From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Nov 11 07:30:25 2003 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D6EC616A4CF for ; Tue, 11 Nov 2003 07:30:25 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5578543FBF for ; Tue, 11 Nov 2003 07:30:22 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id hABFUMFY084813 for ; Tue, 11 Nov 2003 07:30:22 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id hABFUMK4084811; Tue, 11 Nov 2003 07:30:22 -0800 (PST) (envelope-from gnats) Resent-Date: Tue, 11 Nov 2003 07:30:22 -0800 (PST) Resent-Message-Id: <200311111530.hABFUMK4084811@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Matthew George Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 14B0D16A4CE for ; Tue, 11 Nov 2003 07:24:07 -0800 (PST) Received: from mail.secureworks.net (mail.secureworks.net [209.101.212.155]) by mx1.FreeBSD.org (Postfix) with SMTP id E777243F75 for ; Tue, 11 Nov 2003 07:24:04 -0800 (PST) (envelope-from mdg@secureworks.net) Received: (qmail 53158 invoked from network); 11 Nov 2003 15:22:08 -0000 Received: from unknown (HELO HOST-192-168-10-225.internal.secureworks.net) (63.239.86.253) by mail.secureworks.net with SMTP; 11 Nov 2003 15:22:08 -0000 Message-Id: <20031111101948.Q24164@localhost> Date: Tue, 11 Nov 2003 10:24:03 -0500 (EST) From: Matthew George To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/59180: [NEW PORT] arpwatch-devel X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Nov 2003 15:30:26 -0000 >Number: 59180 >Category: ports >Synopsis: [NEW PORT] arpwatch-devel >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Tue Nov 11 07:30:20 PST 2003 >Closed-Date: >Last-Modified: >Originator: Matthew George >Release: FreeBSD 5.1-RELEASE i386 >Organization: SecureWorks >Environment: System: FreeBSD mdg.secureworks.net 5.1-RELEASE FreeBSD 5.1-RELEASE #2: Tue Jun 10 11:13:46 EDT 2003 mdg@mdg.secureworks.net:/usr/src/sys/i386/compile/GENERIC i386 >Description: New port, based on net/arpwatch. Submitted per krion, ref ports/57019 see http://www.secureworks.net/open/?p=ArpWatch for the docs from the original release of the patchset. >How-To-Repeat: >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # arpwatch-devel # arpwatch-devel/pkg-plist # arpwatch-devel/pkg-descr # arpwatch-devel/distinfo # arpwatch-devel/Makefile # arpwatch-devel/files # arpwatch-devel/files/patch-ab # arpwatch-devel/files/patch-aq # arpwatch-devel/files/patch-ap # arpwatch-devel/files/patch-ao # arpwatch-devel/files/patch-an # arpwatch-devel/files/patch-am # arpwatch-devel/files/patch-al # arpwatch-devel/files/patch-ak # arpwatch-devel/files/patch-aj # arpwatch-devel/files/patch-ai # arpwatch-devel/files/patch-ah # arpwatch-devel/files/patch-ag # arpwatch-devel/files/patch-af # arpwatch-devel/files/patch-ae # arpwatch-devel/files/patch-ad # arpwatch-devel/files/patch-ac # arpwatch-devel/files/arpwatch.sh # arpwatch-devel/files/patch-aa # echo c - arpwatch-devel mkdir -p arpwatch-devel > /dev/null 2>&1 echo x - arpwatch-devel/pkg-plist sed 's/^X//' >arpwatch-devel/pkg-plist << 'END-of-arpwatch-devel/pkg-plist' Xsbin/arpwatch Xsbin/arpsnmp Xarpwatch/arp2ethers Xarpwatch/ethercodes.dat Xarpwatch/d.awk Xarpwatch/e.awk Xarpwatch/p.awk Xetc/rc.d/arpwatch.sh.sample X@unexec test -f %D/arpwatch/arp.dat && test -s %D/arpwatch/arp.dat || rm -f %D/arpwatch/arp.dat X@unexec test -f %D/arpwatch/ether.dat && test -s %D/arpwatch/ether.dat || rm -f %D/arpwatch/ether.dat X@exec test -f %D/arpwatch/arp.dat || touch %D/arpwatch/arp.dat X@exec test -f %D/arpwatch/ether.dat || touch %D/arpwatch/ether.dat X@dirrm arpwatch END-of-arpwatch-devel/pkg-plist echo x - arpwatch-devel/pkg-descr sed 's/^X//' >arpwatch-devel/pkg-descr << 'END-of-arpwatch-devel/pkg-descr' X XThis is a development fork of arpwatch. This has been threaded in Xorder to better deal with the requirements of multi-interface Xrouters. Information regarding MAC addresses and interfaces is Xmaintained by the program, and an alert is issued should a device Xmove between interfaces. In addition, event processing has been Xrefactored, and some bugs have been fixed. X Xsee net/arpwatch/pkg-descr for more information about arpwatch 2.x X XMatthew George X END-of-arpwatch-devel/pkg-descr echo x - arpwatch-devel/distinfo sed 's/^X//' >arpwatch-devel/distinfo << 'END-of-arpwatch-devel/distinfo' XMD5 (arpwatch-2.1a11.tar.gz) = 9ecd00db892737431b0e524f3e52e19e END-of-arpwatch-devel/distinfo echo x - arpwatch-devel/Makefile sed 's/^X//' >arpwatch-devel/Makefile << 'END-of-arpwatch-devel/Makefile' X# New ports collection makefile for: arpwatch-devel X# Date created: 11 November 2003 X# Whom: Matthew George X# X# $FreeBSD$ X# X XPORTNAME= arpwatch-devel XPORTVERSION= 2.1.a11 XPORTREVISION= 1 XCATEGORIES= net XMASTER_SITES= http://www.Awfulhak.org/arpwatch/ \ X ftp://ftp.ee.lbl.gov/ XDISTNAME= arpwatch-2.1a11 X XMAINTAINER= mdg@secureworks.net