github Ozark-Connect/NetworkOptimizer v1.10.4
on GitHub

8 hours ago

More fixes and improvements for Threat Intelligence, Security Audit, and Alerts. See v1.10.0 release notes for what's new in v1.10.0+.

Threat Intelligence

  • Search tab - Search the full threat database by IP, CIDR, partial IP, country, ASN, or org name. Smart input classification detects what you typed and routes the query accordingly. Search is all-time and unfiltered for maximum investigative reach.
  • Exposure report accuracy - Incoming-only traffic filtering so local/outgoing events don't inflate port threat counts. The "Actively Targeted Port Forward" audit finding uses the same corrected counts.
  • IPS signature enrichment - Extracts real Suricata signatures from flow events and fixes DDoS IP linking.
  • IP drilldown defaults to 90 days - Both in-app navigation and direct URL access now consistently use 90d for investigation context. Port/protocol drilldowns keep your current time filter with auto-expand fallback.

Security Audit

  • RADIUS/802.1X port security recognized - Ports with RADIUS MAC Authentication or 802.1X via port profiles are now recognized as secured. Eliminates false "No MAC" warnings on RADIUS networks. Audit summary shows a new "802.1X" column with per-switch counts, and hardening reports include 802.1X when present.

LAN Speed Test

  • LAG aggregate speed in path visualization - Link Aggregation Groups now show their combined bandwidth (e.g., 2x10G = 20G) instead of a single member port's speed.

Alerts & Scheduling

  • Editing a channel no longer wipes stored credentials - Saving an alert channel without re-entering the SMTP password or webhook secret previously replaced the encrypted value with blank, causing unauthenticated SMTP attempts. Now preserves existing secrets when the field is left empty.
  • Digest emails no longer re-send on every restart - The "last sent" timestamp was only in-memory, so every container restart immediately re-sent the digest. Now persisted to the database.
  • Digest collapsing for noisy alerts - Info alerts collapse by event type; non-Info alerts collapse when a source group exceeds 10 entries, showing a count suffix (e.g., "Early-stage attack chain (95x)"). Header counts still reflect original totals.
  • Digest source counts fixed - After collapsing, group headers like "threats" now show the original event count (e.g., "(101)") instead of the collapsed row count.
  • Alert timestamps use server local timezone - Email alerts and digests now show timestamps in the server's configured timezone (e.g., "CST") instead of UTC. Webhooks keep ISO 8601 for machine consumption.

Fixes

  • Mobile speed test banner layout - Schedule banners on the speed test page now wrap correctly on mobile.
  • Proxmox Docker-in-LXC permission fix - Adds AppArmor unconfined profile to LXC config to handle the runc CVE-2025-52881 security patch that broke Docker in privileged containers.

Installation

Windows: Download the MSI installer below

Docker: 

docker compose pull && docker compose up -d

macOS (native, recommended for accurate speed tests vs Docker Desktop): 

git clone https://github.com/Ozark-Connect/NetworkOptimizer.git && cd NetworkOptimizer && ./scripts/install-macos-native.sh
# or if you already have it cloned
cd NetworkOptimizer && git pull && ./scripts/install-macos-native.sh

Proxmox: 

bash -c "$(curl -fsSL https://raw.githubusercontent.com/Ozark-Connect/NetworkOptimizer/main/scripts/proxmox/install.sh)"

For other platforms (Synology, QNAP, Unraid, native Linux), see the Deployment Guide.

Check out latest releases or
releases around Ozark-Connect/NetworkOptimizer v1.10.4

Don't miss a new NetworkOptimizer release

NewReleases is sending notifications on new releases.

Get notifications