This patch adds support for labeling interfaces in arpwatch
reports. Labels are created by making a symlink in the arpwatch data directory that points at the textual description (e.g. ln -s "Internal Network" dc0). PR: ports/67838 Submitted by: maintainer
This commit is contained in:
parent
53ea9fc8f1
commit
a427774043
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=111294
5 changed files with 209 additions and 27 deletions
|
@ -7,7 +7,7 @@
|
|||
|
||||
PORTNAME= arpwatch
|
||||
PORTVERSION= 2.1.a11
|
||||
PORTREVISION= 2
|
||||
PORTREVISION= 3
|
||||
CATEGORIES= net-mgmt
|
||||
MASTER_SITES= http://www.Awfulhak.org/arpwatch/ \
|
||||
ftp://ftp.ee.lbl.gov/
|
||||
|
|
|
@ -1,5 +1,11 @@
|
|||
--- ../arpwatch-2.1a11/arpwatch.8 Sun Oct 8 16:31:28 2000
|
||||
+++ ./arpwatch.8 Mon Sep 15 17:30:45 2003
|
||||
--- arpwatch.8.orig Sun Oct 8 16:31:28 2000
|
||||
+++ arpwatch.8 Fri Jun 11 12:35:32 2004
|
||||
@@ -1,4 +1,4 @@
|
||||
-.\" @(#) $Id: arpwatch.8,v 1.13 2000/10/08 20:31:25 leres Exp $ (LBL)
|
||||
+.\" @(#) $Id: arpwatch.8,v 1.5 2004/06/11 16:26:22 mdg Exp $ (LBL)
|
||||
.\"
|
||||
.\" Copyright (c) 1992, 1994, 1996, 1997, 2000
|
||||
.\" The Regents of the University of California. All rights reserved.
|
||||
@@ -30,7 +30,10 @@
|
||||
.B -dN
|
||||
] [
|
||||
|
@ -57,7 +63,7 @@
|
|||
.LP
|
||||
The
|
||||
.B -r
|
||||
@@ -96,6 +120,8 @@
|
||||
@@ -96,21 +120,31 @@
|
||||
.LP
|
||||
Note that an empty
|
||||
.I arp.dat
|
||||
|
@ -66,17 +72,22 @@
|
|||
file must be created before the first time you run
|
||||
.BR arpwatch .
|
||||
.LP
|
||||
@@ -105,12 +131,19 @@
|
||||
.SH "REPORT MESSAGES"
|
||||
Here's a quick list of the report messages generated by
|
||||
-.BR arpwatch (1)
|
||||
+.BR arpwatch
|
||||
(and
|
||||
.BR arpsnmp (1)):
|
||||
.TP
|
||||
-.BR arpsnmp (1)):
|
||||
+.BR arpsnmp
|
||||
+):
|
||||
+.TP
|
||||
+.B "new ethernet device"
|
||||
+The ethernet address has not been seen before.
|
||||
+.TP
|
||||
+.B "ethernet device changed interfaces"
|
||||
+An ethernet address associated with one interface has moved to a
|
||||
+different interface.
|
||||
+.TP
|
||||
.TP
|
||||
.B "new activity"
|
||||
This ethernet/ip address pair has been used for the first time six
|
||||
months or more.
|
||||
|
@ -88,7 +99,23 @@
|
|||
.TP
|
||||
.B "flip flop"
|
||||
The ethernet address has changed from the most recently seen address to
|
||||
@@ -152,8 +185,9 @@
|
||||
@@ -148,12 +182,25 @@
|
||||
.B "suppressed DECnet flip flop"
|
||||
A "flip flop" report was suppressed because one of the two
|
||||
addresses was a DECnet address.
|
||||
+.SH "INTERFACE LABELS"
|
||||
+Interfaces can be assigned labels that are displayed in reports
|
||||
+next to the interface name. This is useful for identifying connected
|
||||
+networks. In order to assign a label, create a symbolic link in
|
||||
+the arpwatch data directory. The link should have the same name
|
||||
+as the interface, and should point to the textual label. For example:
|
||||
+.LP
|
||||
+ln -s "Internal Network" dc0
|
||||
+.LP
|
||||
+Labels are read when
|
||||
+.BR arpwatch
|
||||
+initializes. The process must be restarted for label changes to take effect.