XCOMMENT= Monitor arp & rarp requests X XGNU_CONFIGURE= yes XHAS_CONFIGURE= yes XCONFIGURE_ARGS= --quiet XINSTALL_TARGET= install install-man XMAN8= arpwatch.8 arpsnmp.8 X Xpost-install: X if [ ! -d ${PREFIX}/arpwatch ]; then \ X ${MKDIR} ${PREFIX}/arpwatch; \ X ${CHMOD} 755 ${PREFIX}/arpwatch; \ X ${CHOWN} root:operator ${PREFIX}/arpwatch; \ X fi X ${TOUCH} ${PREFIX}/arpwatch/arp.dat X ${CHMOD} 644 ${PREFIX}/arpwatch/arp.dat X ${TOUCH} ${PREFIX}/arpwatch/ether.dat X ${CHMOD} 644 ${PREFIX}/arpwatch/ether.dat X for file in ethercodes.dat d.awk e.awk p.awk; do \ X ${INSTALL_DATA} ${WRKSRC}/$$file ${PREFIX}/arpwatch/.; \ X done X ${INSTALL_SCRIPT} ${WRKSRC}/arp2ethers ${PREFIX}/arpwatch/. X ${INSTALL_SCRIPT} ${FILESDIR}/arpwatch.sh ${PREFIX}/etc/rc.d/arpwatch.sh.sample X X.include END-of-arpwatch-devel/Makefile echo c - arpwatch-devel/files mkdir -p arpwatch-devel/files > /dev/null 2>&1 echo x - arpwatch-devel/files/patch-ab sed 's/^X//' >arpwatch-devel/files/patch-ab << 'END-of-arpwatch-devel/files/patch-ab' X--- ../arpwatch.orig/arpsnmp.8 Sun Sep 17 16:34:48 2000 X+++ ./arpsnmp.8 Fri Sep 5 14:46:55 2003 X@@ -30,6 +30,9 @@ X ] [ X .B -f X .I datafile X+] [ X+.B -m X+.I email X ] X .I file X [ X@@ -54,6 +57,12 @@ X flag is used to set the ethernet/ip address database filename. X The default is X .IR arp.dat . X+.LP X+The X+.B -m X+flag specifies the address that will receive the emails. X+The default is X+.IR root . X .LP X Note that an empty X .I arp.dat END-of-arpwatch-devel/files/patch-ab echo x - arpwatch-devel/files/patch-aq sed 's/^X//' >arpwatch-devel/files/patch-aq << 'END-of-arpwatch-devel/files/patch-aq' X--- ../arpwatch.orig/util.h Sun Oct 6 06:22:14 1996 X+++ ./util.h Wed Sep 10 13:03:27 2003 X@@ -11,6 +11,9 @@ X extern char *arpfile; X extern char *oldarpfile; X extern char *ethercodes; X+extern char *etherfile; X+extern struct einfo einfo_table[]; X+extern int et_cnt; X X extern u_char zero[6]; X extern u_char allones[6]; END-of-arpwatch-devel/files/patch-aq echo x - arpwatch-devel/files/patch-ap sed 's/^X//' >arpwatch-devel/files/patch-ap << 'END-of-arpwatch-devel/files/patch-ap' X--- ../arpwatch.orig/util.c Fri Oct 13 18:49:03 2000 X+++ ./util.c Wed Sep 10 13:03:27 2003 X@@ -53,6 +53,7 @@ X X char *arpdir = ARPDIR; X char *arpfile = ARPFILE; X+char *etherfile = ETHERFILE; X char *ethercodes = ETHERCODES; X X /* Broadcast ethernet addresses */ X@@ -105,7 +106,7 @@ X dump(void) X { X register int fd; X- char oldarpfile[256], newarpfile[256]; X+ char oldarpfile[256], newarpfile[256], *oldetherfile, *newetherfile; X X (void)sprintf(oldarpfile, "%s-", arpfile); X (void)sprintf(newarpfile, "%s.new", arpfile); X@@ -130,6 +131,32 @@ X syslog(LOG_ERR, "rename %s -> %s: %m", newarpfile, arpfile); X return(0); X } X+ X+ /* ether info */ X+ (void)asprintf(&oldetherfile, "%s-", etherfile); X+ (void)asprintf(&newetherfile, "%s.new", etherfile); X+ X+ if ((fd = creat(newetherfile, 0644)) < 0) { X+ syslog(LOG_ERR, "creat(%s): %m", newetherfile); X+ return(0); X+ } X+ if ((dumpf = fdopen(fd, "w")) == NULL) { X+ syslog(LOG_ERR, "fdopen(%s): %m", newetherfile); X+ return(0); X+ } X+ X+ fwrite(einfo_table, sizeof(struct einfo), et_cnt, dumpf); X+ X+ (void)fclose(dumpf); X+ if (rename(etherfile, oldetherfile) < 0) { X+ syslog(LOG_ERR, "rename %s -> %s: %m", etherfile, oldetherfile); X+ return(0); X+ } X+ if (rename(newetherfile, etherfile) < 0) { X+ syslog(LOG_ERR, "rename %s -> %s: %m", newetherfile, etherfile); X+ return(0); X+ } X+ X return(1); X } X X@@ -138,7 +165,9 @@ X readdata(void) X { X register FILE *f; X+ char line[1024]; X X+ /* arp.dat */ X if ((f = fopen(arpfile, "r")) == NULL) { X syslog(LOG_ERR, "fopen(%s): %m", arpfile); X return(0); X@@ -147,6 +176,15 @@ X (void)fclose(f); X return(0); X } X+ (void)fclose(f); X+ X+ /* ether.dat */ X+ if ((f = fopen(etherfile, "r")) == NULL) { X+ syslog(LOG_ERR, "fopen(%s): %m", etherfile); X+ return(0); X+ } X+ X+ et_cnt = fread(einfo_table, sizeof(struct einfo), HASHSIZE, f); X (void)fclose(f); X X /* It's not fatal if we can't open the ethercodes file */ END-of-arpwatch-devel/files/patch-ap echo x - arpwatch-devel/files/patch-ao sed 's/^X//' >arpwatch-devel/files/patch-ao << 'END-of-arpwatch-devel/files/patch-ao' X--- ../arpwatch.orig/report.h Wed Jun 5 01:40:54 1996 X+++ ./report.h Mon Sep 15 15:03:20 2003 X@@ -1,3 +1,16 @@ X /* @(#) $Header: report.h,v 1.3 96/06/04 22:40:53 leres Exp $ (LBL) */ X X-void report(char *, u_int32_t, u_char *, u_char *, time_t *, time_t *); X+ X+typedef enum X+ { X+ ETHER_NEW=1, X+ ETHER_IFCHG=2, X+ ACTIVITY_NEW=4, X+ IP_NEW=8, X+ IP_ETHERCHG=16, X+ IP_ETHER_REUSE=32, X+ FLIPFLOP=64, X+ FLIPFLOP_DECNET=128 X+ } evt_type; X+ X+void report(evt_type, u_int32_t, u_char *, u_char *, time_t *, time_t *, char *, char *); END-of-arpwatch-devel/files/patch-ao echo x - arpwatch-devel/files/patch-an sed 's/^X//' >arpwatch-devel/files/patch-an << 