arpwatch-ng - Replacement for the original arpwatch
ChangeLog
| Web site: | http://freequaos.host.sk/arpwatch/ |
HOWTO
# arpwatch NG 1.7
# ===============
# This is a fork of the original arpwatch which has not been actively
# developed for a long time.
# Prerequisites:
# libpcap
# sendmail
cd
test -f installed/arpwatch-NG1.7.tar.bz2 &&
mv installed/arpwatch-NG1.7.tar.bz2 .
test ! -f arpwatch-NG1.7.tar.bz2 &&
wget http://freequaos.host.sk/arpwatch/arpwatch-NG1.7.tar.bz2
mkdir -p -m 0700 src
cd src
find -maxdepth 1 -type d -name "arpwatch-?.*" -exec rm -r {} \;
find -maxdepth 1 -type d -name "arpwatch-NG*" -exec rm -r {} \;
tar xjvf ~/arpwatch-NG1.7.tar.bz2
cd arpwatch-NG1.7
test $UID = 0 && chown -R root:root .
# If you copy arpwatch from a machine with sendmail in one place
# (/usr/bin/sendmail, /usr/lib/sendmail) but machine #2 has it in
# another place (/usr/sbin/sendmail), rebuild arpwatch on the new
# machine or create a symlink for sendmail.
./configure
# If you want the e-mails to go to an e-mail address other than root,
# like an arpwatch alias that goes to multiple people, open up addresses.h
# and change it in there. You can also pass the -t option to arpwatch.
# By default, the e-mails come from 'arpwatch' and go to 'root'. If you
# don't change it and one ever bounces, it will go back to 'arpwatch', so
# create an alias from arpwatch to a valid recipient.
# Build it
make
# Become root to install it
su
# If you have the original version of arpwatch installed, this will remove
# it - as it was installed by my howto for it anyway...
killall arpwatch arpsnmp
sleep 2
killall -9 arpwatch arpsnmp > /dev/null 2>&1
rm -f /etc/rc.d/rc.arpwatch
test -d /usr/local/arpwatch && rm -r /usr/local/arpwatch
( cd /usr/local/sbin ; rm -f arpsnmp arpwatch )
( cd /usr/local/man/man8 ; rm -f arpsnmp.8 arpwatch.8 )
# Install the new one
make install
# If you ever want to update /usr/local/share/arpwatch/ethercodes.dat, you
# can use http://standards.ieee.org/regauth/oui/oui.txt with
# ./massagevendor, or nmap's nmap-mac-prefixes (in it's source directory
# or usually as /usr/share/nmap/nmap-mac-prefixes) with
# ./convert_ether_nmap.pl
# Here is my rc.arpwatch-NG init script. Open it up for options.
cd /etc/rc.d
test -f rc.arpwatch-NG &&
mv -f rc.arpwatch-NG rc.arpwatch-NG.old &&
chmod 600 rc.arpwatch-NG.old
wget http://englanders.us/pub/linux/misc/rc.arpwatch-NG
test -s ./rc.arpwatch-NG && chmod 700 ./rc.arpwatch-NG
## Add something like this to /etc/rc.d/rc.local to start rc.arpwatch-NG:
# if [ -x /etc/rc.d/rc.arpwatch-NG ]; then
# /etc/rc.d/rc.arpwatch-NG start
# fi
# Read 'man arpwatch' for more info about running arpwatch-NG
# If you run arpwatch with the -u option, create that user:
id arpwatch > /dev/null 2>&1 ||
useradd -d /usr/local/var/lib/arpwatch -s '' -g root arpwatch
# Become yourself again
exit
cd
mkdir -p -m 0700 installed
rm -f installed/arpwatch-*.tar.* installed/arpwatch-NG*.tar.*
mv arpwatch-NG1.7.tar.bz2 installed/
# If you ever want to uninstall arpwatch-NG (and/or arpwatch), this should
# do it:
su
killall arpwatch arpsnmp
sleep 2
killall -9 arpwatch arpsnmp > /dev/null 2>&1
( cd /etc/rc.d ; rm -f rc.arpwatch rc.arpwatch-NG )
test -d /usr/local/arpwatch && rm -r /usr/local/arpwatch
( cd /usr/local/man/man8 ; rm -f arpsnmp.8 arpwatch.8 )
( cd /usr/local/sbin ; rm -f arpsnmp arpwatch )
test -d /usr/local/share/arpwatch && rm -r /usr/local/share/arpwatch
test -d /usr/local/var/lib/arpwatch && rm -r /usr/local/var/lib/arpwatch
exit
find ~/src -maxdepth 1 -type d -name "arpwatch-?.*" -exec rm -r {} \;
find ~/src -maxdepth 1 -type d -name "arpwatchNG*" -exec rm -r {} \;
rm -f ~/installed/arpwatch-?.*.tar.* \
~/installed/arpwatch-NG*.tar.*
List of HOWTOs
Web page itself last updated: 2023-12-20 8:06pm (EDT -0400)
HOWTO last updated: 2013-07-22 11:26pm
Copyright © 2001-2024 Jason Englander. All Rights reserved.
HOWTO last updated: 2013-07-22 11:26pm
Copyright © 2001-2024 Jason Englander. All Rights reserved.
![[HTML5]](HTML5_Logo_64-black.png){kind=logo}
