Two independent reliability problems were identified during PR readiness
review. First, FritzConnection had no explicit timeout, meaning an
unreachable or slow Fritz!Box would block the plugin process indefinitely
until the OS TCP timeout fired (typically 2+ minutes), making the 60s
RUN_TIMEOUT in config.json ineffective. Second, hashlib.md5() called
without usedforsecurity=False raises ValueError on FIPS-enforced systems
(common in enterprise Docker hosts), silently breaking the guest WiFi
synthetic device feature for those users.
Changes:
- Add timeout=10 to FritzConnection(...) call (fritzbox.py:57)
The fritzconnection library accepts a timeout parameter directly in
__init__; it applies per individual HTTP request to the Fritz!Box,
bounding each TR-064 call including the initial connection handshake.
- Add usedforsecurity=False to hashlib.md5() call (fritzbox.py:191)
The MD5 hash is used only for deterministic MAC derivation (not for
any security purpose), so the flag is semantically correct and lifts
the FIPS restriction without changing the computed value.
- Update test assertion to include timeout=10 (test_fritzbox.py:307)
assert_called_once_with checks the exact call signature; the test
expectation must match the updated production code.
The plugin now fails fast on unreachable Fritz!Box (within 10s per
request) and works correctly on FIPS-enabled hosts. Default behavior
for standard deployments is unchanged.
NetAlertX had no native support for discovering devices connected to
Fritz!Box routers. Users relying on Fritz!Box as their primary home
router had to use generic network scanning (ARP/ICMP), missing
Fritz!Box-specific details like interface type (WiFi/LAN) and
connection status per device.
Changes:
- Add plugin implementation (front/plugins/fritzbox/fritzbox.py)
Queries all hosts via FritzHosts TR-064 service, normalizes MACs,
maps interface types (802.11→WiFi, Ethernet→LAN), and writes results
to CurrentScan via Plugin_Objects. Supports filtering to active-only
devices and optional guest WiFi monitoring via a synthetic AP device
with a deterministic locally-administered MAC (02:xx derived from
Fritz!Box MAC via MD5).
- Add plugin configuration (front/plugins/fritzbox/config.json)
Defines plugin_type "device_scanner" with settings for host, port,
credentials, guest WiFi reporting, and active-only filtering.
Maps scan columns to CurrentScan fields (scanMac, scanLastIP, scanName,
scanType). Default schedule: every 5 minutes.
- Add plugin documentation (front/plugins/fritzbox/README.md)
Covers TR-064 protocol basics, quick setup guide, all settings with
defaults, troubleshooting for common issues (connection refused, auth
failures, no devices found), and technical details.
- Add fritzconnection>=1.15.1 dependency (requirements.txt)
Required Python library for TR-064 communication with Fritz!Box.
- Add test suite (test/plugins/test_fritzbox.py:1-298)
298 lines covering get_connected_devices (active filtering, MAC
normalization, interface mapping, error resilience), check_guest_wifi_status
(service detection, SSID-based guest detection, fallback behavior), and
create_guest_wifi_device (deterministic MAC generation, locally-administered
bit, fallback MAC, regression anchor with precomputed hash).
Users can now scan Fritz!Box-connected devices natively, seeing per-device
connection status and interface type directly in NetAlertX. Guest WiFi
monitoring provides visibility into guest network state. The plugin
defaults to HTTPS on port 49443 with active-only filtering enabled.
- Added support for pagination (page and limit) in the session events endpoint.
- Implemented sorting functionality based on specified columns and directions.
- Introduced free-text search capability for session events.
- Updated SQL queries to retrieve all events and added a new SQL constant for events.
- Refactored GraphQL types and helpers to support new plugin and event queries.
- Created new GraphQL resolvers for plugins and events with pagination and filtering.
- Added comprehensive tests for new GraphQL endpoints and session events functionality.
- Updated test cases to reflect new column names (eve_MAC -> eveMac, eve_DateTime -> eveDateTime, etc.) across various test files.
- Modified SQL table definitions in the database cleanup and migration tests to use camelCase naming conventions.
- Implemented migration tests to ensure legacy column names are correctly renamed to camelCase equivalents.
- Ensured that existing data is preserved during the migration process and that views referencing old column names are dropped before renaming.
- Verified that the migration function is idempotent, allowing for safe re-execution without data loss.
- Implemented deletion of Sessions older than DAYS_TO_KEEP_EVENTS.
- Added index for Plugins_History to improve query performance.
- Introduced unit tests for Sessions trimming and database analysis.
