NetEAGLE
Raspberry Pi network security gateway with mobile control plane.
Home networks now hold the kind of data enterprises spend fortunes protecting — banking credentials, personal records, and, since the shift to remote work, direct tunnels into corporate systems — yet they are rarely monitored and seldom patched. The router is the single most critical device on the network and, in practice, the most neglected. Endpoint antivirus doesn't close the gap: it guards one device, and only after a threat has already crossed the network. Tools that could help, like PRTG or Nessus, assume networking expertise the average household simply doesn't have.
NetEAGLE moves protection from the endpoint to the gateway. A Raspberry Pi 5 sits inline with the home's traffic and unifies three defences — Nmap host discovery, a UFW firewall, and Suricata intrusion detection and prevention — behind a deliberately simple mobile app, with near-real-time cloud sync and one-tap actions. It gives non-technical users the network-level visibility and control that, until now, only enterprises had.
The design was research-led. A six-question survey of home users, written in plain language, set the scope directly: strong demand for intrusion detection and firewalling, low interest in vulnerability assessment (cut from scope), and a clear preference for real-time updates through a mobile app — which drove the architecture. The Pi runs a Flask REST API as an auto-starting service; each feature maps an app tap to a shell script and a Python parser that writes state to a Firebase Realtime Database, which pushes live updates to a Flutter app.
The result is a functional, end-to-end appliance that meets all four objectives with an effectively plug-in install — connect it inline, no configuration required. In the spirit of an honest evaluation: it was assessed functionally and qualitatively against the non-technical-user constraint rather than a throughput benchmark, and the low-end Pi's upload limits meant syncs were made user-triggered — both flagged as clear directions for future work.
What it involved
- Inline Raspberry Pi 5 gateway that sees and filters all household traffic — defence at the network layer, not the endpoint
- Three unified defences: Nmap host discovery, a UFW firewall, and Suricata IDS/IPS, each surfaced as a one-tap action
- Flask REST API (auto-started system service) bridging the Pi to a Flutter mobile app via a Firebase Realtime Database for near-real-time alerts
- Research-led scope: a survey of non-technical home users cut vulnerability assessment and drove the real-time, mobile-first design
- Plug-in deployment with zero configuration — the Pi even takes on the router role, turning a hardware constraint into a self-contained design