'END-of-arpwatch-devel/files/patch-an' X--- ../arpwatch.orig/report.c Sat Sep 30 19:41:10 2000 X+++ ./report.c Fri Sep 12 18:57:04 2003 X@@ -45,6 +45,8 @@ X X #include X #include X+#include X+#include X #include X #include X #include X@@ -70,6 +72,8 @@ X X #define PLURAL(n) ((n) == 1 || (n) == -1 ? "" : "s") X X+extern char *Watcher; X+ X static int cdepth; /* number of outstanding children */ X X static char *fmtdate(time_t); X@@ -232,15 +236,16 @@ X } X X void X-report(register char *title, register u_int32_t a, register u_char *e1, X- register u_char *e2, register time_t *t1p, register time_t *t2p) X+report(evt_type event, register u_int32_t a, register u_char *e1, X+ register u_char *e2, register time_t *t1p, register time_t *t2p, X+ register char *interface, register char *old_interface) X { X register char *cp, *hn; X register int fd, pid; X register FILE *f; X char tempfile[64], cpu[64], os[64]; X char *fmt = "%20s: %s\n"; X- char *watcher = WATCHER; X+ char *watcher = Watcher ? Watcher : WATCHER; X char *watchee = WATCHEE; X char *sendmail = PATH_SENDMAIL; X char *unknown = ""; X@@ -251,9 +256,15 @@ X if (initializing) X return; X X+ /* these types are sent to syslog instead of reported on. X+ * only continue if there are other events as well X+ */ X+ if (event == NULL || (event & ~(IP_ETHER_REUSE | FLIPFLOP_DECNET) == 0)) X+ return; X+ X if (debug) { X if (debug > 1) { X- dosyslog(LOG_NOTICE, title, a, e1, e2); X+ dosyslog(LOG_NOTICE, "event", a, e1, e2); X return; X } X f = stdout; X@@ -270,7 +281,7 @@ X } X X /* Syslog this event too */ X- dosyslog(LOG_NOTICE, title, a, e1, e2); X+ dosyslog(LOG_NOTICE, "event", a, e1, e2); X X /* Update child depth */ X ++cdepth; X@@ -304,12 +315,31 @@ X (void)fprintf(f, "To: %s\n", watcher); X hn = gethname(a); X if (!isdigit(*hn)) X- (void)fprintf(f, "Subject: %s (%s)\n", title, hn); X+ (void)fprintf(f, "Subject: Arpwatch Event (%s)\n", hn); X else { X- (void)fprintf(f, "Subject: %s\n", title); X+ (void)fprintf(f, "Subject: Arpwatch Event\n"); X hn = unknown; X } X (void)putc('\n', f); X+ X+ if (event & ETHER_NEW) X+ (void)fprintf(f, fmt, "event", "new ethernet device"); X+ if (event & ETHER_IFCHG) X+ (void)fprintf(f, fmt, "event", "ethernet device changed interfaces"); X+ if (event & ACTIVITY_NEW) X+ (void)fprintf(f, fmt, "event", "new activity"); X+ if (event & IP_NEW) X+ (void)fprintf(f, fmt, "event", "new active IP address"); X+ if (event & IP_ETHERCHG) X+ (void)fprintf(f, fmt, "event", "IP changed ethernet address"); X+ if (event & FLIPFLOP) X+ (void)fprintf(f, fmt, "event", "flip flop"); X+ X+ (void)fprintf(f, fmt, "interface", interface); X+ X+ if (old_interface != NULL) X+ (void)fprintf(f, fmt, "old interface", old_interface); X+ X (void)fprintf(f, fmt, "hostname", hn); X (void)fprintf(f, fmt, "ip address", intoa(a)); X (void)fprintf(f, fmt, "ethernet address", e2str(e1)); X@@ -344,6 +374,25 @@ X exit(1); X } X /* XXX Need to freopen()? */ X+ X+ /* X+ * Open /dev/null as stdout and stderr so that sendmail 8.12.1 (and X+ * above ?) won't complain about missing file descriptors. X+ */ X+ if ((fd = open(_PATH_DEVNULL, O_RDWR)) == -1) { X+ syslog(LOG_ERR, "Cannot open %s: %m", _PATH_DEVNULL); X+ exit(1); X+ } X+ if (dup2(fd, STDOUT_FILENO) == -1) { X+ syslog(LOG_ERR, "Cannot dup2 %s to stdout: %m", _PATH_DEVNULL); X+ exit(1); X+ } X+ if (dup2(fd, STDERR_FILENO) == -1) { X+ syslog(LOG_ERR, "Cannot dup2 %s to stderr: %m", _PATH_DEVNULL); X+ exit(1); X+ } X+ close(fd); X+ X /* Always Deliver interactively (pause when child depth gets large) */ X execl(sendmail, "sendmail", "-odi", watcher, NULL); X syslog(LOG_ERR, "execl: %s: %m", sendmail); END-of-arpwatch-devel/files/patch-an echo x - arpwatch-devel/files/patch-am sed 's/^X//' >arpwatch-devel/files/patch-am << 'END-of-arpwatch-devel/files/patch-am' X--- ../arpwatch.orig/file.h Sun Jan 17 20:46:04 1999 X+++ ./file.h Fri Sep 12 17:01:42 2003 X@@ -1,5 +1,5 @@ X /* @(#) $Header: file.h,v 1.4 99/01/17 17:46:03 leres Exp $ (LBL) */ X X-typedef int (*file_process)(u_int32_t, u_char *, time_t, char *); X+typedef int (*file_process)(u_int32_t, u_char *, time_t, char *, char *); X X int file_loop(FILE *, file_process, const char *); END-of-arpwatch-devel/files/patch-am echo x - arpwatch-devel/files/patch-al sed 's/^X//' >arpwatch-devel/files/patch-al << 'END-of-arpwatch-devel/files/patch-al' X--- ../arpwatch.orig/file.c Fri Oct 13 18:29:43 2000 X+++ ./file.c Fri Sep 12 17:01:42 2003 X@@ -20,7 +20,7 @@ X */ X #ifndef lint X static const char rcsid[] = X- "@(#) $Id: file.c,v 1.25 2000/10/13 22:29:42 leres Exp $ (LBL)"; X+ "@(#) $Id: file.c,v 1.2 2003/09/12 21:01:42 mdg Exp $ (LBL)"; X #endif X X /* X@@ -130,7 +130,13 @@ X } X } X X- if (!(*fn)(a, e, t, h)) X+ /* NULL for the interface here is ok because we don't do X+ * anything in ent_add() for einfo when initializing, X+ * and the only time this code section is reached is X+ * during initialization (via readdata()). snmp_add() X+ * is irrelevant, as no ether tracking has been added to it. X+ */ X+ if (!