This patch adds support for labeling interfaces in arpwatch
reports. Labels are created by making a symlink in the arpwatch data directory that points at the textual description (e.g. ln -s "Internal Network" dc0). PR: ports/67838 Submitted by: maintainer
This commit is contained in:
parent
53ea9fc8f1
commit
a427774043
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=111294
5 changed files with 209 additions and 27 deletions
|
@ -7,7 +7,7 @@
|
||||||
|
|
||||||
PORTNAME= arpwatch
|
PORTNAME= arpwatch
|
||||||
PORTVERSION= 2.1.a11
|
PORTVERSION= 2.1.a11
|
||||||
PORTREVISION= 2
|
PORTREVISION= 3
|
||||||
CATEGORIES= net-mgmt
|
CATEGORIES= net-mgmt
|
||||||
MASTER_SITES= http://www.Awfulhak.org/arpwatch/ \
|
MASTER_SITES= http://www.Awfulhak.org/arpwatch/ \
|
||||||
ftp://ftp.ee.lbl.gov/
|
ftp://ftp.ee.lbl.gov/
|
||||||
|
|
|
@ -1,5 +1,11 @@
|
||||||
--- ../arpwatch-2.1a11/arpwatch.8 Sun Oct 8 16:31:28 2000
|
--- arpwatch.8.orig Sun Oct 8 16:31:28 2000
|
||||||
+++ ./arpwatch.8 Mon Sep 15 17:30:45 2003
|
+++ arpwatch.8 Fri Jun 11 12:35:32 2004
|
||||||
|
@@ -1,4 +1,4 @@
|
||||||
|
-.\" @(#) $Id: arpwatch.8,v 1.13 2000/10/08 20:31:25 leres Exp $ (LBL)
|
||||||
|
+.\" @(#) $Id: arpwatch.8,v 1.5 2004/06/11 16:26:22 mdg Exp $ (LBL)
|
||||||
|
.\"
|
||||||
|
.\" Copyright (c) 1992, 1994, 1996, 1997, 2000
|
||||||
|
.\" The Regents of the University of California. All rights reserved.
|
||||||
@@ -30,7 +30,10 @@
|
@@ -30,7 +30,10 @@
|
||||||
.B -dN
|
.B -dN
|
||||||
] [
|
] [
|
||||||
|
@ -57,7 +63,7 @@
|
||||||
.LP
|
.LP
|
||||||
The
|
The
|
||||||
.B -r
|
.B -r
|
||||||
@@ -96,6 +120,8 @@
|
@@ -96,21 +120,31 @@
|
||||||
.LP
|
.LP
|
||||||
Note that an empty
|
Note that an empty
|
||||||
.I arp.dat
|
.I arp.dat
|
||||||
|
@ -66,17 +72,22 @@
|
||||||
file must be created before the first time you run
|
file must be created before the first time you run
|
||||||
.BR arpwatch .
|
.BR arpwatch .
|
||||||
.LP
|
.LP
|
||||||
@@ -105,12 +131,19 @@
|
.SH "REPORT MESSAGES"
|
||||||
|
Here's a quick list of the report messages generated by
|
||||||
|
-.BR arpwatch (1)
|
||||||
|
+.BR arpwatch
|
||||||
(and
|
(and
|
||||||
.BR arpsnmp (1)):
|
-.BR arpsnmp (1)):
|
||||||
.TP
|
+.BR arpsnmp
|
||||||
|
+):
|
||||||
|
+.TP
|
||||||
+.B "new ethernet device"
|
+.B "new ethernet device"
|
||||||
+The ethernet address has not been seen before.
|
+The ethernet address has not been seen before.
|
||||||
+.TP
|
+.TP
|
||||||
+.B "ethernet device changed interfaces"
|
+.B "ethernet device changed interfaces"
|
||||||
+An ethernet address associated with one interface has moved to a
|
+An ethernet address associated with one interface has moved to a
|
||||||
+different interface.
|
+different interface.
|
||||||
+.TP
|
.TP
|
||||||
.B "new activity"
|
.B "new activity"
|
||||||
This ethernet/ip address pair has been used for the first time six
|
This ethernet/ip address pair has been used for the first time six
|
||||||
months or more.
