, Telegram and other services. Link to documentation
telegram://<token>@telegram?chats=<ID>@<name>
- Theme to change themes. Uses Free themes for Bootstrap
- Ignore IP If you want to detect unknown hosts by MAC only, set to "yes"
- Log Level How much log you want to see
- The Clear table button will delete all records from the table.
If you want to delete a single host, click on its MAC and press Delete host - ARP Timeout per host timeout for arp-scan (in milliseconds)
The Auth options can be changed in the GUI - Auth
- Expire after - when user session expires.
Can be set with suffixes m (minute), h (hour), d (day) or M (month). - Login. For Auth to work, login and password must not be empty.
- Password is stored encrypted in the config file.
If you forgot your password, just set auth_password: field to empty there.
Use of WYL
Use your browser and set the address to <IP of VM>:8840 or the port you use.
The Home screen is not very useful, sorting is stupid, but the Online and Offline tabs has all the sorting you need.
😔 What is missing is the ability to scan VLAN.
How to keep Free and Open Software free and open?
Subscribe, like, share, discuss, clap, star, follow, watch, and anything that can help with social media algorithms. Also buy a license, donate, buy merchandise, use Patreon. Remember that most free software is produced by professional (need salary) using platforms and machines that cost money.