From 411a2782aaa756b3a8f3988763ac592cff1257b3 Mon Sep 17 00:00:00 2001 From: Francesco Colista Date: Mon, 8 Jul 2013 11:33:58 +0000 Subject: main/arpwatch: added several patches for improving options and security --- .../10_all_arpwatch-2.1a15-ignore-net.patch | 97 ++++++++++++++++++++++ 1 file changed, 97 insertions(+) create mode 100644 main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch (limited to 'main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch') diff --git a/main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch b/main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch new file mode 100644 index 000000000..2b9405d81 --- /dev/null +++ b/main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch @@ -0,0 +1,97 @@ +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-23 22:19:29.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-23 22:19:55.000000000 +0400 +@@ -92,6 +92,12 @@ + [ + .B -Q + ] ++.br ++.ti +8 ++[ ++.B -z ++.I ignorenet/ignoremask ++] + .ad + .SH DESCRIPTION + .B Arpwatch +@@ -206,6 +212,11 @@ + .B -Q + flags prevents arpwatch from sending reports by mail. (This feature comes from Debian). + .LP ++The ++.B -z ++flag is used to set a range of ip addresses to ignore (such as a DHCP ++range). Netmask is specified as 255.255.128.0. (This feature comes from Debian). ++.LP + Note that an empty + .I arp.dat + file must be created before the first time you run +diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-23 22:19:29.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.c 2006-09-23 22:19:55.000000000 +0400 +@@ -125,6 +125,9 @@ + static int nets_ind; + static int nets_size; + ++static struct in_addr ignore_net; ++static struct in_addr ignore_netmask; ++ + extern int optind; + extern int opterr; + extern char *optarg; +@@ -189,7 +192,9 @@ + "a" + "u:" + "Q" ++ "z:" + ; ++ char *tmpptr; + + if (argv[0] == NULL) + prog = "arpwatch"; +@@ -207,6 +212,9 @@ + interface = NULL; + rfilename = NULL; + pd = NULL; ++ ++ inet_aton("0.0.0.0", &ignore_netmask); ++ inet_aton("255.255.255.255", &ignore_netmask); + while ((op = getopt(argc, argv, options)) != EOF) + switch (op) { + +@@ -263,6 +271,12 @@ + ++quiet; + break; + ++ case 'z': ++ tmpptr = strtok(optarg, "/"); ++ inet_aton(tmpptr, &ignore_net); ++ tmpptr = strtok(NULL, "/"); ++ inet_aton(tmpptr, &ignore_netmask); ++ break; + + default: + usage(); +@@ -465,6 +479,14 @@ + return; + } + ++ /* Ignores the specified netmask/metwork */ ++ if ((sia & ignore_netmask.s_addr) == ignore_net.s_addr) { ++ if (debug) { ++ dosyslog(LOG_INFO, "ignored", sia, sea, sha, interface); ++ } ++ return; ++ } ++ + /* Got a live one */ + t = h->ts.tv_sec; + can_checkpoint = 0; +@@ -830,6 +852,7 @@ + "[-a] " + "[-u username] " + "[-Q ] " ++ "[-z ignorenet/ignoremask] " + "\n" + ; + -- cgit v1.2.3