|
months or more.
|
||||||
|
@ -88,7 +99,23 @@
|
||||||
.TP
|
.TP
|
||||||
.B "flip flop"
|
.B "flip flop"
|
||||||
The ethernet address has changed from the most recently seen address to
|
The ethernet address has changed from the most recently seen address to
|
||||||
@@ -152,8 +185,9 @@
|
@@ -148,12 +182,25 @@
|
||||||
|
.B "suppressed DECnet flip flop"
|
||||||
|
A "flip flop" report was suppressed because one of the two
|
||||||
|
addresses was a DECnet address.
|
||||||
|
+.SH "INTERFACE LABELS"
|
||||||
|
+Interfaces can be assigned labels that are displayed in reports
|
||||||
|
+next to the interface name. This is useful for identifying connected
|
||||||
|
+networks. In order to assign a label, create a symbolic link in
|
||||||
|
+the arpwatch data directory. The link should have the same name
|
||||||
|
+as the interface, and should point to the textual label. For example:
|
||||||
|
+.LP
|
||||||
|
+ln -s "Internal Network" dc0
|
||||||
|
+.LP
|
||||||
|
+Labels are read when
|
||||||
|
+.BR arpwatch
|
||||||
|
+initializes. The process must be restarted for label changes to take effect.
|
||||||
|
.SH FILES
|
||||||
.na
|
.na
|
||||||
.nh
|
.nh
|
||||||
.nf
|
.nf
|
||||||
|
|
|
@ -1,5 +1,14 @@
|
||||||
--- report.c.orig Sat Sep 30 19:41:10 2000
|
--- report.c.orig Sat Sep 30 19:41:10 2000
|
||||||
+++ report.c Tue Apr 13 14:39:50 2004
|
+++ report.c Fri Jun 11 12:35:32 2004
|
||||||
|
@@ -20,7 +20,7 @@
|
||||||
|
*/
|
||||||
|
#ifndef lint
|
||||||
|
static const char rcsid[] =
|
||||||
|
- "@(#) $Id: report.c,v 1.46 2000/09/30 23:41:04 leres Exp $ (LBL)";
|
||||||
|
+ "@(#) $Id: report.c,v 1.8 2004/06/10 19:56:57 mdg Exp $ (LBL)";
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
@@ -45,6 +45,8 @@
|
@@ -45,6 +45,8 @@
|
||||||
|
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
|
@ -18,7 +27,16 @@
|
||||||
static int cdepth; /* number of outstanding children */
|
static int cdepth; /* number of outstanding children */
|
||||||
|
|
||||||
static char *fmtdate(time_t);
|
static char *fmtdate(time_t);
|
||||||
@@ -232,15 +236,16 @@
|
@@ -77,6 +81,8 @@
|
||||||
|
RETSIGTYPE reaper(int);
|
||||||
|
static int32_t gmt2local(void);
|
||||||
|
|
||||||
|
+extern struct ifdesc *if_desc;
|
||||||
|
+
|
||||||
|
static char *
|
||||||
|
fmtdelta(register time_t t)
|
||||||
|
{
|
||||||
|
@@ -232,28 +238,37 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
|
@ -38,7 +56,12 @@
|
||||||
char *watchee = WATCHEE;
|
char *watchee = WATCHEE;
|
||||||
char *sendmail = PATH_SENDMAIL;
|
char *sendmail = PATH_SENDMAIL;
|
||||||
char *unknown = "<unknown>";
|
char *unknown = "<unknown>";
|
||||||
@@ -251,9 +256,15 @@
|
char buf[132];
|
||||||
|
+ char *newif, *newif_old;
|
||||||
|
static int init = 0;
|
||||||
|
+ struct ifdesc *idp = if_desc;
|
||||||
|
|
||||||
|
/* No report until we're initialized */
|
||||||
if (initializing)
|