|
||||
.SH FILES
|
||||
.na
|
||||
.nh
|
||||
.nf
|
||||
|
|
|
@ -1,5 +1,14 @@
|
|||
--- report.c.orig Sat Sep 30 19:41:10 2000
|
||||
+++ report.c Tue Apr 13 14:39:50 2004
|
||||
+++ report.c Fri Jun 11 12:35:32 2004
|
||||
@@ -20,7 +20,7 @@
|
||||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] =
|
||||
- "@(#) $Id: report.c,v 1.46 2000/09/30 23:41:04 leres Exp $ (LBL)";
|
||||
+ "@(#) $Id: report.c,v 1.8 2004/06/10 19:56:57 mdg Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
/*
|
||||
@@ -45,6 +45,8 @@
|
||||
|
||||
#include <ctype.h>
|
||||
|
@ -18,7 +27,16 @@
|
|||
static int cdepth; /* number of outstanding children */
|
||||
|
||||
static char *fmtdate(time_t);
|
||||
@@ -232,15 +236,16 @@
|
||||
@@ -77,6 +81,8 @@
|
||||
RETSIGTYPE reaper(int);
|
||||
static int32_t gmt2local(void);
|
||||
|
||||
+extern struct ifdesc *if_desc;
|
||||
+
|
||||
static char *
|
||||
fmtdelta(register time_t t)
|
||||
{
|
||||
@@ -232,28 +238,37 @@
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -38,7 +56,12 @@
|
|||
char *watchee = WATCHEE;
|
||||
char *sendmail = PATH_SENDMAIL;
|
||||
char *unknown = "<unknown>";
|
||||
@@ -251,9 +256,15 @@
|
||||
char buf[132];
|
||||
+ char *newif, *newif_old;
|
||||
static int init = 0;
|
||||
+ struct ifdesc *idp = if_desc;
|
||||
|
||||
/* No report until we're initialized */
|
||||
if (initializing)
|
||||
return;
|
||||
|
||||
|
@ -55,7 +78,7 @@
|
|||
return;
|
||||
}
|
||||
f = stdout;
|
||||
@@ -270,7 +281,7 @@
|
||||
@@ -270,7 +285,7 @@
|
||||
}
|
||||
|
||||
/* Syslog this event too */
|
||||
|
@ -64,7 +87,35 @@
|
|||
|
||||
/* Update child depth */
|
||||
++cdepth;
|
||||
@@ -303,13 +314,32 @@
|
||||
@@ -286,6 +301,7 @@
|
||||
|
||||
/* Child */
|
||||
closelog();
|
||||
+
|
||||
(void)strcpy(tempfile, "/tmp/arpwatch.XXXXXX");
|
||||
if ((fd = mkstemp(tempfile)) < 0) {
|
||||
syslog(LOG_ERR, "mkstemp(%s) %m", tempfile);
|
||||
@@ -300,16 +316,52 @@
|
||||
syslog(LOG_ERR, "unlink(%s): %m", tempfile);
|
||||
}
|
||||
|
||||
+ newif = newif_old = NULL;
|
||||
+ if (interface != NULL)
|
||||
+ for (idp = if_desc; idp != NULL; idp = idp->next)
|
||||
+ if (strcmp(idp->name, interface) == 0)
|
||||
+ asprintf(&newif, "%s (%s)", interface, idp->desc);
|
||||
+
|
||||
+ if (newif == NULL && interface != NULL)
|
||||
+ asprintf(&newif, "%s", interface);
|
||||
+
|
||||
+ if (old_interface != NULL)
|
||||
+ for (idp = if_desc; idp != NULL; idp = idp->next)
|
||||
+ if (strcmp(idp->name, old_interface) == 0)
|
||||
+ asprintf(&newif_old, "%s (%s)", old_interface, idp->desc);
|
||||
+
|
||||
+ if (newif_old == NULL && old_interface != NULL)
|
||||
+ asprintf(&newif_old, "%s", old_interface);
|
||||
+
|
||||
