olivier/stupid-simple-network-inventory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
49 Commits 1 Branch 0 Tags
aa39898c80a8ed0825e1b0c75f4e7858e68bf884
Commit Graph

7 Commits

Author SHA1 Message Date
olivier 93ab343db7 fix: switch tcp_check mode to TCP-only instead of ICMP+TCP 
Previously tcp_check required both ICMP and TCP to pass. This caused
two failure modes: hosts with ICMP rate-limiting under scan load were
missed (ICMP fails → TCP never tried), and the AND logic was confusing.

In TCP-only mode, proxy-ARP gateways are still filtered out because
they never spoof TCP replies. Hosts with rate-limited ICMP (e.g. some
WiFi APs during a full /24 sweep) are now correctly detected via TCP.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-18 15:12:04 +02:00
olivier 4b0aa1edf2 fix: handle ping output with hostname when DNS resolves scan target 
When the Docker container's DNS can resolve a target IP to a hostname,
ping formats the reply line as "from hostname (ip):" instead of the
plain "from ip:" format. The proxy-ARP source-IP guard only checked
for the plain format, causing those hosts to be incorrectly reported
as unreachable despite a valid ICMP response.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-18 14:40:19 +02:00
olivier 806fe1caec feat: DNS_SERVER env var — pre-fills discovery UI, optional for scan 
- DNS_SERVER env var configures the default DNS server for PTR lookups
- GET /api/discovery/config exposes it to the frontend
- DiscoveryModal fetches it on mount and pre-fills the field (editable)
- dns_server is now optional in ScanRequest (default empty string)
- PTR lookup is skipped when dns_server is empty — scan still proceeds
- Validator only runs when dns_server is non-empty
- .env.example, docker-compose.yml, READMEs (fr/en/es) updated

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-18 12:22:05 +02:00
olivier c8607831a4 fix: remove default DNS server in backend — dns_server is now required 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-18 12:17:16 +02:00
olivier cc716783ea feat: add optional TCP check to scan to filter proxy-ARP false positives 
Some gateways (e.g. UniFi) respond to ICMP for every IP in a subnet via
proxy-ARP, spoofing the source IP so the existing ICMP guard cannot help.
A secondary TCP probe (ports 22, 80, 443, 8080, 8443) distinguishes real
hosts (RST/connect on closed ports) from ghost IPs (gateway drops SYN →
timeout). The check is opt-in (disabled by default) to avoid missing
devices whose firewall DROPs all probed ports.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-18 11:17:55 +02:00
olivier cf07461436 fix: guard _ping() against proxy-ARP false positives 
Verify that the ICMP reply source IP matches the target before
reporting a host as alive. Prevents scan from returning the entire
CIDR range when a gateway answers ARP requests on behalf of all IPs.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-18 08:38:58 +02:00
olivier 88cf6458d0 Initial commit — Stupid Simple Network Inventory 
Application web d'inventaire réseau manuel avec FastAPI, Vue 3 et Docker.
Inclut l'authentification JWT, la découverte ICMP, et la topologie en cards CSS.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-17 09:19:19 +02:00