NetDTL — User Guide

A practical guide to using NetDTL v3.0 for network discovery, inventory management, diagnostics, and patch panel browsing.

version3.0 platformWindows / Linux stackPHP 8.x + MySQL + Nmap licenseMIT

Overview

NetDTL is a self-hosted web application for agentless network inventory and diagnostics. It runs on a standard PHP/MySQL/Nmap stack (XAMPP or LAMP) and requires no agent on the machines being monitored. All discovery is performed by Nmap from the server running NetDTL.

The application covers five main areas: a live dashboard, a machine inventory, per-machine diagnostics, real-time network discovery, and a patch panel viewer. Everything is accessible from a web browser on the local network.

Quick Start

1. Install dependencies

pip install wmi pywin32 psutil   # not required — NetDTL is PHP-based
# On Windows with XAMPP:
# 1. Install XAMPP (includes PHP + MySQL + Apache)
# 2. Install Nmap and note its installation path
# 3. Copy the NetDTL files into htdocs/netdtl/

2. Create the database

CREATE DATABASE netdtl CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'netdtl'@'localhost' IDENTIFIED BY 'yourpassword';
GRANT ALL PRIVILEGES ON netdtl.* TO 'netdtl'@'localhost';

3. Configure db.php

Open db.php and fill in the database credentials, the Nmap binary path, the default CIDR range, and the HTTP Basic Auth username and password.

define('DB_HOST',        'localhost');
define('DB_NAME',        'netdtl');
define('DB_USER',        'netdtl');
define('DB_PASS',        'yourpassword');
define('AUTH_USER',      'admin');
define('AUTH_PASS',      'yourpassword');
define('NMAP_PATH',      'C:/Program Files (x86)/Nmap/nmap.exe');
define('DEFAULT_NETWORK','192.168.1.0/24');
define('APP_VERSION',    '3.0');

4. Open in a browser

Navigate to http://localhost/netdtl/ (or your server's address). The database tables are created automatically on first load. Log in with the credentials you set in db.php.

NetDTL uses HTTP Basic Authentication. When you open the application for the first time in a browser session, the browser displays a login dialog. Enter the username and password defined in AUTH_USER and AUTH_PASS in db.php.

Single account: There is only one set of credentials. All users who know the password have full access to all features, including delete and scan operations.

Security: Do not expose NetDTL to the public internet without additional protection (TLS, IP filtering, reverse proxy authentication). It is designed for trusted local network use.

Interface Layout

Every page shares the same two-part layout: a sticky top bar and a fixed left sidebar.

Top bar: Shows the NetDTL logo (links to the Dashboard), the five main navigation links, and the authenticated username.

Left sidebar: Provides more granular navigation. The upper section covers the four main pages (Dashboard, Inventory, Discovery, Patch panel). The lower section lists all seven diagnostic tools. The active page or tool is highlighted in green.

The main content area fills the rest of the viewport. A toolbar at the top of each page holds the primary actions for that page (search inputs, action buttons, export links).

Pages

Dashboard

The entry point after login. Gives a quick read on the state of the network at a glance.

What you see

Stats row: total machines known, count up, count down, count unknown, time since last scan.
Recently seen machines: the 8 machines most recently active, with status badge, hostname (linked to machine detail), IP, OS, last-seen time, and ping latency.
Recent diagnostics: the 5 most recent diagnostic operations run from any page, with tool name, target, time, and success indicator.

Tip: The Dashboard is read-only. To take action on a machine (ping, scan ports, edit), click its hostname to go to the Machine detail page, or go to Inventory for bulk operations.

Dashboard — 25 machines, 24 up, last scan 2 days ago

Inventory

The main machine list. Shows all known machines with their current status, and provides tools for searching, filtering, pinging, adding, deleting, and exporting.

Toolbar actions

Control	Description
Search box	Filters the list by hostname, IP, OS, or comment as you submit the form. Partial matches are supported.
◎ Ping all	Pings every machine in the inventory sequentially. Updates status (`up`/`down`) and latency for each. This may take a minute on large inventories.
+ Add	Opens a modal form to add a machine manually. Required: hostname and a valid IP address. Optional: OS, comment, switch port, patch port.
↓ CSV	Downloads the full inventory as a UTF-8 CSV file (Excel-compatible). All fields, ordered by IP.

Status filters

Below the stats row, pill buttons let you filter the list to show only Up, Down, or Unknown machines. The filter combines with any active search term.

