package/arpwatch/patches/013_debian_opt_allsubnets


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103

Index: arpwatch/arpwatch.8
diff -u arpwatch/arpwatch.8:1.1.1.1 arpwatch/arpwatch.8:1.1.1.1.8.1
--- arpwatch/arpwatch.8:1.1.1.1	Tue Apr 17 13:31:36 2001
+++ arpwatch/arpwatch.8	Tue Apr 17 13:51:23 2001
@@ -27,6 +27,8 @@
 .na
 .B arpwatch
 [
+.B -a
+] [
 .B -dN
 ] [
 .B -f
@@ -53,6 +55,17 @@
 uses
 .BR pcap (3)
 to listen for arp packets on a local ethernet interface.
+.LP
+.B -a
+By default,
+.B arpwatch
+reports bogons (unless
+.B -N
+is given) for IP addresses that are in the same subnet than the
+first IP address of the default interface.  If this option is
+specified,
+.B arpwatch
+will report bogons about every IP addresses. (Debian specific)
 .LP
 The
 .B -d
Index: arpwatch/arpwatch.c
diff -u arpwatch/arpwatch.c:1.1.1.1.2.1 arpwatch/arpwatch.c:1.1.1.1.2.1.6.1
--- arpwatch/arpwatch.c:1.1.1.1.2.1	Tue Apr 17 13:47:57 2001
+++ arpwatch/arpwatch.c	Tue Apr 17 13:51:23 2001
@@ -154,6 +154,7 @@
 	struct bpf_program code;
 	char errbuf[PCAP_ERRBUF_SIZE];
 	char options[] =
+		"a"
 		"d"
 		"f:"
 		"i:"
@@ -181,6 +182,10 @@
 	while ((op = getopt(argc, argv, options)) != EOF)
 		switch (op) {
 
+		case 'a':
+			++allsubnets;
+			break;
+
 		case 'd':
 			++debug;
 #ifndef DEBUG
@@ -389,7 +394,7 @@
 	/* Watch for bogons */
 	if (isbogon(sia)) {
 		dosyslog(LOG_INFO, "bogon", sia, sea, sha);
-		return;
+		if (!allsubnets) return;
 	}
 
 	/* Watch for ethernet broadcast */
@@ -538,7 +543,7 @@
 	/* Watch for bogons */
 	if (isbogon(sia)) {
 		dosyslog(LOG_INFO, "bogon", sia, sea, sha);
-		return;
+		if (!allsubnets) return;
 	}
 
 	/* Watch for ethernet broadcast */
@@ -757,6 +762,7 @@
 {
 	extern char version[];
 	char usage[] =
+		"[-a] "
 		"[-dN] "
 		"[-f datafile] "
 		"[-i interface] "
Index: arpwatch/util.c
diff -u arpwatch/util.c:1.1.1.1 arpwatch/util.c:1.1.1.1.8.1
--- arpwatch/util.c:1.1.1.1	Tue Apr 17 13:31:37 2001
+++ arpwatch/util.c	Tue Apr 17 13:51:24 2001
@@ -59,6 +59,7 @@
 u_char zero[6] = { 0, 0, 0, 0, 0, 0 };
 u_char allones[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
 
+int allsubnets = 0;			/* watch all attached subnets */
 int debug = 0;
 int initializing = 1;			/* true if initializing */
 
Index: arpwatch/util.h
diff -u arpwatch/util.h:1.1.1.1 arpwatch/util.h:1.1.1.1.8.1
--- arpwatch/util.h:1.1.1.1	Tue Apr 17 13:31:37 2001
+++ arpwatch/util.h	Tue Apr 17 13:51:24 2001
@@ -15,5 +15,6 @@
 extern u_char zero[6];
 extern u_char allones[6];
 
+extern int allsubnets;
 extern int debug;
 extern int initializing;