arpwatch-ng - Replacement for the original arpwatch ChangeLog

HOWTO


# arpwatch NG 1.7
# ===============
# This is a fork of the original arpwatch which has not been actively
# developed for a long time.

# Prerequisites:
# libpcap
# sendmail

cd
test -f installed/arpwatch-NG1.7.tar.bz2 &&
mv installed/arpwatch-NG1.7.tar.bz2 .
test ! -f arpwatch-NG1.7.tar.bz2 &&
wget http://freequaos.host.sk/arpwatch/arpwatch-NG1.7.tar.bz2
mkdir -p -m 0700 src
cd src
find -maxdepth 1 -type d -name "arpwatch-?.*" -exec rm -r {} \;
find -maxdepth 1 -type d -name "arpwatch-NG*" -exec rm -r {} \;
tar xjvf ~/arpwatch-NG1.7.tar.bz2
cd arpwatch-NG1.7
test $UID = 0 && chown -R root:root .

# If you copy arpwatch from a machine with sendmail in one place
# (/usr/bin/sendmail, /usr/lib/sendmail) but machine #2 has it in
# another place (/usr/sbin/sendmail), rebuild arpwatch on the new
# machine or create a symlink for sendmail.

./configure

# If you want the e-mails to go to an e-mail address other than root,
# like an arpwatch alias that goes to multiple people, open up addresses.h
# and change it in there.  You can also pass the -t option to arpwatch.
# By default, the e-mails come from 'arpwatch' and go to 'root'.  If you
# don't change it and one ever bounces, it will go back to 'arpwatch', so
# create an alias from arpwatch to a valid recipient.

# Build it
make

# Become root to install it
su

# If you have the original version of arpwatch installed, this will remove
# it - as it was installed by my howto for it anyway...
killall arpwatch arpsnmp
sleep 2
killall -9 arpwatch arpsnmp > /dev/null 2>&1
rm -f /etc/rc.d/rc.arpwatch
test -d /usr/local/arpwatch && rm -r /usr/local/arpwatch
( cd /usr/local/sbin ; rm -f arpsnmp arpwatch )
( cd /usr/local/man/man8 ; rm -f arpsnmp.8 arpwatch.8 )

# Install the new one
make install

# If you ever want to update /usr/local/share/arpwatch/ethercodes.dat, you
# can use http://standards.ieee.org/regauth/oui/oui.txt with
# ./massagevendor, or nmap's nmap-mac-prefixes (in it's source directory
# or usually as /usr/share/nmap/nmap-mac-prefixes) with
# ./convert_ether_nmap.pl

# Here is my rc.arpwatch-NG init script.  Open it up for options.
cd /etc/rc.d
test -f rc.arpwatch-NG &&
mv -f rc.arpwatch-NG rc.arpwatch-NG.old &&
  chmod 600 rc.arpwatch-NG.old
wget http://englanders.us/pub/linux/misc/rc.arpwatch-NG
test -s ./rc.arpwatch-NG && chmod 700 ./rc.arpwatch-NG

## Add something like this to /etc/rc.d/rc.local to start rc.arpwatch-NG:
# if [ -x /etc/rc.d/rc.arpwatch-NG ]; then
#   /etc/rc.d/rc.arpwatch-NG start
# fi

# Read 'man arpwatch' for more info about running arpwatch-NG

# If you run arpwatch with the -u option, create that user:
id arpwatch > /dev/null 2>&1 ||
useradd -d /usr/local/var/lib/arpwatch -s '' -g root arpwatch

# Become yourself again
exit

cd
mkdir -p -m 0700 installed
rm -f installed/arpwatch-*.tar.* installed/arpwatch-NG*.tar.*
mv arpwatch-NG1.7.tar.bz2 installed/


# If you ever want to uninstall arpwatch-NG (and/or arpwatch), this should
# do it:
su
killall arpwatch arpsnmp
sleep 2
killall -9 arpwatch arpsnmp > /dev/null 2>&1
( cd /etc/rc.d ; rm -f rc.arpwatch rc.arpwatch-NG )
test -d /usr/local/arpwatch && rm -r /usr/local/arpwatch
( cd /usr/local/man/man8 ; rm -f arpsnmp.8 arpwatch.8 )
( cd /usr/local/sbin ; rm -f arpsnmp arpwatch )
test -d /usr/local/share/arpwatch && rm -r /usr/local/share/arpwatch
test -d /usr/local/var/lib/arpwatch && rm -r /usr/local/var/lib/arpwatch
exit
find ~/src -maxdepth 1 -type d -name "arpwatch-?.*" -exec rm -r {} \;
find ~/src -maxdepth 1 -type d -name "arpwatchNG*" -exec rm -r {} \;
rm -f ~/installed/arpwatch-?.*.tar.* ~/installed/arpwatch-NG*.tar.*

List of HOWTOs

Last updated: 2020-04-29 10:24pm EDT(-0400)
Copyright © 2001-2020 Jason Englander. All Rights reserved.
[HTML5]