From owner-freebsd-ports@FreeBSD.ORG Wed Jul 12 02:42:17 2006 Return-Path: X-Original-To: ports@freebsd.org Delivered-To: freebsd-ports@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0311116A4DA for ; Wed, 12 Jul 2006 02:42:17 +0000 (UTC) (envelope-from thomas@goodking.ca) Received: from tbaytel.net (front1-nwconx.tbaytel.net [216.211.26.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0DAEF43D45 for ; Wed, 12 Jul 2006 02:42:15 +0000 (GMT) (envelope-from thomas@goodking.ca) Received: from goodking.goodking.ca ([216.211.48.113] verified) by front1.tbaytel.net (CommuniGate Pro SMTP 5.0.8) with ESMTPS id 50853193; Tue, 11 Jul 2006 22:42:14 -0400 Received: from thomaspc (thomaspc.goodking.ca [172.16.1.50]) (authenticated bits=0) by goodking.goodking.ca (8.13.7/8.13.7) with ESMTP id k6C2feri073954 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO); Tue, 11 Jul 2006 22:41:41 -0400 (EDT) (envelope-from thomas@goodking.ca) Message-ID: <001301c6a55c$b56e5940$320110ac@thomaspc> From: "Thomas Abthorpe" To: References: <000001c6a55b$3a4d0190$6508280a@tocnet28.jspoj.czf> Date: Tue, 11 Jul 2006 22:41:36 -0400 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869 X-GoodKing_dot_CA-MailScanner-Information: Please contact support@goodking.ca for more information X-GoodKing_dot_CA-MailScanner: Found to be clean X-GoodKing_dot_CA-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-2.55, required 5, autolearn=not spam, AWL 0.05, BAYES_00 -2.60, HTML_MESSAGE 0.00) X-GoodKing_dot_CA-MailScanner-From: thomas@goodking.ca Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: ports@FreeBSD.org Subject: Re: FreeBSD Port: arpwatch-2.1.a14 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Jul 2006 02:42:17 -0000 Hi Daniel Don't worry, I won't shoot the messenger :-) You raise some very good questions, to which you deserve some really = answers! At this time, I don't have them, but you have certainly given = me some food for thought on the matter! Allow me to counter challenge you, pull the source code apart, see what = you can reveal. I would be most happy to accept some feedback to = expedite the next update. At the very least, I will investigate, and see what I can turn up. Thomas ----- Original Message -----=20 From: Daniel Dvo=F8=E1k=20 To: thomas@goodking.ca=20 Cc: ports@FreeBSD.org=20 Sent: Tuesday, July 11, 2006 10:31 PM Subject: FreeBSD Port: arpwatch-2.1.a14 Hi all, let me ask you about arpwatch. The port under FreeBSD does not support = the important switch -p, which we can find for example in Debian Linux. = This switch is about "don=B4t put to promisccuous mode", which is really = needed for example wireless cards, where promisc kills usually the = traffic on wi-fi. I am sorry I do not imagine how much work it is, I simple ask, is it = possible to implement this switch (flag) ? In the Debian Linux, there are anothers useful flags, but of course -p = is the most important one, here they are: =20 (Debian) The -s flag is used to specify the path to the = sendmail program. Any program that takes the option -odi and then text = from stdin can be substituted. This is useful for redirecting reports to log = files instead of mail. (Debian) The -p flag disables promiscuous operation. ARP = broadcasts get through hubs without having the interface in promiscuous = mode, while sav- ing considerable resources that would be wasted on processing = gigabytes of non-broadcast traffic. OTOH, setting promiscuous mode = does not mean getting 100% traffic that would concern arpwatch . YMMV. (Debian) -a By default, arpwatch reports bogons (unless -N is = given) for IP addresses that are in the same subnet than the first IP = address of the default interface. If this option is specified, arpwatch will = report bogons about every IP addresses. (Debian) The -m option is used to specify the e-mail address to = which reports will be sent. By default, reports are sent to root on = the local machine. (Debian) The -u flag instructs arpwatch to drop root privileges = and change the UID to username and GID to the primary group of username = . This is recommended for security reasons, but username has to have = write access to the default directory. (Debian) The -R flag instructs arpwatch to restart in seconds = seconds after the interface went down. By default, in such cases = arpwatch would print an error message and exit. This option is ignored if = either the -r or -u flags are used. (Debian) The -Q flags prevents arpwatch from sending reports by = mail. (Debian) The -z flag is used to set a range of ip addresses to = ignore (such as a DHCP range). Netmask is specified as 255.255.128.0. Please, I just ask, do not shoot me, thanks :) Bye Daniel