diff options
| author | Francesco Colista <francesco.colista@gmail.com> | 2013-07-08 11:33:58 +0000 |
|---|---|---|
| committer | Francesco Colista <francesco.colista@gmail.com> | 2013-07-08 11:34:11 +0000 |
| commit | 411a2782aaa756b3a8f3988763ac592cff1257b3 (patch) | |
| tree | f3506a151a9b2e71ed9417f298e40f11e8d66418 /main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch | |
| parent | 0852cf7df3027cc1addd921d31c0b032983196e0 (diff) | |
| download | aports-411a2782aaa756b3a8f3988763ac592cff1257b3.tar.bz2 aports-411a2782aaa756b3a8f3988763ac592cff1257b3.tar.xz | |
main/arpwatch: added several patches for improving options and security
Diffstat (limited to 'main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch')
| -rw-r--r-- | main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch b/main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch new file mode 100644 index 000000000..2b9405d81 --- /dev/null +++ b/main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch @@ -0,0 +1,97 @@ +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-23 22:19:29.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-23 22:19:55.000000000 +0400 +@@ -92,6 +92,12 @@ + [ + .B -Q + ] ++.br ++.ti +8 ++[ ++.B -z ++.I ignorenet/ignoremask ++] + .ad + .SH DESCRIPTION + .B Arpwatch +@@ -206,6 +212,11 @@ + .B -Q + flags prevents arpwatch from sending reports by mail. (This feature comes from Debian). + .LP ++The ++.B -z ++flag is used to set a range of ip addresses to ignore (such as a DHCP ++range). Netmask is specified as 255.255.128.0. (This feature comes from Debian). ++.LP + Note that an empty + .I arp.dat + file must be created before the first time you run +diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-23 22:19:29.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.c 2006-09-23 22:19:55.000000000 +0400 +@@ -125,6 +125,9 @@ + static int nets_ind; + static int nets_size; + ++static struct in_addr ignore_net; ++static struct in_addr ignore_netmask; ++ + extern int optind; + extern int opterr; + extern char *optarg; +@@ -189,7 +192,9 @@ + "a" + "u:" + "Q" ++ "z:" + ; ++ char *tmpptr; + + if (argv[0] == NULL) + prog = "arpwatch"; +@@ -207,6 +212,9 @@ + interface = NULL; + rfilename = NULL; + pd = NULL; ++ ++ inet_aton("0.0.0.0", &ignore_netmask); ++ inet_aton("255.255.255.255", &ignore_netmask); + while ((op = getopt(argc, argv, options)) != EOF) + switch (op) { + +@@ -263,6 +271,12 @@ + ++quiet; + break; + ++ case 'z': ++ tmpptr = strtok(optarg, "/"); ++ inet_aton(tmpptr, &ignore_net); ++ tmpptr = strtok(NULL, "/"); ++ inet_aton(tmpptr, &ignore_netmask); ++ break; + + default: + usage(); +@@ -465,6 +479,14 @@ + return; + } + ++ /* Ignores the specified netmask/metwork */ ++ if ((sia & ignore_netmask.s_addr) == ignore_net.s_addr) { ++ if (debug) { ++ dosyslog(LOG_INFO, "ignored", sia, sea, sha, interface); ++ } ++ return; ++ } ++ + /* Got a live one */ + t = h->ts.tv_sec; + can_checkpoint = 0; +@@ -830,6 +852,7 @@ + "[-a] " + "[-u username] " + "[-Q ] " ++ "[-z ignorenet/ignoremask] " + "\n" + ; + |