(void)fprintf(f, "From: %s\n", watchee);
|
||||
(void)fprintf(f, "To: %s\n", watcher);
|
||||
hn = gethname(a);
|
||||
|
@ -92,15 +143,27 @@
|
|||
+ if (event & FLIPFLOP)
|
||||
+ (void)fprintf(f, fmt, "event", "flip flop");
|
||||
+
|
||||
+ (void)fprintf(f, fmt, "interface", interface);
|
||||
+ (void)fprintf(f, fmt, "interface", newif);
|
||||
+
|
||||
+ if (old_interface != NULL)
|
||||
+ (void)fprintf(f, fmt, "old interface", old_interface);
|
||||
+ (void)fprintf(f, fmt, "old interface", newif_old);
|
||||
+
|
||||
(void)fprintf(f, fmt, "hostname", hn);
|
||||
(void)fprintf(f, fmt, "ip address", intoa(a));
|
||||
(void)fprintf(f, fmt, "ethernet address", e2str(e1));
|
||||
@@ -344,6 +374,25 @@
|
||||
@@ -339,11 +391,37 @@
|
||||
}
|
||||
|
||||
(void)rewind(f);
|
||||
+
|
||||
+ if (newif != NULL)
|
||||
+ free(newif);
|
||||
+
|
||||
+ if (newif_old != NULL)
|
||||
+ free(newif_old);
|
||||
+
|
||||
if (dup2(fileno(f), fileno(stdin)) < 0) {
|
||||
syslog(LOG_ERR, "dup2: %m");
|
||||
exit(1);
|
||||
}
|
||||
/* XXX Need to freopen()? */
|
||||
|
|
|
@ -1,14 +1,35 @@
|
|||
--- ../arpwatch.orig/util.c Fri Oct 13 18:49:03 2000
|
||||
+++ ./util.c Wed Sep 10 13:03:27 2003
|
||||
@@ -53,6 +53,7 @@
|
||||
--- util.c.orig Fri Oct 13 18:49:03 2000
|
||||
+++ util.c Fri Jun 11 12:35:32 2004
|
||||
@@ -20,7 +20,7 @@
|
||||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] =
|
||||
- "@(#) $Id: util.c,v 1.9 2000/10/13 22:48:55 leres Exp $ (LBL)";
|
||||
+ "@(#) $Id: util.c,v 1.5 2004/06/10 19:48:37 mdg Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
/*
|
||||
@@ -39,6 +39,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <syslog.h>
|
||||
+#include <dirent.h>
|
||||
|
||||
#include "gnuc.h"
|
||||
#ifdef HAVE_OS_PROTO_H
|
||||
@@ -53,8 +54,11 @@
|
||||
|
||||
char *arpdir = ARPDIR;
|
||||
char *arpfile = ARPFILE;
|
||||
+char *etherfile = ETHERFILE;
|
||||
char *ethercodes = ETHERCODES;
|
||||
|
||||
+struct ifdesc *if_desc = NULL;
|
||||
+
|
||||
/* Broadcast ethernet addresses */
|
||||
@@ -105,7 +106,7 @@
|
||||
u_char zero[6] = { 0, 0, 0, 0, 0, 0 };
|
||||
u_char allones[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
|
||||
@@ -105,7 +109,7 @@
|
||||
dump(void)
|
||||
{
|
||||
register int fd;
|
||||
|
@ -17,7 +38,7 @@
|
|||
|
||||
(void)sprintf(oldarpfile, "%s-", arpfile);
|
||||
(void)sprintf(newarpfile, "%s.new", arpfile);
|
||||
@@ -130,6 +131,32 @@
|
||||
@@ -130,6 +134,32 @@
|
||||
syslog(LOG_ERR, "rename %s -> %s: %m", newarpfile, arpfile);
|
||||
return(0);
|
||||
}
|
||||
|
@ -50,17 +71,72 @@
|
|||
return(1);
|
||||
}
|
||||
|
||||
@@ -138,7 +165,9 @@
|
||||
@@ -138,7 +168,64 @@
|
||||
readdata(void)
|
||||
{
|
||||
register FILE *f;
