github Ozark-Connect/NetworkOptimizer v1.10.3
on GitHub

6 hours ago

Threat Intelligence polish, audit accuracy improvements, and a Proxmox fix. See v1.10.0, v1.10.1, and v1.10.2 release notes for what's new in Threat Intelligence, Alerts, and more.

Security Audit

  • Zone-based firewall isolation recognized - Networks in custom firewall zones with block rules to all other zones are now correctly identified as isolated. Previously, the audit only recognized rules where both source and destination used the "internal" zone, causing false positives for users with dedicated zones (e.g., a "Management" zone blocking to "Internal").
  • Fix false positive "Excessive Tagged VLANs" on UDB ports - Device Bridge ports report forward=all but also have tagged_vlan_mgmt=block_all, meaning tagged VLANs are actually blocked. The rule only checked forward mode and missed the block field.
  • Fix misleading infrastructure device hint - Infrastructure devices detected via the UniFi API no longer suggest changing Device Icon / Fingerprint. Now points to Network Reference for purpose reassignment.

Threat Intelligence

  • Top Sources geo data fixed - Private source IPs were displaying the destination's country and ASN instead of being blank. Now re-enriches directly on the source IP, so internal addresses show "-" as expected.
  • Offline device names in drilldowns - Drilldown views now pull from full client history instead of only connected clients, so devices that have disconnected still show their friendly names.
  • ASN org in IP drilldown header - The IP drilldown now shows the ASN organization name next to the country, with truncation for long names. Hidden on mobile.
  • Attack patterns sorted by last activity - Patterns now sort by most recently active first, and the column is renamed to "Last Detected" to reflect when the last event occurred, not when the correlator ran.
  • Friendly kill chain stage names - Alert titles and reports now show "Attempted Exploitation" instead of "AttemptedExploitation".
  • SVG severity icons in Active Alerts - Replaced plain text characters with proper shield, triangle, and circle icons to match the audit page styling.
  • UI polish - Uniform row heights in Top Sources, extracted ~65 inline styles into semantic CSS classes, and a clickable "Threat Intelligence" heading to return to the overview from drilldowns.

Alerts & Scheduling

  • Schedule task name formatting - Parenthetical details (server name, device name) are now styled as a separate muted span instead of raw parentheses.
  • "Next run" showing "Just now" for future times - The time formatter only handled past times, so future NextRunAt values hit the "less than 1 minute" check. Now correctly displays "in 2h 15m" etc.

Proxmox

  • Docker-in-LXC permission fix - Adds writable proc/sys mounts to the LXC config so Docker can set sysctls like net.ipv4.ip_unprivileged_port_start. Without this, containers fail with "permission denied" on newer Proxmox versions.

Installation

Windows: Download the MSI installer below

Docker: 

docker compose pull && docker compose up -d

macOS (native, recommended for accurate speed tests vs Docker Desktop): 

git clone https://github.com/Ozark-Connect/NetworkOptimizer.git && cd NetworkOptimizer && ./scripts/install-macos-native.sh
# or if you already have it cloned
cd NetworkOptimizer && git pull && ./scripts/install-macos-native.sh

Proxmox: 

bash -c "$(curl -fsSL https://raw.githubusercontent.com/Ozark-Connect/NetworkOptimizer/main/scripts/proxmox/install.sh)"

For other platforms (Synology, QNAP, Unraid, native Linux), see the Deployment Guide.

Check out latest releases or
releases around Ozark-Connect/NetworkOptimizer v1.10.3

Don't miss a new NetworkOptimizer release

NewReleases is sending notifications on new releases.

Get notifications