if (initializing)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
@ -55,7 +78,7 @@
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
f = stdout;
|
f = stdout;
|
||||||
@@ -270,7 +281,7 @@
|
@@ -270,7 +285,7 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Syslog this event too */
|
/* Syslog this event too */
|
||||||
|
@ -64,7 +87,35 @@
|
||||||
|
|
||||||
/* Update child depth */
|
/* Update child depth */
|
||||||
++cdepth;
|
++cdepth;
|
||||||
@@ -303,13 +314,32 @@
|
@@ -286,6 +301,7 @@
|
||||||
|
|
||||||
|
/* Child */
|
||||||
|
closelog();
|
||||||
|
+
|
||||||
|
(void)strcpy(tempfile, "/tmp/arpwatch.XXXXXX");
|
||||||
|
if ((fd = mkstemp(tempfile)) < 0) {
|
||||||
|
syslog(LOG_ERR, "mkstemp(%s) %m", tempfile);
|
||||||
|
@@ -300,16 +316,52 @@
|
||||||
|
syslog(LOG_ERR, "unlink(%s): %m", tempfile);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ newif = newif_old = NULL;
|
||||||
|
+ if (interface != NULL)
|
||||||
|
+ for (idp = if_desc; idp != NULL; idp = idp->next)
|
||||||
|
+ if (strcmp(idp->name, interface) == 0)
|
||||||
|
+ asprintf(&newif, "%s (%s)", interface, idp->desc);
|
||||||
|
+
|
||||||
|
+ if (newif == NULL && interface != NULL)
|
||||||
|
+ asprintf(&newif, "%s", interface);
|
||||||
|
+
|
||||||
|
+ if (old_interface != NULL)
|
||||||
|
+ for (idp = if_desc; idp != NULL; idp = idp->next)
|
||||||
|
+ if (strcmp(idp->name, old_interface) == 0)
|
||||||
|
+ asprintf(&newif_old, "%s (%s)", old_interface, idp->desc);
|
||||||
|
+
|
||||||
|
+ if (newif_old == NULL && old_interface != NULL)
|
||||||
|
+ asprintf(&newif_old, "%s", old_interface);
|
||||||
|
+
|
||||||
(void)fprintf(f, "From: %s\n", watchee);
|
(void)fprintf(f, "From: %s\n", watchee);
|
||||||
(void)fprintf(f, "To: %s\n", watcher);
|
(void)fprintf(f, "To: %s\n", watcher);
|
||||||
hn = gethname(a);
|
hn = gethname(a);
|
||||||
|
@ -92,15 +143,27 @@
|
||||||
+ if (event & FLIPFLOP)
|
+ if (event & FLIPFLOP)
|
||||||
+ (void)fprintf(f, fmt, "event", "flip flop");
|
+ (void)fprintf(f, fmt, "event", "flip flop");
|
||||||
+
|
+
|
||||||
+ (void)fprintf(f, fmt, "interface", interface);
|
+ (void)fprintf(f, fmt, "interface", newif);
|
||||||
+
|
+
|
||||||
+ if (old_interface != NULL)
|
+ if (old_interface != NULL)
|
||||||
+ (void)fprintf(f, fmt, "old interface", old_interface);
|
+ (void)fprintf(f, fmt, "old interface", newif_old);
|
||||||
+
|
+
|
||||||
(void)fprintf(f, fmt, "hostname", hn);
|
(void)fprintf(f, fmt, "hostname", hn);
|
||||||
(void)fprintf(f, fmt, "ip address", intoa(a));
|
(void)fprintf(f, fmt, "ip address", intoa(a));
|
||||||
(void)fprintf(f, fmt, "ethernet address", e2str(e1));
|
(void)fprintf(f, fmt, "ethernet address", e2str(e1));
|
||||||
@@ -344,6 +374,25 @@
|
@@ -339,11 +391,37 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
(void)rewind(f);
|
||||||
|
+
|
||||||
|
+ if (newif != NULL)
|
||||||
|
+ free(newif);
|
||||||
|
+
|
||||||
|
