FreeBSD Port: arpwatch-2.1.a13_2

Daniel Dvořák dandee at hellteam.net
Thu Dec 29 20:33:59 PST 2005 

Hi All,
 
let me ask you about arpwatch. The port under FreeBSD does not support the
important switch -p, which we can find for example in Debian Linux. This
switch is about "don´t put to promisccuous mode", which is really needed for
example wireless cards, where promisc kills usually the traffic on wi-fi.
 
I am sorry I do not imagine how much work it is, I simple ask, is it
possible to implement this switch (flag) ?
 
In the Debian Linux, there are anothers useful flags, but of course -p is
the most important one, here they are:
 
        
        (Debian) The -s flag is used to specify the path to the sendmail
program.  Any program that takes the option -odi and then text from stdin
can  be
       substituted. This is useful for redirecting reports to log files
instead of mail.
 
       (Debian) The -p flag disables promiscuous operation.  ARP broadcasts
get through hubs without having the interface in promiscuous mode, while
sav-
       ing considerable resources that would be wasted on processing
gigabytes of non-broadcast traffic.  OTOH, setting promiscuous mode  does
not  mean
       getting 100% traffic that would concern arpwatch .  YMMV.
 
       (Debian) -a By default, arpwatch reports bogons (unless -N is given)
for IP addresses that are in the same subnet than the first IP address of
the
       default interface.  If this option is specified, arpwatch will report
bogons about every IP addresses.
 
       (Debian) The -m option is used to specify the e-mail address to which
reports will be sent.  By default, reports are sent to  root  on  the  local
       machine.
 
       (Debian) The -u flag instructs arpwatch to drop root privileges and
change the UID to username and GID to the primary group of username .  This
is
       recommended for security reasons, but username has to have write
access to the default directory.
 
       (Debian) The -R flag instructs arpwatch to restart in seconds seconds
after the interface went down.  By default, in  such  cases  arpwatch  would
       print an error message and exit.  This option is ignored if either
the -r or -u flags are used.
 
       (Debian) The -Q flags prevents arpwatch from sending reports by mail.
 
       (Debian) The -z flag is used to set a range of ip addresses to ignore
(such as a DHCP range). Netmask is specified as 255.255.128.0.

Please, I just ask, do not shoot me, thanks :)
 
Daniel


  _____  


avast! Antivirus <http://www.avast.com> : Odchozi zprava cista. 


Virova databaze (VPS): 0552-2, 29.12.2005
Testovano: 30.12.2005 5:33:54
avast! - copyright (c) 1988-2005 ALWIL Software.

More information about the freebsd-ports mailing list