|
||||
+ char line[1024];
|
||||
+ char buf[MAXNAMLEN];
|
||||
+ char path[MAXNAMLEN + 1];
|
||||
+ int len, i;
|
||||
+ DIR *dirp;
|
||||
+ struct dirent *dp;
|
||||
+ struct ifdesc *idp;
|
||||
+
|
||||
+ /* interface descriptions */
|
||||
+ if ((dirp = opendir(arpdir)) == NULL)
|
||||
+ {
|
||||
+ syslog(LOG_ERR, "opendir(%s)", arpdir);
|
||||
+ return(0);
|
||||
+ }
|
||||
+
|
||||
+ idp = if_desc = (struct ifdesc *) malloc(sizeof(struct ifdesc));
|
||||
+ idp->name = idp->desc = NULL;
|
||||
+ idp->next = NULL;
|
||||
+
|
||||
+ while ((dp = readdir(dirp)) != NULL)
|
||||
+ {
|
||||
+ if (dp->d_type == DT_LNK)
|
||||
+ {
|
||||
+ for (i=0; i < dp->d_namlen; i++)
|
||||
+ path[i] = dp->d_name[i];
|
||||
+
|
||||
+ path[dp->d_namlen] = '\0';
|
||||
+
|
||||
+ if ((len = readlink(path, buf, MAXNAMLEN)) == -1)
|
||||
+ {
|
||||
+ syslog(LOG_ERR, "readlink(path) failed");
|
||||
+ return(0);
|
||||
+ }
|
||||
+
|
||||
+ buf[len] = '\0';
|
||||
+
|
||||
+ idp->next = (struct ifdesc *) malloc(sizeof(struct ifdesc));
|
||||
+ idp = idp->next;
|
||||
+ idp->next = NULL;
|
||||
+ asprintf(&idp->name, "%s", path);
|
||||
+ asprintf(&idp->desc, "%s", buf);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if (if_desc->next == NULL)
|
||||
+ {
|
||||
+ free(if_desc);
|
||||
+ idp = if_desc = NULL;
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ idp = if_desc;
|
||||
+ if_desc = if_desc->next;
|
||||
+ free(idp);
|
||||
+ idp = NULL;
|
||||
+ }
|
||||
|
||||
+ /* arp.dat */
|
||||
if ((f = fopen(arpfile, "r")) == NULL) {
|
||||
syslog(LOG_ERR, "fopen(%s): %m", arpfile);
|
||||
return(0);
|
||||
@@ -147,6 +176,15 @@
|
||||
@@ -147,6 +234,15 @@
|
||||
(void)fclose(f);
|
||||
return(0);
|
||||
}
|
||||
|
|
|
@ -1,6 +1,12 @@
|
|||
--- ../arpwatch.orig/util.h Sun Oct 6 06:22:14 1996
|
||||
+++ ./util.h Wed Sep 10 13:03:27 2003
|
||||
@@ -11,6 +11,9 @@
|
||||
--- util.h.orig Sun Oct 6 06:22:14 1996
|
||||
+++ util.h Fri Jun 11 12:35:32 2004
|
||||
@@ -1,4 +1,4 @@
|
||||
-/* @(#) $Header: util.h,v 1.2 96/10/06 03:22:13 leres Exp $ (LBL) */
|
||||
+/* @(#) $Header: /src/arpwatch/util.h,v 1.4 2004/06/10 19:19:38 mdg Exp $ (LBL) */
|
||||
|
||||
void dosyslog(int, char *, u_int32_t, u_char *, u_char *);
|
||||
int dump(void);
|
||||
@@ -11,9 +11,19 @@
|
||||
extern char *arpfile;
|
||||
extern char *oldarpfile;
|
||||
extern char *ethercodes;
|
||||
|
@ -10,3 +16,13 @@
|
|||
|
||||
extern u_char zero[6];
|
||||
extern u_char allones[6];
|
||||
|
||||
extern int debug;
|
||||
extern int initializing;
|
||||
+
|
||||
+struct ifdesc
|
||||
+{
|
||||
+ char *name;
|
||||
+ char *desc;
|
||||
+ struct ifdesc *next;
|
||||
+};
|
||||
|
|
Loading…
Reference in a new issue