+ if (newif_old != NULL)
|
||||||
|
+ free(newif_old);
|
||||||
|
+
|
||||||
|
if (dup2(fileno(f), fileno(stdin)) < 0) {
|
||||||
|
syslog(LOG_ERR, "dup2: %m");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
/* XXX Need to freopen()? */
|
/* XXX Need to freopen()? */
|
||||||
|
|
|
@ -1,14 +1,35 @@
|
||||||
--- ../arpwatch.orig/util.c Fri Oct 13 18:49:03 2000
|
--- util.c.orig Fri Oct 13 18:49:03 2000
|
||||||
+++ ./util.c Wed Sep 10 13:03:27 2003
|
+++ util.c Fri Jun 11 12:35:32 2004
|
||||||
@@ -53,6 +53,7 @@
|
@@ -20,7 +20,7 @@
|
||||||
|
*/
|
||||||
|
#ifndef lint
|
||||||
|
static const char rcsid[] =
|
||||||
|
- "@(#) $Id: util.c,v 1.9 2000/10/13 22:48:55 leres Exp $ (LBL)";
|
||||||
|
+ "@(#) $Id: util.c,v 1.5 2004/06/10 19:48:37 mdg Exp $ (LBL)";
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
@@ -39,6 +39,7 @@
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <syslog.h>
|
||||||
|
+#include <dirent.h>
|
||||||
|
|
||||||
|
#include "gnuc.h"
|
||||||
|
#ifdef HAVE_OS_PROTO_H
|
||||||
|
@@ -53,8 +54,11 @@
|
||||||
|
|
||||||
char *arpdir = ARPDIR;
|
char *arpdir = ARPDIR;
|
||||||
char *arpfile = ARPFILE;
|
char *arpfile = ARPFILE;
|
||||||
+char *etherfile = ETHERFILE;
|
+char *etherfile = ETHERFILE;
|
||||||
char *ethercodes = ETHERCODES;
|
char *ethercodes = ETHERCODES;
|
||||||
|
|
||||||
|
+struct ifdesc *if_desc = NULL;
|
||||||
|
+
|
||||||
/* Broadcast ethernet addresses */
|
/* Broadcast ethernet addresses */
|
||||||
@@ -105,7 +106,7 @@
|
u_char zero[6] = { 0, 0, 0, 0, 0, 0 };
|
||||||
|
u_char allones[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
|
||||||
|
@@ -105,7 +109,7 @@
|
||||||
dump(void)
|
dump(void)
|
||||||
{
|
{
|
||||||
register int fd;
|
register int fd;
|
||||||
|
@ -17,7 +38,7 @@
|
||||||
|
|
||||||
(void)sprintf(oldarpfile, "%s-", arpfile);
|
(void)sprintf(oldarpfile, "%s-", arpfile);
|
||||||
(void)sprintf(newarpfile, "%s.new", arpfile);
|
(void)sprintf(newarpfile, "%s.new", arpfile);
|
||||||
@@ -130,6 +131,32 @@
|
@@ -130,6 +134,32 @@
|
||||||
syslog(LOG_ERR, "rename %s -> %s: %m", newarpfile, arpfile);
|
syslog(LOG_ERR, "rename %s -> %s: %m", newarpfile, arpfile);
|
||||||
return(0);
|
return(0);
|
||||||
}
|
}
|
||||||
|
@ -50,17 +71,72 @@
|
||||||
return(1);
|
return(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -138,7 +165,9 @@
|
@@ -138,7 +168,64 @@
|
||||||
readdata(void)
|
readdata(void)
|
||||||
{
|
{
|
||||||
register FILE *f;
|
register FILE *f;
|
||||||
+ char line[1024];
|
+ char line[1024];
|
||||||
|
+ char buf[MAXNAMLEN];
|
||||||
|
+ char path[MAXNAMLEN + 1];
|
||||||
|
+ int len, i;
|
||||||
|
+ DIR *dirp;
|
||||||
|
+ struct dirent *dp;
|
||||||
|
+ struct ifdesc *idp;
|
||||||
|
+
|
||||||
|
+ /* interface descriptions */
|
||||||
|
+ if ((dirp = opendir(arpdir)) == NULL)
|
||||||
|
+ {
|
||||||
|
+ syslog(LOG_ERR, "opendir(%s)", arpdir);
|
||||||
|