Per-machine actions

Button	Action
◎	Ping this machine. Updates status and latency immediately.
⊞	Open the Machine detail page for this entry.
✕	Delete this machine from the inventory. A JavaScript confirmation dialog appears first.

Column notes

The MAC column shows ce PC in italics for the machine running the NetDTL server, since Nmap cannot read its own MAC address.
Switch port (blue) and Patch port (purple) are set manually from the Machine detail page or the Add modal.
Machines are sorted by numerical IP order (INET_ATON), not alphabetically.

Inventory — machine list with status, MAC, vendor, switch port, OS and comments

Machine detail

Per-machine profile page. Reached by clicking a hostname anywhere in the application. Combines network information, quick diagnostic actions, and an editable profile form.

Network information panel

Shows IP, MAC, last-seen time, ping latency, switch port, patch panel port, and open ports. Open ports are updated automatically after a port scan from this page.

Quick diagnostics

Five buttons trigger diagnostic actions directly on this machine's IP. Results appear below in a terminal block and are logged to the diagnostic history.

Button	What it runs	Side effect
◎ Ping	4-packet ping	Updates `status` and `last_ping_ms` in DB
⊞ Scan ports	Nmap on 13 common ports	Updates `open_ports` in DB
⤳ Traceroute	`tracert` to this IP	None
⊹ DNS	`nslookup` on this IP	None
⊕ Detect OS	Nmap `-O` (requires admin)	Updates `os` in DB if detected

Terminal output

Output lines are colour-coded: green for success indicators (TTL, Reply, open), amber for timeouts and unreachable hosts, red for errors. A Copy button copies the raw text to the clipboard.

Profile form

The lower section lets you manually set or correct the OS, switch port, patch panel port, and a free-text comment. Click Save to persist. This data is preserved across scans — a subsequent discovery scan will not overwrite manually entered values with empty ones.

Network discovery

Runs an Nmap scan over a CIDR range and streams results in real time. Discovered machines are automatically added to or updated in the inventory.

Starting a scan

Enter a CIDR range in the network input (e.g. 192.168.1.0/24) and click ▶ Start scan. The Nmap terminal block appears immediately and lines scroll as they arrive. The discovered hosts table populates row by row as each host is confirmed.

Scan options

Option	Effect	Note
Common ports	After the ping sweep, runs a port scan on each discovered host	Significantly increases scan time
OS detection	Uses `nmap -O` for OS fingerprinting	Requires the web server to run as Administrator / root
Identify NetBIOS	Runs a second pass querying UDP 137 on each up host to resolve NetBIOS names, workgroup, and logged-in user	Requires UDP 137 to be open on targets
WMI descriptions	Queries each Windows host via PowerShell WMI for its OS description	Only works against Windows targets that allow remote WMI

During a scan

The ■ Stop button closes the SSE stream and halts result display. The scan process on the server continues briefly until the current Nmap command finishes; machines discovered up to that point are already saved.

Stats and history

The stats row updates live: machines known, currently up, discovered this scan, and elapsed time. On completion, a row is appended to the scan history table at the bottom of the page without a page reload.

What gets saved

Each discovered host is upserted into the inventory on the ip field. Existing manually entered values (OS, switch port, patch port, comment) are never overwritten with empty data — only enriched if the scan produces a non-null value.

Tip: For a quick sweep of a new network segment, leave all options unchecked. Enable NetBIOS identification for a second pass that resolves Windows machine names without requiring admin rights.

Large networks: Scanning a /16 or larger range can take many minutes. The server enforces a 10-minute execution limit. For very large ranges, scan in /24 blocks.

Network discovery — CIDR input, scan options, real-time stats and scan history

Diagnostics

General-purpose network diagnostic terminal. Select a tool from the left sidebar, enter a target in the toolbar, and click ▶ Execute. Results appear in a terminal block and are logged to the session history.

Available tools

Tool	Input	Output format
◎ Ping	IP or hostname	Terminal + stats row (sent, received, lost %, avg latency)
⬡ Nmap scan	IP, hostname, or CIDR	Table of active hosts
⤳ Traceroute	IP or hostname	Terminal (colour-coded by hop response)
⊹ DNS Lookup	IP or hostname	Terminal (nslookup output)
⊞ Targeted ports	IP or hostname + port list	Table of ports with state and service
⊕ Local IP info	None (local machine)	Terminal (PowerShell Get-NetIPAddress)
⊗ Active services	None (local machine)	Terminal (PowerShell Get-Service, running only)

Port list

When the Targeted ports tool is selected, a port input appears in the toolbar. Enter a comma-separated list of port numbers (e.g. 22,80,443,3389). The default is 22,80,443,3389,8080.

