A containerised tool with a responsive web interface for monitoring devices on a network and exporting PiHole/DNSMasq DNS and DHCP records for the monitored devices.
A blend of DNS/DHCP editor, asset registrar, network monitor, and intruder detector.
- Network scanning
- Port scanning
- Ability to export records as DHCP and DNS configs for DNSMasq and PiHole
- CRUD editor for taxonomy
- Multi-DB support
- SQLite
- MySQL
- MariaDB
- PostgreSQL
- User Settings
- Dark mode
- System-wide pagination options
- Page-specific pagination options
faceMasq is intended to be run as a Docker container. Details on how to install and configure it can be found in the Quick-Start Guide, with more information about configuration options available in the Configuration Documentation.
If you wish to run it as a bare-metal service, details on how to do that can be found in the Advanced Installation Documents.
- Migrate all JavaScript to TypeScript
- Swap to websockets for data transfer
- ARPScan to reduce burden on host device's network interfaces
- Log monitoring for DNSMasq
- Watch for leases from DNSMasq
- Webhook for third-party systems to report devices
- NetScan frequency
- ARPScan frequency
- Allow setting LastSeen cut off
- Device's that haven't been seen since the cut off time (specified in hours/days/weeks ago) will be hidden from the standard Devices view
- Move the interfaces/addresses from one device to another to merge them
- Add planned devices
- Possibility to match new devices to planned devices if the MAC vendor matches the brand
- Delete retired/lost/deprecated devices
- Adding/Editing/Deleting device interfaces
- Adding/Editing/Deleting interface addresses
- Adding/Editing/Deleting address hostnames
- Update files when changes are applied in faceMasq
- Allow configuration of file names, paths, etc
- Allow multiple instances of DNS and DHCP configuration
- Log when devices/interfaces had reserved IP addresses assigned/revoked
- Log when devices have their maintainer/location/status/category/architecture/operating-system changed
- Keep historic log of device labels, notes, hostnames, serial, and machine-names
- Roles: Admin, Network Manager, Device Manager, Viewer
- Two factor authentication via TOTP/HOTP
- Two factor authentication via FIDO2
- Get alerts when watched devices change IP address
- Get alerts when watched devices go offline
- View network connectivity of an unknown device
- Track IP address changes of unknown device
- Scan ports of unknown devices
- Get alerts for unknown devices via notifications
- Interface for delving in to available information on unknown devices
- Allow users to get statistical reports for the devices they maintain or watch
- Useful for seeing devices with unstable connections to the network
- Allow admins and network managers to get reports from the Unknown Device Monitor
- Summarise the month's alerts
- Provide details about each of the devices (ports, network connectivity, etc)
- Allow integration with Home Assistant as a device tracker
- Allow integration with Node Red
- MQTT
- Gotify
- Manually add monitors, keyboards, mice, speakers, TVs, printers, 3d printers, uninterruptible power supplies, webcams, security cameras and more to computers, chromecasts, etc.
- Produce network maps that /r/homelab would be proud of.
Contributions are always welcome!
Just open a PR.
Contribution Guide to come.
- https://github.com/coreruleset/modsecurity-crs-docker/blob/develop/docker-bake.hcl for an easy to understand example
- https://github.com/duo-labs/webauthn or https://github.com/fxamacker/webauthn for the API
- https://github.com/MasterKale/SimpleWebAuthn/tree/master/packages/browser for the Web Interface