+ return(0);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ idp = if_desc = (struct ifdesc *) malloc(sizeof(struct ifdesc));
|
||||||
|
+ idp->name = idp->desc = NULL;
|
||||||
|
+ idp->next = NULL;
|
||||||
|
+
|
||||||
|
+ while ((dp = readdir(dirp)) != NULL)
|
||||||
|
+ {
|
||||||
|
+ if (dp->d_type == DT_LNK)
|
||||||
|
+ {
|
||||||
|
+ for (i=0; i < dp->d_namlen; i++)
|
||||||
|
+ path[i] = dp->d_name[i];
|
||||||
|
+
|
||||||
|
+ path[dp->d_namlen] = '\0';
|
||||||
|
+
|
||||||
|
+ if ((len = readlink(path, buf, MAXNAMLEN)) == -1)
|
||||||
|
+ {
|
||||||
|
+ syslog(LOG_ERR, "readlink(path) failed");
|
||||||
|
+ return(0);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ buf[len] = '\0';
|
||||||
|
+
|
||||||
|
+ idp->next = (struct ifdesc *) malloc(sizeof(struct ifdesc));
|
||||||
|
+ idp = idp->next;
|
||||||
|
+ idp->next = NULL;
|
||||||
|
+ asprintf(&idp->name, "%s", path);
|
||||||
|
+ asprintf(&idp->desc, "%s", buf);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (if_desc->next == NULL)
|
||||||
|
+ {
|
||||||
|
+ free(if_desc);
|
||||||
|
+ idp = if_desc = NULL;
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ {
|
||||||
|
+ idp = if_desc;
|
||||||
|
+ if_desc = if_desc->next;
|
||||||
|
+ free(idp);
|
||||||
|
+ idp = NULL;
|
||||||
|
+ }
|
||||||
|
|
||||||
+ /* arp.dat */
|
+ /* arp.dat */
|
||||||
if ((f = fopen(arpfile, "r")) == NULL) {
|
if ((f = fopen(arpfile, "r")) == NULL) {
|
||||||
syslog(LOG_ERR, "fopen(%s): %m", arpfile);
|
syslog(LOG_ERR, "fopen(%s): %m", arpfile);
|
||||||
return(0);
|
return(0);
|
||||||
@@ -147,6 +176,15 @@
|
@@ -147,6 +234,15 @@
|
||||||
(void)fclose(f);
|
(void)fclose(f);
|
||||||
return(0);
|
return(0);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,12 @@
|
||||||
--- ../arpwatch.orig/util.h Sun Oct 6 06:22:14 1996
|
--- util.h.orig Sun Oct 6 06:22:14 1996
|
||||||
+++ ./util.h Wed Sep 10 13:03:27 2003
|
+++ util.h Fri Jun 11 12:35:32 2004
|
||||||
@@ -11,6 +11,9 @@
|
@@ -1,4 +1,4 @@
|
||||||
|
-/* @(#) $Header: util.h,v 1.2 96/10/06 03:22:13 leres Exp $ (LBL) */
|
||||||
|
+/* @(#) $Header: /src/arpwatch/util.h,v 1.4 2004/06/10 19:19:38 mdg Exp $ (LBL) */
|
||||||
|
|
||||||
|
void dosyslog(int, char *, u_int32_t, u_char *, u_char *);
|
||||||
|
int dump(void);
|
||||||
|
@@ -11,9 +11,19 @@
|
||||||
extern char *arpfile;
|
extern char *arpfile;
|
||||||
extern char *oldarpfile;
|
extern char *oldarpfile;
|
||||||
extern char *ethercodes;
|
extern char *ethercodes;
|
||||||
|
@ -10,3 +16,13 @@
|
||||||
|
|
||||||
extern u_char zero[6];
|
extern u_char zero[6];
|
||||||
extern u_char allones[6];
|
extern u_char allones[6];
|
||||||
|
|
||||||
|
extern int debug;
|
||||||
|
extern int initializing;
|
||||||
|
+
|
||||||
|
+struct ifdesc
|
||||||
|
+{
|
||||||
|
+ char *name;
|
||||||
|
+ char *desc;
|
||||||
|
+ struct ifdesc *next;
|
||||||
|
+};
|
||||||
|
|
Loading…
Reference in a new issue