Exporting results

When results are available, an ↓ CSV button appears in the toolbar. It downloads the raw output lines as a single-column CSV file named after the tool and timestamp.

Session history

The bottom panel shows the 20 most recent diagnostic operations across all tools, with tool name, target, time, and success indicator. This history persists in the database across sessions.

Tip: The Local IP info and Active services tools always target the machine running NetDTL, not a remote host. They are useful for quickly checking the server's own network configuration or running services.

Patch panel

Browse and filter the physical patch panel — the mapping between wall outlet labels (e.g. B31), switch ports, and the machines connected to them. This page is read-only; data is populated externally via import.

Filters

Filter	Description
Search box	Free-text search across outlet label, room name, workstation reference, IP, and hostname
Switch selector	Restricts results to ports belonging to a specific switch
Entity selector	Restricts results to ports belonging to a specific department or entity

Columns

Column	Description
Port	Wall outlet label (e.g. `B31`)
Type	RJ45 (blue), RJ11 (amber), or unknown (grey)
Entity	Owning department. Local equipment shown in teal, delegated in green.
Room	Room or location name
Floor	Building floor
Workstation	Desk or workstation reference
Switch	Switch identifier (amber)
Switch port	Port on the switch (blue)
IP(s) / Hostname(s)	Machines associated with this outlet. Multiple machines per port are displayed comma-separated.
Notes	Free-form notes

Note: The patch panel data is not populated by NetDTL itself. It is imported externally (e.g. via the NetDTL Installer's patch panel engine or a direct SQL import from a CSV). Once imported, the machine-to-port associations are kept in sync by setting the Switch port and Patch port fields on each machine's detail page.

Permissions

Some features require the web server process to have elevated privileges on the host machine.

Feature	Privilege required
Basic ping sweep (discovery)	None — Nmap `-sn` works as standard user
OS detection (`nmap -O`)	Administrator (Windows) or root (Linux)
SYN scan (`nmap -sS`, used with OS detection)	Administrator / root
WMI descriptions	Network access to target + remote WMI enabled on target
NetBIOS identification (UDP 137)	UDP 137 must be reachable on targets

Without elevation: OS detection and SYN scans will silently return no data. The scan completes normally but those fields remain empty. No error is displayed to the user.

CSV Export

Two pages offer CSV export:

Inventory (?export=csv): full machine list, all fields, sorted by numerical IP. Columns: Hostname, IP, MAC, Vendor, Switch port, Patch port, OS, Status, Open ports, Ping (ms), Last seen, Comment.
Diagnostics: raw output lines of the last tool run, as a single-column CSV named diag_<tool>_<timestamp>.csv.

Both files are UTF-8 with a BOM prepended for correct rendering in Microsoft Excel.

Known Limitations

Traceroute is Windows-only. The diagnostics page runs tracert (Windows command). On a Linux server, this tool will return no output.
The server's own MAC is not shown. Nmap cannot read the MAC address of the machine it runs on. The inventory page detects this and replaces the MAC field with ce PC.
OS detection requires elevation. Without Administrator or root privileges, nmap -O returns nothing silently.
WMI only works against Windows targets. The PowerShell WMI query in the discovery enrichment phase only succeeds against Windows machines with remote WMI enabled and accessible credentials.
NetBIOS requires UDP 137. Windows Firewall or network firewalls blocking UDP 137 will prevent NetBIOS name resolution during discovery.
Patch panel data requires external import. The patch panel page has no built-in import tool; data must be loaded via SQL or the NetDTL Installer.
Single user account. One set of credentials, no roles, no per-user audit trail.
Scan time limit. The server enforces a 10-minute execution limit per scan. For large or slow networks, scan in smaller CIDR blocks.
Down hosts are not recorded. Discovery only saves machines that respond. Hosts that were previously up and are now silent are not marked down automatically; use Ping all in the inventory for that.

NetDTL Web site

NetDTL — User Guide

Overview

Quick Start

1. Install dependencies

2. Create the database

3. Configure db.php

4. Open in a browser

Logging In

Interface Layout

Pages

Dashboard

Inventory

Machine detail

Network discovery

Diagnostics

Patch panel

Permissions

CSV Export

Known Limitations