(*fn)(a, e, t, h, NULL)) X return(0); X } X END-of-arpwatch-devel/files/patch-al echo x - arpwatch-devel/files/patch-ak sed 's/^X//' >arpwatch-devel/files/patch-ak << 'END-of-arpwatch-devel/files/patch-ak' X--- ethercodes.dat.orig Thu May 3 21:59:10 2001 X+++ ethercodes.dat Tue Nov 11 09:35:25 2003 X@@ -4419,7 +4419,7 @@ X 0:d0:b4 KATSUJIMA CO., LTD. X 0:d0:b5 DOTCOM X 0:d0:b6 CRESCENT NETWORKS, INC. X-0:d0:b7 INTEL CORPOTATION X+0:d0:b7 INTEL CORPORATION X 0:d0:b8 IOMEGA CORP. X 0:d0:b9 MICROTEK INTERNATIONAL, INC. X 0:d0:ba CISCO SYSTEMS, INC. X@@ -4964,3 +4964,5 @@ X c0:0:0 Western Digital (may be reversed 00 00 C0?) X e2:c:f Kingston Technologies X ec:10:0 Enance Source Co., Ltd. PC clones(?) X+0:bd:11 VMWare Inc X+0:bd:fb VMWare Inc END-of-arpwatch-devel/files/patch-ak echo x - arpwatch-devel/files/patch-aj sed 's/^X//' >arpwatch-devel/files/patch-aj << 'END-of-arpwatch-devel/files/patch-aj' X--- ../arpwatch.orig/db.h Wed Jun 5 01:39:30 1996 X+++ ./db.h Mon Sep 15 14:55:27 2003 X@@ -1,10 +1,21 @@ X /* @(#) $Header: db.h,v 1.8 96/06/04 22:39:29 leres Exp $ (LBL) */ X X+#define HASHSIZE (2 << 15) X+ X typedef void (*ent_process)(u_int32_t, u_char *, time_t, char *); X X #ifdef DEBUG X void debugdump(void); X #endif X-int ent_add(u_int32_t, u_char *, time_t, char *); X+int ent_add(u_int32_t, u_char *, time_t, char *, char *); X int ent_loop(ent_process); X void sorteinfo(void); X+ X+/* Ethernet info */ X+struct einfo { X+ u_char e[6]; /* ether address */ X+ char h[34]; /* simple hostname */ X+ time_t t; /* timestamp */ X+ char iface[10]; /* interface name */ X+}; X+ END-of-arpwatch-devel/files/patch-aj echo x - arpwatch-devel/files/patch-ai sed 's/^X//' >arpwatch-devel/files/patch-ai << 'END-of-arpwatch-devel/files/patch-ai' X--- ../arpwatch.orig/db.c Sat Sep 30 19:39:58 2000 X+++ ./db.c Mon Sep 15 13:17:07 2003 X@@ -41,6 +41,7 @@ X #include X #include X #include X+#include X X #include "gnuc.h" X #ifdef HAVE_OS_PROTO_H X@@ -54,18 +55,9 @@ X #include "report.h" X #include "util.h" X X-#define HASHSIZE (2 << 15) X- X #define NEWACTIVITY_DELTA (6*30*24*60*60) /* 6 months in seconds */ X #define FLIPFLIP_DELTA (24*60*60) /* 24 hours in seconds */ X X-/* Ethernet info */ X-struct einfo { X- u_char e[6]; /* ether address */ X- char h[34]; /* simple hostname */ X- time_t t; /* timestamp */ X-}; X- X /* Address info */ X struct ainfo { X u_int32_t a; /* ip address */ X@@ -78,22 +70,69 @@ X /* Address hash table */ X static struct ainfo ainfo_table[HASHSIZE]; X X+ X+/* Ethernet hash table */ X+struct einfo einfo_table[HASHSIZE]; X+int et_cnt = 0; X+ X static void alist_alloc(struct ainfo *); X int cmpeinfo(const void *, const void *); X-static struct einfo *elist_alloc(u_int32_t, u_char *, time_t, char *); X+static struct einfo *elist_alloc(u_int32_t, u_char *, time_t, char *, char *); X static struct ainfo *ainfo_find(u_int32_t); X+static struct einfo *einfo_find(u_char *); X static void check_hname(struct ainfo *); X struct ainfo *newainfo(void); X X+pthread_mutex_t mtx_einfo, mtx_ainfo; X+ X int X-ent_add(register u_int32_t a, register u_char *e, time_t t, register char *h) X+ent_add(register u_int32_t a, register u_char *e, time_t t, register char *h, register char *interface) X { X register struct ainfo *ap; X- register struct einfo *ep; X+ struct einfo *ep; X register int i; X register u_int len; X u_char *e2; X time_t t2; X+ register evt_type event = NULL; X+ char *if2 = NULL; X+ X+ pthread_mutex_lock(&mtx_einfo); X+ X+ /* Lookup ethernet address */ X+ ep = einfo_find(e); X+ X+ /* New einfo? (elist_alloc makes 16 at a time -- no thanks) */ X+ if (ep == NULL && ! initializing) { X+ if (et_cnt >= HASHSIZE) { X+ syslog(LOG_ERR, "ERROR: einfo_table too big"); X+ } else { X+ ep = &einfo_table[et_cnt++]; X+ BCOPY(e, ep->e, sizeof(ep->e)); X+ if (h == NULL) X+ h = getsname(a); X+ if (h != NULL && !isdigit((int)*h)) X+ strncpy(ep->h, h, sizeof(ep->h)); X+ ep->t = t; X+ strncpy(ep->iface, interface, sizeof(ep->iface)); X+ event |= ETHER_NEW; X+ e2 = NULL; X+ t2 = NULL; X+ } X+ } else if (! initializing) { X+ if (strncmp(ep->iface, interface, sizeof(ep->iface)) != 0) { X+ event |= ETHER_IFCHG; X+ asprintf(&if2, "%s", ep->iface); X+ memset((char *)ep->iface, 0, sizeof(ep->iface)); X+ BCOPY(interface, ep->iface, sizeof(ep->iface)); X+ e2 = NULL; X+ t2 = ep->t; X+ ep->t = t; X+ } X+ } X+ X+ pthread_mutex_unlock(&mtx_einfo); X+ pthread_mutex_lock(&mtx_ainfo); X X /* Lookup ip address */ X ap = ainfo_find(a); X@@ -101,28 +140,30 @@ X /* Check for the usual case first */ X if (ap->ecount > 0) { X ep = ap->elist[0]; X- if (MEMCMP(e, ep->e, 6) == 0) { X+ if (MEMCMP(e, ep->e, sizeof(ep->e)) == 0) { X if (t - ep->t > NEWACTIVITY_DELTA) { X- report("new activity", a, e, NULL, &t, &ep->t); X+ event |= ACTIVITY_NEW; X+ e2 = NULL; X+ t2 = ep->t; X check_hname(ap); X } X ep->t = t; X- return (1); X } X } X X /* Check for a virgin ainfo record */ X if (ap->ecount == 0) { X ap->ecount = 1; X- ap->elist[0] = elist_alloc(a, e, t, h); X- report("new station", a, e, NULL, &t, NULL); X- return (1); X+ ap->elist[0] = elist_alloc(a, e, t, h, interface); X+ event |= IP_NEW; X+ e2 = NULL; X+ t2 = NULL; X } X X /* Check for a flip-flop */ X if (ap->ecount > 1) { X ep = ap->elist[1]; X- if (MEMCMP(e, ep->e, 6) == 0) { X+ if (MEMCMP(e, ep->e, sizeof(ep->e)) == 0) { X /* X * Suppress report when less than X * FLIPFLOP_DELTA and one of the two ethernet X@@ -131,48 +172,76 @@ X t2 = ap->elist[0]->t; X e2 = ap->elist[0]->e; X if (t - t2 < FLIPFLIP_DELTA && X- (isdecnet(e) || isdecnet(e2))) X+ (isdecnet(e) || isdecnet(e2))) { X dosyslog(LOG_INFO, X "suppressed DECnet flip flop", a, e, e2); X- else X- report("flip flop", a, e, e2, &t, &t2); X+ event |= FLIPFLOP_DECNET; X+ } else { X+ event |= FLIPFLOP; X+ } X+ X ap->elist[1] = ap->elist[0]; X ap->elist[0] = ep; X ep->t = t; X check_hname(ap); X- return (1); X } X } X X for (i = 2; i < ap->ecount; ++i) { X ep = ap->elist[i]; X- if (MEMCMP(e, ep->e, 6) == 0) { X+ if (MEMCMP(e, ep->e, sizeof(ep->e)) == 0) { X /* An old entry comes to life */ X e2 = ap->elist[0]->e; X t2 = ap->elist[0]->t; X dosyslog(LOG_NOTICE, "reused old ethernet address", X a, e, e2); X+ event |= IP_ETHER_REUSE; X /* Shift entries down */ X len = i * sizeof(ap->elist[0]); X BCOPY(&ap->elist[0], &ap->elist[1], len); X ap->elist[0] = ep; X ep->t = t; X check_hname(ap); X- return (1); X } X } X X- /* New ether address */ X- e2 = ap->elist[0]->e; X- t2 = ap->elist[0]->t; X- report("changed ethernet address", a, e, e2, &t, &t2); X- /* Make room at head of list */ X- alist_alloc(ap); X- len = ap->ecount * sizeof(ap->elist[0]); X- BCOPY(&ap->elist[0], &ap->elist[1], len); X- ap->elist[0] = elist_alloc(a, e, t, h); X- ++ap->ecount; X- return (1); X+ /* as originally written, any of these conditions would cause this X+ * block never to be reached. ETHER_NEW and ETHER_IFCHG have been added to that list. X+ */ X+ if (event & ~(ACTIVITY_NEW | IP_NEW | FLIPFLOP | FLIPFLOP_DECNET | IP_ETHER_REUSE | ETHER_NEW | ETHER_IFCHG)) { X+ /* New ether address */ X+ e2 = ap->elist[0]->e; X+ t2 = ap->elist[0]->t; X+ event |= IP_ETHERCHG; X+ /* Make room at head of list */ X+ alist_alloc(ap); X+ len = ap->ecount * sizeof(ap->elist[0]); X+ BCOPY(&ap->elist[0], &ap->elist[1], len); X+ ap->elist[0] = elist_alloc(a, e, t, h, interface); X+ ++ap->ecount; X+ } X+ X+ pthread_mutex_unlock(&mtx_ainfo); X+ X+ report(event, a, e, e2, &t, &t2, interface, if2); X+ X+ if (if2 != NULL) X+ free(if2); X+ X+ return(1); X+} X+ X+static struct einfo * X+einfo_find(register u_char *e) X+{ X+ register int i; X+ X+ for (i=0; i < et_cnt; i++) { X+ if (MEMCMP(einfo_table[i].e, e, sizeof(einfo_table[i].e)) == 0) X+ return(&einfo_table[i]); X+ } X+ X+ return(NULL); X } X X static struct ainfo * X@@ -259,7 +328,7 @@ X /* Allocate and initialize a elist struct */ X static struct einfo * X elist_alloc(register u_int32_t a, register u_char *e, register time_t t, X- register char *h) X+ register char *h, register char *interface) X { X register struct einfo *ep; X register u_int size; X@@ -280,12 +349,16 @@ X X ep = elist++; X --eleft; X- BCOPY(e, ep->e, 6); X+ BCOPY(e, ep->e, sizeof(ep->e)); X if (h == NULL && !initializing) X h = getsname(a); X if (h != NULL && !isdigit((int)*h)) X- strcpy(ep->h, h); X+ strncpy(ep->h, h, sizeof(ep->h)); X ep->t = t; X+ X+ if (interface != NULL) X+ strncpy(ep->iface, interface, sizeof(ep->iface)); X+ X return (ep); X } X X@@ -304,7 +377,7 @@ X if (!isdigit((int)*h) && strcmp(h, ep->h) != 0) { X syslog(LOG_INFO, "hostname changed %s %s %s -> %s", X intoa(ap->a), e2str(ep->e), ep->h, h); X- strcpy(ep->h, h); X+ strncpy(ep->h, h, sizeof(ep->h)); X } X } X END-of-arpwatch-devel/files/patch-ai echo x - arpwatch-devel/files/patch-ah sed 's/^X//' >arpwatch-devel/files/patch-ah << 'END-of-arpwatch-devel/files/patch-ah' X--- ../arpwatch.orig/configure Wed May 16 14:26:11 2001 X+++ ./configure Wed Sep 10 13:08:05 2003 X@@ -649,7 +649,7 @@ X : X fi X X- V_CCOPT="-O" X+# V_CCOPT="-O" X V_INCLS="" X if test "${srcdir}" != "." ; then X V_INCLS="-I\$\(srcdir\)" X@@ -2496,7 +2496,7 @@ X fi X V_CCOPT="$V_CCOPT -Wall" X if test $ac_cv_lbl_gcc_vers -gt 1 ; then X- V_CCOPT="$V_CCOPT -Wmissing-prototypes -Wstrict-prototypes" X+# V_CCOPT="$V_CCOPT -Wmissing-prototypes -Wstrict-prototypes" X fi X fi X else X@@ -3075,6 +3075,11 @@ X if test ! -f arp.dat ; then X echo 'creating empty arp.dat file' X touch arp.dat X+fi X+ X+if test ! -f ether.dat ; then X+ echo 'creating empty ether.dat file' X+ touch ether.dat X fi X X if test -f .devel ; then END-of-arpwatch-devel/files/patch-ah echo x - arpwatch-devel/files/patch-ag sed 's/^X//' >arpwatch-devel/files/patch-ag << 