Date: Tue, 11 Jul 2006 22:41:36 -0400 From: "Thomas Abthorpe" <thomas@goodking.ca> To: <dandee@volny.cz> Cc: ports@FreeBSD.org Subject: Re: FreeBSD Port: arpwatch-2.1.a14 Message-ID: <001301c6a55c$b56e5940$320110ac@thomaspc> References: <000001c6a55b$3a4d0190$6508280a@tocnet28.jspoj.czf>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Daniel
Don't worry, I won't shoot the messenger :-)
You raise some very good questions, to which you deserve some really =
answers! At this time, I don't have them, but you have certainly given =
me some food for thought on the matter!
Allow me to counter challenge you, pull the source code apart, see what =
you can reveal. I would be most happy to accept some feedback to =
expedite the next update.
At the very least, I will investigate, and see what I can turn up.
Thomas
----- Original Message -----=20
From: Daniel Dvo=F8=E1k=20
To: thomas@goodking.ca=20
Cc: ports@FreeBSD.org=20
Sent: Tuesday, July 11, 2006 10:31 PM
Subject: FreeBSD Port: arpwatch-2.1.a14
Hi all,
let me ask you about arpwatch. The port under FreeBSD does not support =
the important switch -p, which we can find for example in Debian Linux. =
This switch is about "don=B4t put to promisccuous mode", which is really =
needed for example wireless cards, where promisc kills usually the =
traffic on wi-fi.
I am sorry I do not imagine how much work it is, I simple ask, is it =
possible to implement this switch (flag) ?
In the Debian Linux, there are anothers useful flags, but of course -p =
is the most important one, here they are:
=20
(Debian) The -s flag is used to specify the path to the =
sendmail program. Any program that takes the option -odi and then text =
from stdin can be
substituted. This is useful for redirecting reports to log =
files instead of mail.
(Debian) The -p flag disables promiscuous operation. ARP =
broadcasts get through hubs without having the interface in promiscuous =
mode, while sav-
ing considerable resources that would be wasted on processing =
gigabytes of non-broadcast traffic. OTOH, setting promiscuous mode =
does not mean
getting 100% traffic that would concern arpwatch . YMMV.
(Debian) -a By default, arpwatch reports bogons (unless -N is =
given) for IP addresses that are in the same subnet than the first IP =
address of the
default interface. If this option is specified, arpwatch will =
report bogons about every IP addresses.
(Debian) The -m option is used to specify the e-mail address to =
which reports will be sent. By default, reports are sent to root on =
the local
machine.
(Debian) The -u flag instructs arpwatch to drop root privileges =
and change the UID to username and GID to the primary group of username =
. This is
recommended for security reasons, but username has to have =
write access to the default directory.
(Debian) The -R flag instructs arpwatch to restart in seconds =
seconds after the interface went down. By default, in such cases =
arpwatch would
print an error message and exit. This option is ignored if =
either the -r or -u flags are used.
(Debian) The -Q flags prevents arpwatch from sending reports by =
mail.
(Debian) The -z flag is used to set a range of ip addresses to =
ignore (such as a DHCP range). Netmask is specified as 255.255.128.0.
Please, I just ask, do not shoot me, thanks :)
Bye
Daniel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001301c6a55c$b56e5940$320110ac>