'END-of-arpwatch-devel/files/patch-ag' X--- ../arpwatch.orig/configure.in Sat Oct 14 14:19:10 2000 X+++ ./configure.in Wed Sep 10 13:08:05 2003 X@@ -170,6 +170,11 @@ X if test ! -f arp.dat ; then X echo 'creating empty arp.dat file' X touch arp.dat X+fi X+ X+if test ! -f ether.dat ; then X+ echo 'creating empty ether.dat file' X+ touch ether.dat X fi X X if test -f .devel ; then END-of-arpwatch-devel/files/patch-ag echo x - arpwatch-devel/files/patch-af sed 's/^X//' >arpwatch-devel/files/patch-af << 'END-of-arpwatch-devel/files/patch-af' X--- ../arpwatch-2.1a11/arpwatch.h Sat Sep 30 19:40:55 2000 X+++ ./arpwatch.h Fri Sep 12 17:01:42 2003 X@@ -1,6 +1,7 @@ X /* @(#) $Id: arpwatch.h,v 1.29 2000/09/30 23:40:49 leres Exp $ (LBL) */ X X #define ARPFILE "arp.dat" X+#define ETHERFILE "ether.dat" X #define ETHERCODES "ethercodes.dat" X #define CHECKPOINT (15*60) /* Checkpoint time in seconds */ X X@@ -40,3 +41,5 @@ X #define SPA(ap) ((ap)->arp_spa) X #define TPA(ap) ((ap)->arp_tpa) X #endif X+ X+int pcap_thread(char *); END-of-arpwatch-devel/files/patch-af echo x - arpwatch-devel/files/patch-ae sed 's/^X//' >arpwatch-devel/files/patch-ae << 'END-of-arpwatch-devel/files/patch-ae' X--- ../arpwatch.orig/arpwatch.c Fri Oct 13 22:07:35 2000 X+++ ./arpwatch.c Mon Sep 15 14:45:56 2003 X@@ -36,6 +36,7 @@ X #include X #include X #include X+#include X X #if __STDC__ X struct mbuf; X@@ -107,6 +108,8 @@ X X char *prog; X X+char *Watcher = NULL; X+ X int can_checkpoint; X int swapped; X int nobogons; X@@ -123,6 +126,14 @@ X static int nets_ind; X static int nets_size; X X+struct aw_threads { X+ char *interface; X+ pthread_t thread; X+}; X+ X+struct aw_threads *threads = NULL; X+extern pthread_mutex_t mtx_einfo, mtx_ainfo; X+ X extern int optind; X extern int opterr; X extern char *optarg; X@@ -145,14 +156,14 @@ X main(int argc, char **argv) X { X register char *cp; X- register int op, pid, snaplen, timeout, linktype, status; X+ register int op, pid, if_cnt, i; X #ifdef TIOCNOTTY X register int fd; X #endif X- register pcap_t *pd; X- register char *interface, *rfilename; X- struct bpf_program code; X+ register char *rfilename; X char errbuf[PCAP_ERRBUF_SIZE]; X+ pcap_if_t *adp, *alldevsp = NULL; X+ char *interface = NULL; X X if (argv[0] == NULL) X prog = "arpwatch"; X@@ -167,10 +178,8 @@ X } X X opterr = 0; X- interface = NULL; X rfilename = NULL; X- pd = NULL; X- while ((op = getopt(argc, argv, "df:i:n:Nr:")) != EOF) X+ while ((op = getopt(argc, argv, "de:f:i:m:n:Nr:")) != EOF) X switch (op) { X X case 'd': X@@ -181,6 +190,10 @@ X #endif X break; X X+ case 'e': X+ etherfile = optarg; X+ break; X+ X case 'f': X arpfile = optarg; X break; X@@ -202,6 +215,10 @@ X rfilename = optarg; X break; X X+ case 'm': X+ Watcher = optarg; X+ break; X+ X default: X usage(); X } X@@ -213,19 +230,23 @@ X net = 0; X netmask = 0; X } else { X- /* Determine interface if not specified */ X- if (interface == NULL && X- (interface = pcap_lookupdev(errbuf)) == NULL) { X- (void)fprintf(stderr, "%s: lookup_device: %s\n", X- prog, errbuf); X- exit(1); X- } X+ /* if not specified, do all non loopback interfaces */ X+ if (interface == NULL) { X X- /* Determine network and netmask */ X- if (pcap_lookupnet(interface, &net, &netmask, errbuf) < 0) { X- (void)fprintf(stderr, "%s: bad interface %s: %s\n", X- prog, interface, errbuf); X- exit(1); X+ pcap_findalldevs(&alldevsp, errbuf); X+ if (alldevsp == NULL) { X+ (void)fprintf(stderr, "no suitable interfaces\n"); X+ exit(1); X+ } X+ X+ if_cnt = 0; X+ for(adp = alldevsp; adp != NULL; adp = adp->next) { X+ if (adp->flags != PCAP_IF_LOOPBACK) X+ ++if_cnt; X+ } X+ X+ } else { X+ if_cnt = 1; X } X X /* Drop into the background if not debugging */ X@@ -251,12 +272,82 @@ X } X } X X- openlog(prog, 0, LOG_DAEMON); X+ if (debug) X+ openlog(prog, LOG_PERROR, LOG_DAEMON); X+ else X+ openlog(prog, 0, LOG_DAEMON); X X if (chdir(arpdir) < 0) { X syslog(LOG_ERR, "chdir(%s): %m", arpdir); X syslog(LOG_ERR, "(using current working directory)"); X } X+ /* Read in database */ X+ initializing = 1; X+ if (!readdata()) X+ exit(1); X+ sorteinfo(); X+#ifdef DEBUG X+ if (debug > 2) { X+ debugdump(); X+ exit(0); X+ } X+#endif X+ initializing = 0; X+ X+ (void)setsignal(SIGINT, die); X+ (void)setsignal(SIGTERM, die); X+ (void)setsignal(SIGHUP, die); X+ if (rfilename == NULL) { X+ (void)setsignal(SIGQUIT, checkpoint); X+ (void)setsignal(SIGALRM, checkpoint); X+ (void)alarm(CHECKPOINT); X+ } X+ X+ threads = (struct aw_threads *) malloc(sizeof(struct aw_threads) * (if_cnt + 1)); X+ memset((char *)threads, 0, sizeof(*threads) * (if_cnt + 1)); X+ pthread_mutex_init(&mtx_einfo, NULL); X+ pthread_mutex_init(&mtx_ainfo, NULL); X+ X+ if (interface != NULL) X+ { X+ threads[0].interface = interface; X+ pthread_create(&threads[0].thread, NULL, (void *)pcap_thread, interface); X+ } X+ else X+ { X+ i = 0; X+ X+ for (adp = alldevsp; adp != NULL; adp = adp->next) X+ if (adp->flags != PCAP_IF_LOOPBACK) X+ { X+ threads[i].interface = adp->name; X+ pthread_create(&threads[i++].thread, NULL, (void *)pcap_thread, adp->name); X+ } X+ } X+ X+ for (i=0; i < if_cnt; i++) X+ pthread_join(threads[i].thread, NULL); X+ X+ if (!dump()) X+ exit(1); X+ exit(0); X+} X+ X+int X+pcap_thread(char *interface) X+{ X+ register char *rfilename = NULL; X+ char errbuf[PCAP_ERRBUF_SIZE]; X+ register pcap_t *pd = NULL; X+ register int snaplen, timeout, linktype, status; X+ struct bpf_program code; X+ X+ /* Determine network and netmask */ X+ if (pcap_lookupnet(interface, &net, &netmask, errbuf) < 0) { X+ (void)fprintf(stderr, "%s: bad interface %s: %s\n", X+ prog, interface, errbuf); X+ return(1); X+ } X X if (rfilename != NULL) { X pd = pcap_open_offline(rfilename, errbuf); X@@ -306,27 +397,7 @@ X if (rfilename == NULL) X syslog(LOG_INFO, "listening on %s", interface); X X- /* Read in database */ X- initializing = 1; X- if (!readdata()) X- exit(1); X- sorteinfo(); X-#ifdef DEBUG X- if (debug > 2) { X- debugdump(); X- exit(0); X- } X-#endif X- initializing = 0; X X- (void)setsignal(SIGINT, die); X- (void)setsignal(SIGTERM, die); X- (void)setsignal(SIGHUP, die); X- if (rfilename == NULL) { X- (void)setsignal(SIGQUIT, checkpoint); X- (void)setsignal(SIGALRM, checkpoint); X- (void)alarm(CHECKPOINT); X- } X X switch (linktype) { X X@@ -347,9 +418,7 @@ X exit(1); X } X pcap_close(pd); X- if (!dump()) X- exit(1); X- exit(0); X+ return(0); X } X X /* Process an ethernet arp/rarp packet */ X@@ -362,6 +431,8 @@ X register u_char *sea, *sha; X register time_t t; X u_int32_t sia; X+ register pthread_t thread_self = NULL; X+ register struct aw_threads *atp = threads; X X eh = (struct ether_header *)p; X ea = (struct ether_arp *)(eh + 1); X@@ -400,9 +471,16 @@ X /* Got a live one */ X t = h->ts.tv_sec; X can_checkpoint = 0; X- if (!ent_add(sia, sea, t, NULL)) X+ thread_self = pthread_self(); X+ X+ for (atp = threads; atp != NULL; atp++) X+ if (pthread_equal(atp->thread, thread_self)) X+ break; X+ X+ if (!ent_add(sia, sea, t, NULL, atp->interface)) X syslog(LOG_ERR, "ent_add(%s, %s, %ld) failed", X intoa(sia), e2str(sea), t); X+ X can_checkpoint = 1; X } X X@@ -507,6 +585,8 @@ X register u_char *sea, *sha; X register time_t t; X u_int32_t sia; X+ register pthread_t thread_self = NULL; X+ register struct aw_threads *atp = threads; X X fh = (struct fddi_header *)p; X ea = (struct ether_arp *)(fh + 1); X@@ -549,7 +629,13 @@ X /* Got a live one */ X t = h->ts.tv_sec; X can_checkpoint = 0; X- if (!ent_add(sia, sea, t, NULL)) X+ thread_self = pthread_self(); X+ X+ for (atp = threads; atp != NULL; atp++) X+ if (atp->thread == thread_self) X+ break; X+ X+ if (!ent_add(sia, sea, t, NULL, atp->interface)) X syslog(LOG_ERR, "ent_add(%s, %s, %ld) failed", X intoa(sia), e2str(sea), t); X can_checkpoint = 1; X@@ -750,7 +836,7 @@ X extern char version[]; X X (void)fprintf(stderr, "Version %s\n", version); X- (void)fprintf(stderr, "usage: %s [-dN] [-f datafile] [-i interface]" X- " [-n net[/width]] [-r file]\n", prog); X+ (void)fprintf(stderr, "usage: %s [-dN] [-f arpfile] [-e etherfile] [-i interface]" X+ " [-m email] [-n net[/width]] [-r file]\n", prog); X exit(1); X } END-of-arpwatch-devel/files/patch-ae echo x - arpwatch-devel/files/patch-ad sed 's/^X//' >arpwatch-devel/files/patch-ad << 'END-of-arpwatch-devel/files/patch-ad' X--- ../arpwatch-2.1a11/arpwatch.8 Sun Oct 8 16:31:28 2000 X+++ ./arpwatch.8 Mon Sep 15 17:30:45 2003 X@@ -30,7 +30,10 @@ X .B -dN X ] [ X .B -f X-.I datafile X+.I arpfile X+] [ X+.B -e X+.I etherfile X ] [ X .B -i X .I interface X@@ -38,6 +41,9 @@ X .br X .ti +8 X [ X+.B -m X+.I email X+] [ X .B -n X .IR net [/ width X ]] [ X@@ -67,8 +73,24 @@ X .IR arp.dat . X .LP X The X+.B -e X+flag is used to set the ethernet/interface database filename. X+The default is X+.IR ether.dat . X+.LP X+The X+.B -i X+flag is used to specify a single interface. By default, X+.B arpwatch X+will listen to all non-loopback interfaces. Using more than one X .B -i X-flag is used to override the default interface. X+option on the same command line is not supported. X+.LP X+The X+.B -m X+flag specifies the address that will receive the emails. X+The default is X+.IR root . X .LP X The X .B -n X@@ -81,6 +103,8 @@ X The X .B -N X flag disables reporting any bogons. X+It is highly recommended that this flag be used on machines with X+multiple interfaces. X .LP X The X .B -r X@@ -96,6 +120,8 @@ X .LP X Note that an empty X .I arp.dat X+and X+.I ether.dat X file must be created before the first time you run X .BR arpwatch . X .LP X@@ -105,12 +131,19 @@ X (and X .BR arpsnmp (1)): X .TP X+.B "new ethernet device" X+The ethernet address has not been seen before. X+.TP X+.B "ethernet device changed interfaces" X+An ethernet address associated with one interface has moved to a X+different interface. X+.TP X .B "new activity" X This ethernet/ip address pair has been used for the first time six X months or more. X .TP X-.B "new station" X-The ethernet address has not been seen before. X+.B "new active IP address" X+The IP address has not been seen before. X .TP X .B "flip flop" X The ethernet address has changed from the most recently seen address to X@@ -152,8 +185,9 @@ X .na X .nh X .nf X-/usr/operator/arpwatch - default directory X+/usr/local/arpwatch - default directory X arp.dat - ethernet/ip address database X+ether.dat - ethernet/interface address database X ethercodes.dat - vendor ethernet block list X .ad X .hy END-of-arpwatch-devel/files/patch-ad echo x - arpwatch-devel/files/patch-ac sed 's/^X//' >arpwatch-devel/files/patch-ac << 'END-of-arpwatch-devel/files/patch-ac' X--- ../arpwatch.orig/arpsnmp.c Sun Jan 17 20:47:40 1999 X+++ ./arpsnmp.c Mon Sep 15 14:31:33 2003 X@@ -63,14 +63,17 @@ X /* Forwards */ X int main(int, char **); X int readsnmp(char *); X-int snmp_add(u_int32_t, u_char *, time_t, char *); X+int snmp_add(u_int32_t, u_char *, time_t, char *, char *); X __dead void usage(void) __attribute__((volatile)); X X char *prog; X X+char *Watcher; X+ X extern int optind; X extern int opterr; X extern char *optarg; X+char *interface = NULL; X X int X main(int argc, char **argv) X@@ -90,7 +93,7 @@ X } X X opterr = 0; X- while ((op = getopt(argc, argv, "df:")) != EOF) X+ while ((op = getopt(argc, argv, "df:m:")) != EOF) X switch (op) { X X case 'd': X@@ -105,6 +108,10 @@ X arpfile = optarg; X break; X X+ case 'm': X+ Watcher = optarg; X+ break; X+ X default: X usage(); X } X@@ -138,7 +145,7 @@ X static time_t now; X X int X-snmp_add(register u_int32_t a, register u_char *e, time_t t, register char *h) X+snmp_add(register u_int32_t a, register u_char *e, time_t t, register char *h, register char *i) X { X /* Watch for ethernet broadcast */ X if (MEMCMP(e, zero, 6) == 0 || MEMCMP(e, allones, 6) == 0) { X@@ -153,7 +160,7 @@ X } X X /* Use current time (although it would be nice to subtract idle time) */ X- return (ent_add(a, e, now, h)); X+ return (ent_add(a, e, now, h, interface)); X } X X /* Process an snmp file */ X@@ -184,6 +191,6 @@ X X (void)fprintf(stderr, "Version %s\n", version); X (void)fprintf(stderr, X- "usage: %s [-d] [-f datafile] file [...]\n", prog); X+ "usage: %s [-d] [-f datafile] [-m email] file [...]\n", prog); X exit(1); X } END-of-arpwatch-devel/files/patch-ac echo x - arpwatch-devel/files/arpwatch.sh sed 's/^X//' >arpwatch-devel/files/arpwatch.sh << 'END-of-arpwatch-devel/files/arpwatch.sh' X#!/bin/sh X Xif [ -r /etc/defaults/rc.conf ]; then X . /etc/defaults/rc.conf X source_rc_confs Xelif [ -r /etc/rc.conf ]; then X . /etc/rc.conf Xfi X Xprog=$(realpath $0) || exit 1 Xdir=${prog%/*} XPREFIX=${dir%/etc/rc.d} X Xif [ ."$dir" = ."$prog" -o ."$PREFIX" = ."$dir" ] Xthen X echo "$0: Cannot determine the PREFIX" >&2 X exit 1 Xfi X Xcase $1 in Xstart) X if [ ! -e "$PREFIX"/arpwatch/arp.dat ]; then X if [ -e "$PREFIX"/arpwatch/arp.dat- ]; then X cp "$PREFIX"/arpwatch/arp.dat- "$PREFIX"/arpwatch/arp.dat X else X touch "$PREFIX"/arpwatch/arp.dat X fi X fi X X if [ ! -e "$PREFIX"/arpwatch/ether.dat ]; then X if [ -e "$PREFIX"/arpwatch/ether.dat- ]; then X cp "$PREFIX"/arpwatch/ether.dat- "$PREFIX"/arpwatch/ether.dat X else X touch "$PREFIX"/arpwatch/ether.dat X fi X fi X X case ${arpwatch_interfaces} in X '') X if [ -x "$PREFIX"/sbin/arpwatch -a -d "$PREFIX"/arpwatch ]; then X "$PREFIX"/sbin/arpwatch ${arpwatch_flags} && echo -n ' arpwatch' X fi X ;; X *) X for interface in ${arpwatch_interfaces}; do X "$PREFIX"/sbin/arpwatch -i "${interface}" && echo -n " arpwatch(${interface})" X done X ;; X esac X ;; Xstop) X killall arpwatch && echo -n ' arpwatch' X ;; X*) X echo "Usage: `basename $0` {start|stop}" >&2 X exit 64 X ;; Xesac X Xexit 0 END-of-arpwatch-devel/files/arpwatch.sh echo x - arpwatch-devel/files/patch-aa sed 's/^X//' >arpwatch-devel/files/patch-aa << 'END-of-arpwatch-devel/files/patch-aa' X--- ../arpwatch.orig/Makefile.in Wed Jun 14 20:39:55 2000 X+++ ./Makefile.in Mon Sep 15 14:31:33 2003 X@@ -45,7 +45,7 @@ X PROG = arpwatch X CCOPT = @V_CCOPT@ X INCLS = -I. @V_INCLS@ X-DEFS = -DDEBUG @DEFS@ -DARPDIR=\"$(ARPDIR)\" -DPATH_SENDMAIL=\"$(SENDMAIL)\" X+DEFS = @DEFS@ -pthread -DARPDIR=\"$(ARPDIR)\" -DPATH_SENDMAIL=\"$(SENDMAIL)\" X X # Standard CFLAGS X CFLAGS = $(CCOPT) $(DEFS) $(INCLS) X@@ -110,8 +110,8 @@ X $(CC) $(CFLAGS) -o $@ zap.o intoa.o -lutil X X install: force X- $(INSTALL) -m 555 -o bin -g bin arpwatch $(DESTDIR)$(BINDEST) X- $(INSTALL) -m 555 -o bin -g bin arpsnmp $(DESTDIR)$(BINDEST) X+ $(INSTALL) -s -m 555 -o bin -g bin arpwatch $(DESTDIR)$(BINDEST) X+ $(INSTALL) -s -m 555 -o bin -g bin arpsnmp $(DESTDIR)$(BINDEST) X X install-man: force X $(INSTALL) -m 444 -o bin -g bin $(srcdir)/arpwatch.8 \ END-of-arpwatch-devel/files/patch-aa exit -- Matthew George SecureWorks Technical Operations >Release-Note: >Audit-Trail: >Unformatted: