From 411a2782aaa756b3a8f3988763ac592cff1257b3 Mon Sep 17 00:00:00 2001
From: Francesco Colista <francesco.colista@gmail.com>
Date: Mon, 8 Jul 2013 11:33:58 +0000
Subject: [PATCH] main/arpwatch: added several patches for improving options
and security
---
.../01_all_arpwatch-2.1a15-manpages.patch | 69 +++
.../02_all_arpwatch-2.1a15-srcdir.patch | 250 +++++++++
.../03_all_arpwatch-2.1a15-getopt.patch | 150 ++++++
...arpwatch-2.1a15-sendmail-cmdline-opt.patch | 159 ++++++
...all_arpwatch-2.1a15-promiscuous-mode.patch | 89 +++
...06_all_arpwatch-2.1a15-bogons-report.patch | 507 ++++++++++++++++++
.../07_all_arpwatch-2.1a15-specify-mail.patch | 168 ++++++
..._all_arpwatch-2.1a15-drop-priveleges.patch | 147 +++++
.../09_all_arpwatch-2.1a15-quite-mail.patch | 90 ++++
.../10_all_arpwatch-2.1a15-ignore-net.patch | 97 ++++
.../11_all_arpwatch-2.1a15-secure-tmp.patch | 26 +
...pwatch-2.1a15-defalt-dir-in-manpages.patch | 24 +
.../13_all_arpwatch-2.1a15-scripts-awk.patch | 31 ++
.../14_all_arpwatch-2.1a15-paths-fix.patch | 35 ++
...15_all_arpwatch-2.1a15-fix-dead-lock.patch | 32 ++
...-2.1a15-additional-manpages-cleanups.patch | 98 ++++
.../17_all_arpwatch-2.1a15-restart.patch | 162 ++++++
.../18_all_arpwatch-2.1a15-nofork.patch | 94 ++++
.../19_all_arpwatch-2.1a15-nonewstation.patch | 100 ++++
...arpwatch-2.1a15-noreversedns-resolve.patch | 99 ++++
.../21_all_arpwatch-2.1a15-pid-filename.patch | 108 ++++
main/arpwatch/APKBUILD | 104 +++-
main/arpwatch/arpwatch.pre-install | 4 +
23 files changed, 2637 insertions(+), 6 deletions(-)
create mode 100644 main/arpwatch/01_all_arpwatch-2.1a15-manpages.patch
create mode 100644 main/arpwatch/02_all_arpwatch-2.1a15-srcdir.patch
create mode 100644 main/arpwatch/03_all_arpwatch-2.1a15-getopt.patch
create mode 100644 main/arpwatch/04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch
create mode 100644 main/arpwatch/05_all_arpwatch-2.1a15-promiscuous-mode.patch
create mode 100644 main/arpwatch/06_all_arpwatch-2.1a15-bogons-report.patch
create mode 100644 main/arpwatch/07_all_arpwatch-2.1a15-specify-mail.patch
create mode 100644 main/arpwatch/08_all_arpwatch-2.1a15-drop-priveleges.patch
create mode 100644 main/arpwatch/09_all_arpwatch-2.1a15-quite-mail.patch
create mode 100644 main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch
create mode 100644 main/arpwatch/11_all_arpwatch-2.1a15-secure-tmp.patch
create mode 100644 main/arpwatch/12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch
create mode 100644 main/arpwatch/13_all_arpwatch-2.1a15-scripts-awk.patch
create mode 100644 main/arpwatch/14_all_arpwatch-2.1a15-paths-fix.patch
create mode 100644 main/arpwatch/15_all_arpwatch-2.1a15-fix-dead-lock.patch
create mode 100644 main/arpwatch/16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch
create mode 100644 main/arpwatch/17_all_arpwatch-2.1a15-restart.patch
create mode 100644 main/arpwatch/18_all_arpwatch-2.1a15-nofork.patch
create mode 100644 main/arpwatch/19_all_arpwatch-2.1a15-nonewstation.patch
create mode 100644 main/arpwatch/20_all_arpwatch-2.1a15-noreversedns-resolve.patch
create mode 100644 main/arpwatch/21_all_arpwatch-2.1a15-pid-filename.patch
create mode 100644 main/arpwatch/arpwatch.pre-install
diff --git a/main/arpwatch/01_all_arpwatch-2.1a15-manpages.patch b/main/arpwatch/01_all_arpwatch-2.1a15-manpages.patch
new file mode 100644
index 000000000000..987f16e46288
--- /dev/null
+++ b/main/arpwatch/01_all_arpwatch-2.1a15-manpages.patch
@@ -0,0 +1,69 @@
+Taken from tcpdump-3.8.2-14.FC4.src.rpm with some similar fixes for arpwatch.8
+and and fixes unescaped hyphen in arpwatch and arpsnmp man pages.
+
+diff -Naru arpwatch-2.1a15.orig/arpsnmp.8 arpwatch-2.1a15/arpsnmp.8
+--- arpwatch-2.1a15.orig/arpsnmp.8 2000-09-18 00:34:48.000000000 +0400
++++ arpwatch-2.1a15/arpsnmp.8 2006-09-22 19:21:55.000000000 +0400
+@@ -22,7 +22,7 @@
+ .TH ARPSNMP 8 "17 September 2000"
+ .UC 4
+ .SH NAME
+-arpsnmp - keep track of ethernet/ip address pairings
++arpsnmp \- keep track of ethernet/ip address pairings
+ .SH SYNOPSIS
+ .B arpsnmp
+ [
+@@ -41,7 +41,7 @@
+ and reports certain changes via email.
+ .B Arpsnmp
+ reads information from a file (usually generated by
+-.BR snmpwalk (8)).
++.BR snmpwalk (1)).
+ .LP
+ The
+ .B -d
+@@ -62,9 +62,9 @@
+ .LP
+ .SH "REPORT MESSAGES"
+ (See the
+-.BR arpwatch (1)
++.BR arpwatch (8)
+ man page for details on the report messages generated by
+-.BR arpsnmp (1).)
++.BR arpsnmp (8).)
+ .SH FILES
+ .na
+ .nh
+@@ -79,7 +79,7 @@
+ .na
+ .nh
+ .BR arpwatch (8),
+-.BR snmpwalk (8),
++.BR snmpwalk (1),
+ .BR arp (8)
+ .ad
+ .hy
+diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2000-10-09 00:31:28.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 19:22:07.000000000 +0400
+@@ -22,7 +22,7 @@
+ .TH ARPWATCH 8 "8 October 2000"
+ .UC 4
+ .SH NAME
+-arpwatch - keep track of ethernet/ip address pairings
++arpwatch \- keep track of ethernet/ip address pairings
+ .SH SYNOPSIS
+ .na
+ .B arpwatch
+@@ -101,9 +101,9 @@
+ .LP
+ .SH "REPORT MESSAGES"
+ Here's a quick list of the report messages generated by
+-.BR arpwatch (1)
++.BR arpwatch (8)
+ (and
+-.BR arpsnmp (1)):
++.BR arpsnmp (8)):
+ .TP
+ .B "new activity"
+ This ethernet/ip address pair has been used for the first time six
diff --git a/main/arpwatch/02_all_arpwatch-2.1a15-srcdir.patch b/main/arpwatch/02_all_arpwatch-2.1a15-srcdir.patch
new file mode 100644
index 000000000000..3ab59fcb2ae4
--- /dev/null
+++ b/main/arpwatch/02_all_arpwatch-2.1a15-srcdir.patch
@@ -0,0 +1,250 @@
+Patch for aclocal, Makefile.in, configure.in to handle srcdir correctly.
+
+diff -Naru arpwatch-2.1a15.orig/aclocal.m4 arpwatch-2.1a15/aclocal.m4
+--- arpwatch-2.1a15.orig/aclocal.m4 2006-03-28 11:55:40.000000000 +0400
++++ arpwatch-2.1a15/aclocal.m4 2006-09-22 16:16:24.000000000 +0400
+@@ -50,7 +50,7 @@
+ $1="-O"
+ $2=""
+ if test "${srcdir}" != "." ; then
+- $2="-I\$\(srcdir\)"
++ $2="-I\$(srcdir)"
+ fi
+ if test "${CFLAGS+set}" = set; then
+ LBL_CFLAGS="$CFLAGS"
+diff -Naru arpwatch-2.1a15.orig/configure.in arpwatch-2.1a15/configure.in
+--- arpwatch-2.1a15.orig/configure.in 2006-06-22 00:34:29.000000000 +0400
++++ arpwatch-2.1a15/configure.in 2006-09-22 16:16:24.000000000 +0400
+@@ -143,17 +143,17 @@
+ AC_DEFINE(HAVE_DN_SKIPNAME)
+ fi
+
+-if test -f .devel ; then
++if test -f $srcdir/.devel ; then
+ AC_DEFINE(LBL)
+ fi
+
+-if test -r lbl/gnuc.h ; then
+- rm -f gnuc.h
+- ln -s lbl/gnuc.h gnuc.h
++if test -r $srcdir/lbl/gnuc.h ; then
++ rm -f $srcdir/gnuc.h
++ ln -s lbl/gnuc.h $srcdir/gnuc.h
+ fi
+
+-if test ! -r addresses.h ; then
+- cp addresses.h.in addresses.h
++if test ! -r $srcdir/addresses.h ; then
++ cp $srcdir/addresses.h.in $srcdir/addresses.h
+ fi
+
+ AC_SUBST(V_CCOPT)
+@@ -166,12 +166,12 @@
+
+ AC_OUTPUT(Makefile)
+
+-if test ! -f arp.dat ; then
++if test ! -f $srcdir/arp.dat ; then
+ echo 'creating empty arp.dat file'
+- touch arp.dat
++ touch $srcdir/arp.dat
+ fi
+
+-if test -f .devel ; then
++if test -f $srcdir/.devel ; then
+ make depend
+ fi
+ exit 0
+diff -Naru arpwatch-2.1a15.orig/configure.in.orig arpwatch-2.1a15/configure.in.orig
+--- arpwatch-2.1a15.orig/configure.in.orig 1970-01-01 03:00:00.000000000 +0300
++++ arpwatch-2.1a15/configure.in.orig 2006-06-22 00:34:29.000000000 +0400
+@@ -0,0 +1,177 @@
++dnl @(#) $Header: /usr/src/local/sbin/arpwatch/RCS/configure.in,v 1.35 2006/06/21 20:34:27 leres Exp $ (LBL)
++dnl
++dnl Copyright (c) 1994, 1995, 1996, 1997, 1998, 2000, 2006
++dnl The Regents of the University of California. All rights reserved.
++dnl
++dnl Process this file with autoconf to produce a configure script.
++dnl
++
++AC_INIT(arpwatch.c)
++
++AC_CANONICAL_SYSTEM
++
++umask 002
++
++if test -z "$PWD" ; then
++ PWD=`pwd`
++fi
++
++AC_LBL_C_INIT(V_CCOPT, V_INCLS)
++
++AC_CHECK_HEADERS(fcntl.h memory.h)
++AC_HEADER_TIME
++
++AC_REPLACE_FUNCS(bcopy strerror)
++
++dnl The following generates a warning from autoconf...
++AC_C_BIGENDIAN
++
++AC_LBL_TYPE_SIGNAL
++AC_LBL_UNION_WAIT
++
++AC_CHECK_LIB(resolv, res_query)
++AC_LBL_LIBPCAP(V_PCAPDEP, V_INCLS)
++
++AC_PATH_PROG(V_SENDMAIL, sendmail, /usr/lib/sendmail,
++ $PATH:/usr/sbin:/usr/lib:/usr/bin:/usr/ucblib:/usr/local/etc)
++
++case "$target_os" in
++
++linux*)
++ V_INCLS="$V_INCLS -Ilinux-include"
++ ;;
++
++osf3*)
++ # workaround around ip_hl vs. ip_vhl problem in netinet/ip.h
++ AC_DEFINE(__STDC__,2)
++ ;;
++esac
++
++AC_LBL_CHECK_TYPE
++
++AC_LBL_DEVEL(V_CCOPT)
++
++AC_MSG_CHECKING(if ether_header uses ether_addr structs)
++AC_CACHE_VAL(ac_cv_ether_header_has_ea,
++ LBL_SAVE_CFLAGS="$CFLAGS"
++ CFLAGS="$CFLAGS $V_INCLS"
++ AC_TRY_COMPILE([
++# include <sys/types.h>
++# if __STDC__
++ /* osf3 has REALLY good prototyes */
++ struct mbuf;
++ struct rtentry;
++# endif
++# include <sys/socket.h>
++# include <net/if.h>
++# include <netinet/in.h>
++# include <netinet/if_ether.h>],
++ [u_int i =
++ sizeof(((struct ether_header *)0)->ether_dhost.ether_addr_octet)],
++ ac_cv_ether_header_has_ea=yes,
++ ac_cv_ether_header_has_ea=no)
++ CFLAGS="$LBL_SAVE_CFLAGS")
++AC_MSG_RESULT($ac_cv_ether_header_has_ea)
++if test $ac_cv_ether_header_has_ea = yes ; then
++ AC_DEFINE(ETHER_HEADER_HAS_EA)
++fi
++
++AC_MSG_CHECKING(if ether_arp uses ether_addr structs)
++AC_CACHE_VAL(ac_cv_ether_arp_has_ea,
++ LBL_SAVE_CFLAGS="$CFLAGS"
++ CFLAGS="$CFLAGS $V_INCLS"
++ AC_TRY_COMPILE([
++# include <sys/types.h>
++# if __STDC__
++ /* osf3 has REALLY good prototyes */
++ struct mbuf;
++ struct rtentry;
++# endif
++# include <sys/socket.h>
++# include <net/if.h>
++# include <netinet/in.h>
++# include <netinet/if_ether.h>],
++ [u_int i =
++ sizeof(((struct ether_arp *)0)->arp_sha.ether_addr_octet)],
++ ac_cv_ether_arp_has_ea=yes,
++ ac_cv_ether_arp_has_ea=no)
++ CFLAGS="$LBL_SAVE_CFLAGS")
++AC_MSG_RESULT($ac_cv_ether_arp_has_ea)
++if test $ac_cv_ether_arp_has_ea = yes ; then
++ AC_DEFINE(ETHER_ARP_HAS_EA)
++fi
++
++AC_MSG_CHECKING(if ether_arp uses erp_xsha member)
++AC_CACHE_VAL(ac_cv_struct_ether_arp_x,
++ LBL_SAVE_CFLAGS="$CFLAGS"
++ CFLAGS="$CFLAGS $V_INCLS"
++ AC_TRY_COMPILE([
++# include <sys/types.h>
++# include <sys/socket.h>
++# if __STDC__
++ /* osf3 has REALLY good prototyes */
++ struct mbuf;
++ struct rtentry;
++# endif
++# include <net/if.h>
++# include <netinet/in.h>
++# include <netinet/if_ether.h>],
++ [u_int i = sizeof( ((struct ether_arp *)0)->arp_xsha)],
++ ac_cv_struct_ether_arp_x=yes,
++ ac_cv_struct_ether_arp_x=no)
++ CFLAGS="$LBL_SAVE_CFLAGS")
++AC_MSG_RESULT($ac_cv_struct_ether_arp_x)
++if test $ac_cv_struct_ether_arp_x = yes ; then
++ AC_DEFINE(ETHER_ARP_HAS_X)
++fi
++
++dnl
++dnl bind 8 does some routine name renaming so we must test specially
++dnl
++AC_MSG_CHECKING(for dn_skipname)
++AC_CACHE_VAL(ac_cv_have_dn_skipname,
++ AC_TRY_LINK([
++# include <sys/types.h>
++# include <netinet/in.h>
++# include <arpa/nameser.h>
++# include <resolv.h>],
++ [(void)dn_skipname(0, 0);],
++ ac_cv_have_dn_skipname=yes,
++ ac_cv_have_dn_skipname=no))
++AC_MSG_RESULT($ac_cv_have_dn_skipname)
++if test $ac_cv_have_dn_skipname = yes ; then
++ AC_DEFINE(HAVE_DN_SKIPNAME)
++fi
++
++if test -f .devel ; then
++ AC_DEFINE(LBL)
++fi
++
++if test -r lbl/gnuc.h ; then
++ rm -f gnuc.h
++ ln -s lbl/gnuc.h gnuc.h
++fi
++
++if test ! -r addresses.h ; then
++ cp addresses.h.in addresses.h
++fi
++
++AC_SUBST(V_CCOPT)
++AC_SUBST(V_INCLS)
++AC_SUBST(V_PCAPDEP)
++AC_SUBST(V_SENDMAIL)
++AC_SUBST(LBL_LIBS)
++
++AC_PROG_INSTALL
++
++AC_OUTPUT(Makefile)
++
++if test ! -f arp.dat ; then
++ echo 'creating empty arp.dat file'
++ touch arp.dat
++fi
++
++if test -f .devel ; then
++ make depend
++fi
++exit 0
+diff -Naru arpwatch-2.1a15.orig/Makefile.in arpwatch-2.1a15/Makefile.in
+--- arpwatch-2.1a15.orig/Makefile.in 2000-06-15 04:39:55.000000000 +0400
++++ arpwatch-2.1a15/Makefile.in 2006-09-22 16:16:24.000000000 +0400
+@@ -104,7 +104,7 @@
+ version.o: version.c
+ version.c: $(srcdir)/VERSION
+ @rm -f $@
+- sed -e 's/.*/char version[] = "&";/' $(srcdir)/VERSION > $@
++ sed -e 's/.*/char version[] = "&";/' $(srcdir)/VERSION > $(srcdir)/$@
+
+ zap: zap.o intoa.o
+ $(CC) $(CFLAGS) -o $@ zap.o intoa.o -lutil
diff --git a/main/arpwatch/03_all_arpwatch-2.1a15-getopt.patch b/main/arpwatch/03_all_arpwatch-2.1a15-getopt.patch
new file mode 100644
index 000000000000..269adc8ea623
--- /dev/null
+++ b/main/arpwatch/03_all_arpwatch-2.1a15-getopt.patch
@@ -0,0 +1,150 @@
+Patch from debian. Just reorders usage output and getopt options to ease adding new features.
+
+
+diff -Naru arpwatch-2.1a15.orig/arpsnmp.8 arpwatch-2.1a15/arpsnmp.8
+--- arpwatch-2.1a15.orig/arpsnmp.8 2006-09-22 17:18:02.000000000 +0400
++++ arpwatch-2.1a15/arpsnmp.8 2006-09-22 18:17:44.000000000 +0400
+@@ -27,10 +27,15 @@
+ .B arpsnmp
+ [
+ .B -d
+-] [
++]
++.br
++.ti +8
++[
+ .B -f
+ .I datafile
+ ]
++.br
++.ti +8
+ .I file
+ [
+ .I ...
+diff -Naru arpwatch-2.1a15.orig/arpsnmp.c arpwatch-2.1a15/arpsnmp.c
+--- arpwatch-2.1a15.orig/arpsnmp.c 2004-01-23 01:25:17.000000000 +0300
++++ arpwatch-2.1a15/arpsnmp.c 2006-09-22 18:17:15.000000000 +0400
+@@ -78,6 +78,10 @@
+ register char *cp;
+ register int op, i;
+ char errbuf[256];
++ char options[] =
++ "d"
++ "f:"
++ ;
+
+ if ((cp = strrchr(argv[0], '/')) != NULL)
+ prog = cp + 1;
+@@ -90,7 +94,7 @@
+ }
+
+ opterr = 0;
+- while ((op = getopt(argc, argv, "df:")) != EOF)
++ while ((op = getopt(argc, argv, options)) != EOF)
+ switch (op) {
+
+ case 'd':
+@@ -182,9 +186,14 @@
+ usage(void)
+ {
+ extern char version[];
++ char usage[] =
++ "[-d] "
++ "[-f datafile] "
++ "file [...]\n"
++ ;
+
+ (void)fprintf(stderr, "Version %s\n", version);
+ (void)fprintf(stderr,
+- "usage: %s [-d] [-f datafile] file [...]\n", prog);
++ "usage: %s %s", prog, usage);
+ exit(1);
+ }
+diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-22 17:18:02.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 18:19:20.000000000 +0400
+@@ -28,10 +28,16 @@
+ .B arpwatch
+ [
+ .B -dN
+-] [
++]
++.br
++.ti +8
++[
+ .B -f
+ .I datafile
+-] [
++]
++.br
++.ti +8
++[
+ .B -i
+ .I interface
+ ]
+@@ -40,7 +46,10 @@
+ [
+ .B -n
+ .IR net [/ width
+-]] [
++]]
++.br
++.ti +8
++[
+ .B -r
+ .I file
+ ]
+diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15.orig/arpwatch.c 2004-01-23 01:18:20.000000000 +0300
++++ arpwatch-2.1a15/arpwatch.c 2006-09-22 18:22:35.000000000 +0400
+@@ -153,6 +153,14 @@
+ register char *interface, *rfilename;
+ struct bpf_program code;
+ char errbuf[PCAP_ERRBUF_SIZE];
++ char options[] =
++ "d"
++ "f:"
++ "i:"
++ "n:"
++ "N"
++ "r:"
++ ;
+
+ if (argv[0] == NULL)
+ prog = "arpwatch";
+@@ -170,7 +178,7 @@
+ interface = NULL;
+ rfilename = NULL;
+ pd = NULL;
+- while ((op = getopt(argc, argv, "df:i:n:Nr:")) != EOF)
++ while ((op = getopt(argc, argv, options)) != EOF)
+ switch (op) {
+
+ case 'd':
+@@ -201,7 +209,6 @@
+ case 'r':
+ rfilename = optarg;
+ break;
+-
+ default:
+ usage();
+ }
+@@ -748,9 +755,16 @@
+ usage(void)
+ {
+ extern char version[];
++ char usage[] =
++ "[-dN] "
++ "[-f datafile] "
++ "[-i interface] "
++ "[-n net[/width]] "
++ "[-r file] "
++ "\n"
++ ;
+
+ (void)fprintf(stderr, "Version %s\n", version);
+- (void)fprintf(stderr, "usage: %s [-dN] [-f datafile] [-i interface]"
+- " [-n net[/width]] [-r file]\n", prog);
++ (void)fprintf(stderr, "usage: %s %s", prog, usage);
+ exit(1);
+ }
diff --git a/main/arpwatch/04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch b/main/arpwatch/04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch
new file mode 100644
index 000000000000..3b2ec7f4cd0d
--- /dev/null
+++ b/main/arpwatch/04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch
@@ -0,0 +1,159 @@
+This patch from debian adds possibility to specify sendmail program.
+
+diff -Naru arpwatch-2.1a15.orig/arpsnmp.8 arpwatch-2.1a15/arpsnmp.8
+--- arpwatch-2.1a15.orig/arpsnmp.8 2006-09-22 19:26:53.000000000 +0400
++++ arpwatch-2.1a15/arpsnmp.8 2006-09-22 19:31:59.000000000 +0400
+@@ -36,6 +36,12 @@
+ ]
+ .br
+ .ti +8
++[
++.B -s
++.I sendmail_path
++]
++.br
++.ti +8
+ .I file
+ [
+ .I ...
+@@ -60,6 +66,13 @@
+ The default is
+ .IR arp.dat .
+ .LP
++The
++.B -s
++flag is used to specify the path to the sendmail program. Any program that
++takes the option -odi and then text from stdin can be substituted. This is
++useful for redirecting reports to log files instead of mail. (This feature
++comes from Debian).
++.LP
+ Note that an empty
+ .I arp.dat
+ file must be created before the first time you run
+diff -Naru arpwatch-2.1a15.orig/arpsnmp.c arpwatch-2.1a15/arpsnmp.c
+--- arpwatch-2.1a15.orig/arpsnmp.c 2006-09-22 19:26:53.000000000 +0400
++++ arpwatch-2.1a15/arpsnmp.c 2006-09-22 19:26:23.000000000 +0400
+@@ -67,6 +67,7 @@
+ __dead void usage(void) __attribute__((volatile));
+
+ char *prog;
++char *path_sendmail = PATH_SENDMAIL;
+
+ extern int optind;
+ extern int opterr;
+@@ -81,6 +82,7 @@
+ char options[] =
+ "d"
+ "f:"
++ "s:"
+ ;
+
+ if ((cp = strrchr(argv[0], '/')) != NULL)
+@@ -109,6 +111,10 @@
+ arpfile = optarg;
+ break;
+
++ case 's':
++ path_sendmail = optarg;
++ break;
++
+ default:
+ usage();
+ }
+@@ -189,6 +195,7 @@
+ char usage[] =
+ "[-d] "
+ "[-f datafile] "
++ "[-s sendmail_path] "
+ "file [...]\n"
+ ;
+
+diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-22 19:26:53.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 19:28:02.000000000 +0400
+@@ -53,6 +53,12 @@
+ .B -r
+ .I file
+ ]
++.br
++.ti +8
++[
++.B -s
++.I sendmail_path
++]
+ .ad
+ .SH DESCRIPTION
+ .B Arpwatch
+@@ -103,6 +109,13 @@
+ .B arpwatch
+ does not fork.
+ .LP
++The
++.B -s
++flag is used to specify the path to the sendmail program. Any program that
++takes the option -odi and then text from stdin can be substituted. This is
++useful for redirecting reports to log files instead of mail. (This feature
++comes from Debian).
++.LP
+ Note that an empty
+ .I arp.dat
+ file must be created before the first time you run
+diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-22 19:26:53.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.c 2006-09-22 19:26:23.000000000 +0400
+@@ -106,6 +106,7 @@
+ #endif
+
+ char *prog;
++char *path_sendmail = PATH_SENDMAIL;
+
+ int can_checkpoint;
+ int swapped;
+@@ -160,6 +161,7 @@
+ "n:"
+ "N"
+ "r:"
++ "s:"
+ ;
+
+ if (argv[0] == NULL)
+@@ -209,6 +211,11 @@
+ case 'r':
+ rfilename = optarg;
+ break;
++
++ case 's':
++ path_sendmail = optarg;
++ break;
++
+ default:
+ usage();
+ }
+@@ -761,6 +768,7 @@
+ "[-i interface] "
+ "[-n net[/width]] "
+ "[-r file] "
++ "[-s sendmail_path] "
+ "\n"
+ ;
+
+diff -Naru arpwatch-2.1a15.orig/report.c arpwatch-2.1a15/report.c
+--- arpwatch-2.1a15.orig/report.c 2000-10-01 03:41:10.000000000 +0400
++++ arpwatch-2.1a15/report.c 2006-09-22 19:26:23.000000000 +0400
+@@ -235,6 +235,7 @@
+ report(register char *title, register u_int32_t a, register u_char *e1,
+ register u_char *e2, register time_t *t1p, register time_t *t2p)
+ {
++ extern char *path_sendmail;
+ register char *cp, *hn;
+ register int fd, pid;
+ register FILE *f;
+@@ -242,7 +243,7 @@
+ char *fmt = "%20s: %s\n";
+ char *watcher = WATCHER;
+ char *watchee = WATCHEE;
+- char *sendmail = PATH_SENDMAIL;
++ char *sendmail = path_sendmail;
+ char *unknown = "<unknown>";
+ char buf[132];
+ static int init = 0;
diff --git a/main/arpwatch/05_all_arpwatch-2.1a15-promiscuous-mode.patch b/main/arpwatch/05_all_arpwatch-2.1a15-promiscuous-mode.patch
new file mode 100644
index 000000000000..3f4c679dd649
--- /dev/null
+++ b/main/arpwatch/05_all_arpwatch-2.1a15-promiscuous-mode.patch
@@ -0,0 +1,89 @@
+diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-22 19:33:49.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 19:34:52.000000000 +0400
+@@ -59,6 +59,11 @@
+ .B -s
+ .I sendmail_path
+ ]
++.br
++.ti +8
++[
++.B -p
++]
+ .ad
+ .SH DESCRIPTION
+ .B Arpwatch
+@@ -116,6 +121,15 @@
+ useful for redirecting reports to log files instead of mail. (This feature
+ comes from Debian).
+ .LP
++The
++.B -p
++flag disables promiscuous operation. ARP broadcasts get through hubs without
++having the interface in promiscuous mode, while saving considerable resources
++that would be wasted on processing gigabytes of non-broadcast traffic. OTOH,
++setting promiscuous mode does not mean getting 100% traffic that would concern
++.B arpwatch.
++YMMV. (This feature comes from Debian).
++.LP
+ Note that an empty
+ .I arp.dat
+ file must be created before the first time you run
+diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-22 19:33:49.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.c 2006-09-22 19:34:07.000000000 +0400
+@@ -162,6 +162,7 @@
+ "N"
+ "r:"
+ "s:"
++ "p"
+ ;
+
+ if (argv[0] == NULL)
+@@ -216,6 +217,10 @@
+ path_sendmail = optarg;
+ break;
+
++ case 'p':
++ ++nopromisc;
++ break;
++
+ default:
+ usage();
+ }
+@@ -283,7 +288,7 @@
+ snaplen = max(sizeof(struct ether_header),
+ sizeof(struct fddi_header)) + sizeof(struct ether_arp);
+ timeout = 1000;
+- pd = pcap_open_live(interface, snaplen, 1, timeout, errbuf);
++ pd = pcap_open_live(interface, snaplen, !nopromisc, timeout, errbuf);
+ if (pd == NULL) {
+ syslog(LOG_ERR, "pcap open %s: %s", interface, errbuf);
+ exit(1);
+@@ -769,6 +774,7 @@
+ "[-n net[/width]] "
+ "[-r file] "
+ "[-s sendmail_path] "
++ "[-p] "
+ "\n"
+ ;
+
+diff -Naru arpwatch-2.1a15.orig/util.c arpwatch-2.1a15/util.c
+--- arpwatch-2.1a15.orig/util.c 2004-01-23 01:25:39.000000000 +0300
++++ arpwatch-2.1a15/util.c 2006-09-22 19:35:15.000000000 +0400
+@@ -61,6 +61,7 @@
+
+ int debug = 0;
+ int initializing = 1; /* true if initializing */
++int nopromisc = 0; /* don't activate promisc mode by default */
+
+ /* syslog() helper routine */
+ void
+diff -Naru arpwatch-2.1a15.orig/util.h arpwatch-2.1a15/util.h
+--- arpwatch-2.1a15.orig/util.h 1996-10-06 14:22:14.000000000 +0400
++++ arpwatch-2.1a15/util.h 2006-09-22 19:34:07.000000000 +0400
+@@ -17,3 +17,4 @@
+
+ extern int debug;
+ extern int initializing;
++extern int nopromisc;
diff --git a/main/arpwatch/06_all_arpwatch-2.1a15-bogons-report.patch b/main/arpwatch/06_all_arpwatch-2.1a15-bogons-report.patch
new file mode 100644
index 000000000000..a6bdaefd77e4
--- /dev/null
+++ b/main/arpwatch/06_all_arpwatch-2.1a15-bogons-report.patch
@@ -0,0 +1,507 @@
+diff -Naru arpwatch-2.1a15.orig/arpsnmp.c arpwatch-2.1a15/arpsnmp.c
+--- arpwatch-2.1a15.orig/arpsnmp.c 2006-09-22 19:44:44.000000000 +0400
++++ arpwatch-2.1a15/arpsnmp.c 2006-09-22 19:41:19.000000000 +0400
+@@ -63,7 +63,7 @@
+ /* Forwards */
+ int main(int, char **);
+ int readsnmp(char *);
+-int snmp_add(u_int32_t, u_char *, time_t, char *);
++int snmp_add(u_int32_t, u_char *, time_t, char *, char *);
+ __dead void usage(void) __attribute__((volatile));
+
+ char *prog;
+@@ -149,22 +149,24 @@
+ static time_t now;
+
+ int
+-snmp_add(register u_int32_t a, register u_char *e, time_t t, register char *h)
++snmp_add(register u_int32_t a, register u_char *e, time_t t, register char *h,
++ char *interface)
+ {
+ /* Watch for ethernet broadcast */
+ if (MEMCMP(e, zero, 6) == 0 || MEMCMP(e, allones, 6) == 0) {
+- dosyslog(LOG_INFO, "ethernet broadcast", a, e, NULL);
++ dosyslog(LOG_INFO, "ethernet broadcast", a, e, NULL,
++ interface);
+ return (1);
+ }
+
+ /* Watch for some ip broadcast addresses */
+ if (a == 0 || a == 1) {
+- dosyslog(LOG_INFO, "ip broadcast", a, e, NULL);
++ dosyslog(LOG_INFO, "ip broadcast", a, e, NULL, interface);
+ return (1);
+ }
+
+ /* Use current time (although it would be nice to subtract idle time) */
+- return (ent_add(a, e, now, h));
++ return (ent_add(a, e, now, h, interface));
+ }
+
+ /* Process an snmp file */
+diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-22 19:44:53.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 19:41:19.000000000 +0400
+@@ -64,6 +64,11 @@
+ [
+ .B -p
+ ]
++.br
++.ti +8
++[
++.B -a
++]
+ .ad
+ .SH DESCRIPTION
+ .B Arpwatch
+@@ -130,6 +135,17 @@
+ .B arpwatch.
+ YMMV. (This feature comes from Debian).
+ .LP
++The
++.B -a
++flag tells
++.B arpwatch
++to report bogons about every IP address. By default,
++.B arpwatch
++reports bogons for IP addresses that are in the same subnet with the first IP
++address of the default interface (unless
++.B -N
++is given). (This feature comes from Debian).
++.LP
+ Note that an empty
+ .I arp.dat
+ file must be created before the first time you run
+diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-22 19:44:53.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.c 2006-09-22 19:41:19.000000000 +0400
+@@ -142,6 +142,8 @@
+ int sanity_fddi(struct fddi_header *, struct ether_arp *, int);
+ __dead void usage(void) __attribute__((volatile));
+
++static char *interface;
++
+ int
+ main(int argc, char **argv)
+ {
+@@ -151,7 +153,7 @@
+ register int fd;
+ #endif
+ register pcap_t *pd;
+- register char *interface, *rfilename;
++ register char *rfilename;
+ struct bpf_program code;
+ char errbuf[PCAP_ERRBUF_SIZE];
+ char options[] =
+@@ -163,6 +165,7 @@
+ "r:"
+ "s:"
+ "p"
++ "a"
+ ;
+
+ if (argv[0] == NULL)
+@@ -221,6 +224,10 @@
+ ++nopromisc;
+ break;
+
++ case 'a':
++ ++allsubnets;
++ break;
++
+ default:
+ usage();
+ }
+@@ -399,29 +406,31 @@
+
+ /* Watch for bogons */
+ if (isbogon(sia)) {
+- dosyslog(LOG_INFO, "bogon", sia, sea, sha);
+- return;
++ dosyslog(LOG_INFO, "bogon", sia, sea, sha, interface);
++ if (!allsubnets) return;
+ }
+
+ /* Watch for ethernet broadcast */
+ if (MEMCMP(sea, zero, 6) == 0 || MEMCMP(sea, allones, 6) == 0 ||
+ MEMCMP(sha, zero, 6) == 0 || MEMCMP(sha, allones, 6) == 0) {
+- dosyslog(LOG_INFO, "ethernet broadcast", sia, sea, sha);
++ dosyslog(LOG_INFO, "ethernet broadcast", sia, sea, sha,
++ interface);
+ return;
+ }
+
+ /* Double check ethernet addresses */
+ if (MEMCMP(sea, sha, 6) != 0) {
+- dosyslog(LOG_INFO, "ethernet mismatch", sia, sea, sha);
++ dosyslog(LOG_INFO, "ethernet mismatch", sia, sea, sha,
++ interface);
+ return;
+ }
+
+ /* Got a live one */
+ t = h->ts.tv_sec;
+ can_checkpoint = 0;
+- if (!ent_add(sia, sea, t, NULL))
+- syslog(LOG_ERR, "ent_add(%s, %s, %ld) failed",
+- intoa(sia), e2str(sea), t);
++ if (!ent_add(sia, sea, t, NULL, interface))
++ syslog(LOG_ERR, "ent_add(%s, %s, %ld, %s) failed",
++ intoa(sia), e2str(sea), t, interface);
+ can_checkpoint = 1;
+ }
+
+@@ -548,29 +557,31 @@
+
+ /* Watch for bogons */
+ if (isbogon(sia)) {
+- dosyslog(LOG_INFO, "bogon", sia, sea, sha);
+- return;
++ dosyslog(LOG_INFO, "bogon", sia, sea, sha, interface);
++ if (!allsubnets) return;
+ }
+
+ /* Watch for ethernet broadcast */
+ if (MEMCMP(sea, zero, 6) == 0 || MEMCMP(sea, allones, 6) == 0 ||
+ MEMCMP(sha, zero, 6) == 0 || MEMCMP(sha, allones, 6) == 0) {
+- dosyslog(LOG_INFO, "ethernet broadcast", sia, sea, sha);
++ dosyslog(LOG_INFO, "ethernet broadcast", sia, sea, sha,
++ interface);
+ return;
+ }
+
+ /* Double check ethernet addresses */
+ if (MEMCMP(sea, sha, 6) != 0) {
+- dosyslog(LOG_INFO, "ethernet mismatch", sia, sea, sha);
++ dosyslog(LOG_INFO, "ethernet mismatch", sia, sea, sha,
++ interface);
+ return;
+ }
+
+ /* Got a live one */
+ t = h->ts.tv_sec;
+ can_checkpoint = 0;
+- if (!ent_add(sia, sea, t, NULL))
+- syslog(LOG_ERR, "ent_add(%s, %s, %ld) failed",
+- intoa(sia), e2str(sea), t);
++ if (!ent_add(sia, sea, t, NULL, interface))
++ syslog(LOG_ERR, "ent_add(%s, %s, %ld, %s) failed",
++ intoa(sia), e2str(sea), t, interface);
+ can_checkpoint = 1;
+ }
+
+@@ -775,6 +786,7 @@
+ "[-r file] "
+ "[-s sendmail_path] "
+ "[-p] "
++ "[-a] "
+ "\n"
+ ;
+
+diff -Naru arpwatch-2.1a15.orig/db.c arpwatch-2.1a15/db.c
+--- arpwatch-2.1a15.orig/db.c 2000-10-01 03:39:58.000000000 +0400
++++ arpwatch-2.1a15/db.c 2006-09-22 19:43:35.000000000 +0400
+@@ -64,6 +64,7 @@
+ u_char e[6]; /* ether address */
+ char h[34]; /* simple hostname */
+ time_t t; /* timestamp */
++ char i[16]; /* interface */
+ };
+
+ /* Address info */
+@@ -80,13 +81,14 @@
+
+ static void alist_alloc(struct ainfo *);
+ int cmpeinfo(const void *, const void *);
+-static struct einfo *elist_alloc(u_int32_t, u_char *, time_t, char *);
++static struct einfo *elist_alloc(u_int32_t, u_char *, time_t, char *, char *);
+ static struct ainfo *ainfo_find(u_int32_t);
+ static void check_hname(struct ainfo *);
+ struct ainfo *newainfo(void);
+
+ int
+-ent_add(register u_int32_t a, register u_char *e, time_t t, register char *h)
++ent_add(register u_int32_t a, register u_char *e, time_t t, register char *h,
++ char *interface)
+ {
+ register struct ainfo *ap;
+ register struct einfo *ep;
+@@ -103,7 +105,8 @@
+ ep = ap->elist[0];
+ if (MEMCMP(e, ep->e, 6) == 0) {
+ if (t - ep->t > NEWACTIVITY_DELTA) {
+- report("new activity", a, e, NULL, &t, &ep->t);
++ report("new activity", a, e, NULL, &t, &ep->t,
++ interface);
+ check_hname(ap);
+ }
+ ep->t = t;
+@@ -114,8 +117,8 @@
+ /* Check for a virgin ainfo record */
+ if (ap->ecount == 0) {
+ ap->ecount = 1;
+- ap->elist[0] = elist_alloc(a, e, t, h);
+- report("new station", a, e, NULL, &t, NULL);
++ ap->elist[0] = elist_alloc(a, e, t, h, interface);
++ report("new station", a, e, NULL, &t, NULL, interface);
+ return (1);
+ }
+
+@@ -133,9 +136,11 @@
+ if (t - t2 < FLIPFLIP_DELTA &&
+ (isdecnet(e) || isdecnet(e2)))
+ dosyslog(LOG_INFO,
+- "suppressed DECnet flip flop", a, e, e2);
++ "suppressed DECnet flip flop", a, e, e2,
++ interface);
+ else
+- report("flip flop", a, e, e2, &t, &t2);
++ report("flip flop", a, e, e2, &t, &t2,
++ interface);
+ ap->elist[1] = ap->elist[0];
+ ap->elist[0] = ep;
+ ep->t = t;
+@@ -151,7 +156,7 @@
+ e2 = ap->elist[0]->e;
+ t2 = ap->elist[0]->t;
+ dosyslog(LOG_NOTICE, "reused old ethernet address",
+- a, e, e2);
++ a, e, e2, interface);
+ /* Shift entries down */
+ len = i * sizeof(ap->elist[0]);
+ BCOPY(&ap->elist[0], &ap->elist[1], len);
+@@ -165,12 +170,12 @@
+ /* New ether address */
+ e2 = ap->elist[0]->e;
+ t2 = ap->elist[0]->t;
+- report("changed ethernet address", a, e, e2, &t, &t2);
++ report("changed ethernet address", a, e, e2, &t, &t2, interface);
+ /* Make room at head of list */
+ alist_alloc(ap);
+ len = ap->ecount * sizeof(ap->elist[0]);
+ BCOPY(&ap->elist[0], &ap->elist[1], len);
+- ap->elist[0] = elist_alloc(a, e, t, h);
++ ap->elist[0] = elist_alloc(a, e, t, h, interface);
+ ++ap->ecount;
+ return (1);
+ }
+@@ -227,7 +232,7 @@
+ for (ap = &ainfo_table[i]; ap != NULL; ap = ap->next)
+ for (j = 0; j < ap->ecount; ++j) {
+ ep = ap->elist[j];
+- (*fn)(ap->a, ep->e, ep->t, ep->h);
++ (*fn)(ap->a, ep->e, ep->t, ep->h, ep->i);
+ ++n;
+ }
+ return (n);
+@@ -259,7 +264,7 @@
+ /* Allocate and initialize a elist struct */
+ static struct einfo *
+ elist_alloc(register u_int32_t a, register u_char *e, register time_t t,
+- register char *h)
++ register char *h, char *interface)
+ {
+ register struct einfo *ep;
+ register u_int size;
+@@ -286,6 +291,8 @@
+ if (h != NULL && !isdigit((int)*h))
+ strcpy(ep->h, h);
+ ep->t = t;
++ if (interface != NULL)
++ strncpy(ep->i, interface, 16);
+ return (ep);
+ }
+
+diff -Naru arpwatch-2.1a15.orig/db.h arpwatch-2.1a15/db.h
+--- arpwatch-2.1a15.orig/db.h 1996-06-05 09:39:30.000000000 +0400
++++ arpwatch-2.1a15/db.h 2006-09-22 19:41:19.000000000 +0400
+@@ -1,10 +1,10 @@
+ /* @(#) $Header: db.h,v 1.8 96/06/04 22:39:29 leres Exp $ (LBL) */
+
+-typedef void (*ent_process)(u_int32_t, u_char *, time_t, char *);
++typedef void (*ent_process)(u_int32_t, u_char *, time_t, char *, char *);
+
+ #ifdef DEBUG
+ void debugdump(void);
+ #endif
+-int ent_add(u_int32_t, u_char *, time_t, char *);
++int ent_add(u_int32_t, u_char *, time_t, char *, char *);
+ int ent_loop(ent_process);
+ void sorteinfo(void);
+diff -Naru arpwatch-2.1a15.orig/file.c arpwatch-2.1a15/file.c
+--- arpwatch-2.1a15.orig/file.c 2000-10-14 02:29:43.000000000 +0400
++++ arpwatch-2.1a15/file.c 2006-09-22 19:41:19.000000000 +0400
+@@ -69,6 +69,7 @@
+ u_int32_t a;
+ register time_t t;
+ register struct hostent *hp;
++ char *interface;
+ char line[1024];
+ u_char e[6];
+
+@@ -117,6 +118,7 @@
+ if (cp2 == NULL) {
+ t = 0;
+ h = NULL;
++ interface = NULL;
+ } else {
+ t = atoi(cp2);
+ h = strchr(cp2, '\t');
+@@ -126,11 +128,18 @@
+ while (*cp2 != '\n' && *cp2 != '\t' &&
+ *cp2 != '\0')
+ ++cp2;
++ if (*cp2 == '\t') {
++ *cp2++ = '\0';
++ while (*cp2 != '\n' && *cp2 != '\t' &&
++ *cp2 != '\0') ++cp2;
++ } else {
++ interface = NULL;
++ }
+ *cp2 = '\0';
+ }
+ }
+
+- if (!(*fn)(a, e, t, h))
++ if (!(*fn)(a, e, t, h, interface))
+ return(0);
+ }
+
+diff -Naru arpwatch-2.1a15.orig/file.h arpwatch-2.1a15/file.h
+--- arpwatch-2.1a15.orig/file.h 1999-01-18 04:46:04.000000000 +0300
++++ arpwatch-2.1a15/file.h 2006-09-22 19:41:19.000000000 +0400
+@@ -1,5 +1,5 @@
+ /* @(#) $Header: file.h,v 1.4 99/01/17 17:46:03 leres Exp $ (LBL) */
+
+-typedef int (*file_process)(u_int32_t, u_char *, time_t, char *);
++typedef int (*file_process)(u_int32_t, u_char *, time_t, char *, char *);
+
+ int file_loop(FILE *, file_process, const char *);
+diff -Naru arpwatch-2.1a15.orig/report.c arpwatch-2.1a15/report.c
+--- arpwatch-2.1a15.orig/report.c 2006-09-22 19:44:44.000000000 +0400
++++ arpwatch-2.1a15/report.c 2006-09-22 19:41:19.000000000 +0400
+@@ -233,7 +233,8 @@
+
+ void
+ report(register char *title, register u_int32_t a, register u_char *e1,
+- register u_char *e2, register time_t *t1p, register time_t *t2p)
++ register u_char *e2, register time_t *t1p, register time_t *t2p,
++ char *interface)
+ {
+ extern char *path_sendmail;
+ register char *cp, *hn;
+@@ -254,7 +255,7 @@
+
+ if (debug) {
+ if (debug > 1) {
+- dosyslog(LOG_NOTICE, title, a, e1, e2);
++ dosyslog(LOG_NOTICE, title, a, e1, e2, interface);
+ return;
+ }
+ f = stdout;
+@@ -271,7 +272,7 @@
+ }
+
+ /* Syslog this event too */
+- dosyslog(LOG_NOTICE, title, a, e1, e2);
++ dosyslog(LOG_NOTICE, title, a, e1, e2, interface);
+
+ /* Update child depth */
+ ++cdepth;
+@@ -303,16 +304,19 @@
+
+ (void)fprintf(f, "From: %s\n", watchee);
+ (void)fprintf(f, "To: %s\n", watcher);
++ if (interface == NULL) interface = ""; /* shouldn't happen */
+ hn = gethname(a);
+ if (!isdigit(*hn))
+- (void)fprintf(f, "Subject: %s (%s)\n", title, hn);
++ (void)fprintf(f, "Subject: %s (%s) %s\n", title, hn,
++ interface);
+ else {
+- (void)fprintf(f, "Subject: %s\n", title);
++ (void)fprintf(f, "Subject: %s %s\n", title, interface);
+ hn = unknown;
+ }
+ (void)putc('\n', f);
+ (void)fprintf(f, fmt, "hostname", hn);
+ (void)fprintf(f, fmt, "ip address", intoa(a));
++ (void)fprintf(f, fmt, "interface", interface);
+ (void)fprintf(f, fmt, "ethernet address", e2str(e1));
+ if ((cp = ec_find(e1)) == NULL)
+ cp = unknown;
+diff -Naru arpwatch-2.1a15.orig/report.h arpwatch-2.1a15/report.h
+--- arpwatch-2.1a15.orig/report.h 1996-06-05 09:40:54.000000000 +0400
++++ arpwatch-2.1a15/report.h 2006-09-22 19:41:19.000000000 +0400
+@@ -1,3 +1,3 @@
+ /* @(#) $Header: report.h,v 1.3 96/06/04 22:40:53 leres Exp $ (LBL) */
+
+-void report(char *, u_int32_t, u_char *, u_char *, time_t *, time_t *);
++void report(char *, u_int32_t, u_char *, u_char *, time_t *, time_t *, char *);
+diff -Naru arpwatch-2.1a15.orig/util.c arpwatch-2.1a15/util.c
+--- arpwatch-2.1a15.orig/util.c 2006-09-22 19:44:53.000000000 +0400
++++ arpwatch-2.1a15/util.c 2006-09-22 19:41:19.000000000 +0400
+@@ -62,11 +62,12 @@
+ int debug = 0;
+ int initializing = 1; /* true if initializing */
+ int nopromisc = 0; /* don't activate promisc mode by default */
++int allsubnets = 0; /* watch all attached subnets */
+
+ /* syslog() helper routine */
+ void
+ dosyslog(register int p, register char *s, register u_int32_t a,
+- register u_char *ea, register u_char *ha)
++ register u_char *ea, register u_char *ha, char *interface)
+ {
+ char xbuf[64];
+
+@@ -83,23 +84,21 @@
+ }
+
+ if (debug)
+- fprintf(stderr, "%s: %s %s %s\n", prog, s, intoa(a), xbuf);
++ fprintf(stderr, "%s: %s %s %s %s\n", prog, s, intoa(a),
++ xbuf, interface);
+ else
+- syslog(p, "%s %s %s", s, intoa(a), xbuf);
++ syslog(p, "%s %s %s %s", s, intoa(a), xbuf, interface);
+ }
+
+ static FILE *dumpf;
+
+ void
+ dumpone(register u_int32_t a, register u_char *e, register time_t t,
+- register char *h)
++ register char *h, char *interface)
+ {
+- (void)fprintf(dumpf, "%s\t%s", e2str(e), intoa(a));
+- if (t != 0 || h != NULL)
+- (void)fprintf(dumpf, "\t%u", (u_int32_t)t);
+- if (h != NULL && *h != '\0')
+- (void)fprintf(dumpf, "\t%s", h);
+- (void)putc('\n', dumpf);
++ (void)fprintf(dumpf, "%s\t%s\t%u\t%s\t%s\n", e2str(e), intoa(a),
++ (u_int32_t)t, ((h != NULL)?h:""),
++ ((interface != NULL)?interface:""));
+ }
+
+ int
+diff -Naru arpwatch-2.1a15.orig/util.h arpwatch-2.1a15/util.h
+--- arpwatch-2.1a15.orig/util.h 2006-09-22 19:44:53.000000000 +0400
++++ arpwatch-2.1a15/util.h 2006-09-22 19:41:19.000000000 +0400
+@@ -1,8 +1,8 @@
+ /* @(#) $Header: util.h,v 1.2 96/10/06 03:22:13 leres Exp $ (LBL) */
+
+-void dosyslog(int, char *, u_int32_t, u_char *, u_char *);
++void dosyslog(int, char *, u_int32_t, u_char *, u_char *, char *);
+ int dump(void);
+-void dumpone(u_int32_t, u_char *, time_t, char *);
++void dumpone(u_int32_t, u_char *, time_t, char *, char *);
+ int readdata(void);
+ char *savestr(const char *);
+
+@@ -18,3 +18,4 @@
+ extern int debug;
+ extern int initializing;
+ extern int nopromisc;
++extern int allsubnets;
diff --git a/main/arpwatch/07_all_arpwatch-2.1a15-specify-mail.patch b/main/arpwatch/07_all_arpwatch-2.1a15-specify-mail.patch
new file mode 100644
index 000000000000..b3b34b124614
--- /dev/null
+++ b/main/arpwatch/07_all_arpwatch-2.1a15-specify-mail.patch
@@ -0,0 +1,168 @@
+diff -Naru arpwatch-2.1a15.orig/arpsnmp.8 arpwatch-2.1a15/arpsnmp.8
+--- arpwatch-2.1a15.orig/arpsnmp.8 2006-09-22 19:44:44.000000000 +0400
++++ arpwatch-2.1a15/arpsnmp.8 2006-09-22 19:57:15.000000000 +0400
+@@ -42,6 +42,12 @@
+ ]
+ .br
+ .ti +8
++[
++.B -m
++.I addr
++]
++.br
++.ti +8
+ .I file
+ [
+ .I ...
+@@ -55,6 +61,13 @@
+ .BR snmpwalk (1)).
+ .LP
+ The
++.B -m
++option is used to specify the e-mail address to which reports will be
++sent. By default, reports are sent to
++.I root
++on the local machine. (This feature comes from Debian).
++.LP
++The
+ .B -d
+ flag is used enable debugging. This also inhibits mailing the reports.
+ Instead, they are sent to
+diff -Naru arpwatch-2.1a15.orig/arpsnmp.c arpwatch-2.1a15/arpsnmp.c
+--- arpwatch-2.1a15.orig/arpsnmp.c 2006-09-22 19:46:34.000000000 +0400
++++ arpwatch-2.1a15/arpsnmp.c 2006-09-22 19:57:55.000000000 +0400
+@@ -82,6 +82,7 @@
+ char options[] =
+ "d"
+ "f:"
++ "m:"
+ "s:"
+ ;
+
+@@ -111,6 +112,10 @@
+ arpfile = optarg;
+ break;
+
++ case 'm':
++ mailaddress = optarg;
++ break;
++
+ case 's':
+ path_sendmail = optarg;
+ break;
+@@ -197,6 +202,7 @@
+ char usage[] =
+ "[-d] "
+ "[-f datafile] "
++ "[-m e-mail ] "
+ "[-s sendmail_path] "
+ "file [...]\n"
+ ;
+diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-22 19:46:34.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 19:53:35.000000000 +0400
+@@ -46,7 +46,7 @@
+ [
+ .B -n
+ .IR net [/ width
+-]]
++] ]
+ .br
+ .ti +8
+ [
+@@ -56,6 +56,12 @@
+ .br
+ .ti +8
+ [
++.B -m
++.I e-mail
++]
++.br
++.ti +8
++[
+ .B -s
+ .I sendmail_path
+ ]
+@@ -120,6 +126,13 @@
+ does not fork.
+ .LP
+ The
++.B -m
++option is used to specify the e-mail address to which reports will be
++sent. By default, reports are sent to
++.I root
++on the local machine. (This feature comes from Debian).
++.LP
++The
+ .B -s
+ flag is used to specify the path to the sendmail program. Any program that
+ takes the option -odi and then text from stdin can be substituted. This is
+diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-22 19:46:34.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.c 2006-09-22 19:58:46.000000000 +0400
+@@ -163,6 +163,7 @@
+ "n:"
+ "N"
+ "r:"
++ "m:"
+ "s:"
+ "p"
+ "a"
+@@ -216,6 +217,10 @@
+ rfilename = optarg;
+ break;
+
++ case 'm':
++ mailaddress = optarg;
++ break;
++
+ case 's':
+ path_sendmail = optarg;
+ break;
+@@ -784,6 +789,7 @@
+ "[-i interface] "
+ "[-n net[/width]] "
+ "[-r file] "
++ "[-m e-mail] "
+ "[-s sendmail_path] "
+ "[-p] "
+ "[-a] "
+diff -Naru arpwatch-2.1a15.orig/report.c arpwatch-2.1a15/report.c
+--- arpwatch-2.1a15.orig/report.c 2006-09-22 19:46:34.000000000 +0400
++++ arpwatch-2.1a15/report.c 2006-09-22 19:59:18.000000000 +0400
+@@ -242,7 +242,7 @@
+ register FILE *f;
+ char tempfile[64], cpu[64], os[64];
+ char *fmt = "%20s: %s\n";
+- char *watcher = WATCHER;
++ char *watcher = mailaddress;
+ char *watchee = WATCHEE;
+ char *sendmail = path_sendmail;
+ char *unknown = "<unknown>";
+diff -Naru arpwatch-2.1a15.orig/util.c arpwatch-2.1a15/util.c
+--- arpwatch-2.1a15.orig/util.c 2006-09-22 19:46:34.000000000 +0400
++++ arpwatch-2.1a15/util.c 2006-09-22 20:00:25.000000000 +0400
+@@ -50,6 +50,7 @@
+ #include "ec.h"
+ #include "file.h"
+ #include "util.h"
++#include "addresses.h"
+
+ char *arpdir = ARPDIR;
+ char *arpfile = ARPFILE;
+@@ -63,6 +64,7 @@
+ int initializing = 1; /* true if initializing */
+ int nopromisc = 0; /* don't activate promisc mode by default */
+ int allsubnets = 0; /* watch all attached subnets */
++char *mailaddress = WATCHER;
+
+ /* syslog() helper routine */
+ void
+diff -Naru arpwatch-2.1a15.orig/util.h arpwatch-2.1a15/util.h
+--- arpwatch-2.1a15.orig/util.h 2006-09-22 19:46:34.000000000 +0400
++++ arpwatch-2.1a15/util.h 2006-09-22 20:00:39.000000000 +0400
+@@ -19,3 +19,4 @@
+ extern int initializing;
+ extern int nopromisc;
+ extern int allsubnets;
++extern char *mailaddress;
diff --git a/main/arpwatch/08_all_arpwatch-2.1a15-drop-priveleges.patch b/main/arpwatch/08_all_arpwatch-2.1a15-drop-priveleges.patch
new file mode 100644
index 000000000000..b0283e6a65cb
--- /dev/null
+++ b/main/arpwatch/08_all_arpwatch-2.1a15-drop-priveleges.patch
@@ -0,0 +1,147 @@
+diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-23 22:13:55.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.8 2006-09-23 22:15:30.000000000 +0400
+@@ -75,6 +75,18 @@
+ [
+ .B -a
+ ]
++.br
++.ti +8
++[
++.B -u
++.I username
++]
++.br
++.ti +8
++[
++.B -R
++.I seconds
++]
+ .ad
+ .SH DESCRIPTION
+ .B Arpwatch
+@@ -159,6 +171,32 @@
+ .B -N
+ is given). (This feature comes from Debian).
+ .LP
++The
++.B -u
++flag instructs
++.B arpwatch
++to drop root privileges and change the UID to
++.I username
++and GID to the primary group of
++.IR username .
++This is recommended for security reasons, but
++.I username
++has to have write access to the default directory. (This feature comes from Debian).
++.LP
++The
++.B -R
++flag instructs
++.B arpwatch
++to restart in
++.I seconds
++seconds after the interface went down. By default, in such cases
++arpwatch would print an error message and exit. This option is
++ignored if either the
++.B -r
++or
++.B -u
++flags are used. (This feature comes from Debian).
++.LP
+ Note that an empty
+ .I arp.dat
+ file must be created before the first time you run
+diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-23 22:13:55.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.c 2006-09-23 22:11:41.000000000 +0400
+@@ -62,7 +62,8 @@
+ #include <string.h>
+ #include <syslog.h>
+ #include <unistd.h>
+-
++#include <pwd.h>
++#include <grp.h>
+ #include <pcap.h>
+
+ #include "gnuc.h"
+@@ -144,6 +145,24 @@
+
+ static char *interface;
+
++void dropprivileges(const char* user)
++{
++ struct passwd* pw;
++ pw = getpwnam( user );
++ if ( pw ) {
++ if ( initgroups(pw->pw_name, 0) != 0 || setgid(pw->pw_gid) != 0 ||
++ setuid(pw->pw_uid) != 0 ) {
++ syslog(LOG_ERR, "Couldn't change to '%.32s' uid=%d gid=%d", user,pw->pw_uid, pw->pw_gid);
++ exit(1);
++ }
++ }
++ else {
++ syslog(LOG_ERR, "Couldn't find user '%.32s' in /etc/passwd", user);
++ exit(1);
++ }
++ syslog(LOG_INFO, "Running as uid=%d gid=%d", getuid(), getgid());
++}
++
+ int
+ main(int argc, char **argv)
+ {
+@@ -156,6 +175,7 @@
+ register char *rfilename;
+ struct bpf_program code;
+ char errbuf[PCAP_ERRBUF_SIZE];
++ char* username = NULL;
+ char options[] =
+ "d"
+ "f:"
+@@ -167,6 +187,7 @@
+ "s:"
+ "p"
+ "a"
++ "u:"
+ ;
+
+ if (argv[0] == NULL)
+@@ -233,6 +254,10 @@
+ ++allsubnets;
+ break;
+
++ case 'u':
++ username = optarg;
++ break;
++
+ default:
+ usage();
+ }
+@@ -310,12 +335,16 @@
+ #endif
+ }
+
++ if ( username ) {
++ dropprivileges( username );
++ } else {
+ /*
+ * Revert to non-privileged user after opening sockets
+ * (not needed on most systems).
+ */
+- setgid(getgid());
+- setuid(getuid());
++ setgid(getgid());
++ setuid(getuid());
++ }
+
+ /* Must be ethernet or fddi */
+ linktype = pcap_datalink(pd);
+@@ -793,6 +822,7 @@
+ "[-s sendmail_path] "
+ "[-p] "
+ "[-a] "
++ "[-u username] "
+ "\n"
+ ;
+
diff --git a/main/arpwatch/09_all_arpwatch-2.1a15-quite-mail.patch b/main/arpwatch/09_all_arpwatch-2.1a15-quite-mail.patch
new file mode 100644
index 000000000000..ce5c4b244b2d
--- /dev/null
+++ b/main/arpwatch/09_all_arpwatch-2.1a15-quite-mail.patch
@@ -0,0 +1,90 @@
+diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-23 22:16:05.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.8 2006-09-23 22:17:15.000000000 +0400
+@@ -87,6 +87,11 @@
+ .B -R
+ .I seconds
+ ]
++.br
++.ti +8
++[
++.B -Q
++]
+ .ad
+ .SH DESCRIPTION
+ .B Arpwatch
+@@ -197,6 +202,10 @@
+ .B -u
+ flags are used. (This feature comes from Debian).
+ .LP
++The
++.B -Q
++flags prevents arpwatch from sending reports by mail. (This feature comes from Debian).
++.LP
+ Note that an empty
+ .I arp.dat
+ file must be created before the first time you run
+diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-23 22:16:05.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.c 2006-09-23 22:18:10.000000000 +0400
+@@ -188,6 +188,7 @@
+ "p"
+ "a"
+ "u:"
++ "Q"
+ ;
+
+ if (argv[0] == NULL)
+@@ -258,6 +259,11 @@
+ username = optarg;
+ break;
+
++ case 'Q':
++ ++quiet;
++ break;
++
++
+ default:
+ usage();
+ }
+@@ -823,6 +829,7 @@
+ "[-p] "
+ "[-a] "
+ "[-u username] "
++ "[-Q ] "
+ "\n"
+ ;
+
+diff -Naru arpwatch-2.1a15.orig/report.c arpwatch-2.1a15/report.c
+--- arpwatch-2.1a15.orig/report.c 2006-09-23 22:13:55.000000000 +0400
++++ arpwatch-2.1a15/report.c 2006-09-23 22:17:15.000000000 +0400
+@@ -274,6 +274,10 @@
+ /* Syslog this event too */
+ dosyslog(LOG_NOTICE, title, a, e1, e2, interface);
+
++ /* return if watcher is an empty string */
++ if ( quiet )
++ return;
++
+ /* Update child depth */
+ ++cdepth;
+
+diff -Naru arpwatch-2.1a15.orig/util.c arpwatch-2.1a15/util.c
+--- arpwatch-2.1a15.orig/util.c 2006-09-23 22:13:55.000000000 +0400
++++ arpwatch-2.1a15/util.c 2006-09-23 22:17:15.000000000 +0400
+@@ -65,6 +65,7 @@
+ int nopromisc = 0; /* don't activate promisc mode by default */
+ int allsubnets = 0; /* watch all attached subnets */
+ char *mailaddress = WATCHER;
++int quiet = 0; /* send mail by default */
+
+ /* syslog() helper routine */
+ void
+diff -Naru arpwatch-2.1a15.orig/util.h arpwatch-2.1a15/util.h
+--- arpwatch-2.1a15.orig/util.h 2006-09-23 22:13:55.000000000 +0400
++++ arpwatch-2.1a15/util.h 2006-09-23 22:17:15.000000000 +0400
+@@ -20,3 +20,4 @@
+ extern int nopromisc;
+ extern int allsubnets;
+ extern char *mailaddress;
++extern int quiet;
diff --git a/main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch b/main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch
new file mode 100644
index 000000000000..2b9405d81ed9
--- /dev/null
+++ b/main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch
@@ -0,0 +1,97 @@
+diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-23 22:19:29.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.8 2006-09-23 22:19:55.000000000 +0400
+@@ -92,6 +92,12 @@
+ [
+ .B -Q
+ ]
++.br
++.ti +8
++[
++.B -z
++.I ignorenet/ignoremask
++]
+ .ad
+ .SH DESCRIPTION
+ .B Arpwatch
+@@ -206,6 +212,11 @@
+ .B -Q
+ flags prevents arpwatch from sending reports by mail. (This feature comes from Debian).
+ .LP
++The
++.B -z
++flag is used to set a range of ip addresses to ignore (such as a DHCP
++range). Netmask is specified as 255.255.128.0. (This feature comes from Debian).
++.LP
+ Note that an empty
+ .I arp.dat
+ file must be created before the first time you run
+diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-23 22:19:29.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.c 2006-09-23 22:19:55.000000000 +0400
+@@ -125,6 +125,9 @@
+ static int nets_ind;
+ static int nets_size;
+
++static struct in_addr ignore_net;
++static struct in_addr ignore_netmask;
++
+ extern int optind;
+ extern int opterr;
+ extern char *optarg;
+@@ -189,7 +192,9 @@
+ "a"
+ "u:"
+ "Q"
++ "z:"
+ ;
++ char *tmpptr;
+
+ if (argv[0] == NULL)
+ prog = "arpwatch";
+@@ -207,6 +212,9 @@
+ interface = NULL;
+ rfilename = NULL;
+ pd = NULL;
++
++ inet_aton("0.0.0.0", &ignore_netmask);
++ inet_aton("255.255.255.255", &ignore_netmask);
+ while ((op = getopt(argc, argv, options)) != EOF)
+ switch (op) {
+
+@@ -263,6 +271,12 @@
+ ++quiet;
+ break;
+
++ case 'z':
++ tmpptr = strtok(optarg, "/");
++ inet_aton(tmpptr, &ignore_net);
++ tmpptr = strtok(NULL, "/");
++ inet_aton(tmpptr, &ignore_netmask);
++ break;
+
+ default:
+ usage();
+@@ -465,6 +479,14 @@
+ return;
+ }
+
++ /* Ignores the specified netmask/metwork */
++ if ((sia & ignore_netmask.s_addr) == ignore_net.s_addr) {
++ if (debug) {
++ dosyslog(LOG_INFO, "ignored", sia, sea, sha, interface);
++ }
++ return;
++ }
++
+ /* Got a live one */
+ t = h->ts.tv_sec;
+ can_checkpoint = 0;
+@@ -830,6 +852,7 @@
+ "[-a] "
+ "[-u username] "
+ "[-Q ] "
++ "[-z ignorenet/ignoremask] "
+ "\n"
+ ;
+
diff --git a/main/arpwatch/11_all_arpwatch-2.1a15-secure-tmp.patch b/main/arpwatch/11_all_arpwatch-2.1a15-secure-tmp.patch
new file mode 100644
index 000000000000..4e9cd88b8ad3
--- /dev/null
+++ b/main/arpwatch/11_all_arpwatch-2.1a15-secure-tmp.patch
@@ -0,0 +1,26 @@
+diff -Naru arpwatch-2.1a15.orig/bihourly.sh arpwatch-2.1a15/bihourly.sh
+--- arpwatch-2.1a15.orig/bihourly.sh 2006-07-28 22:19:45.000000000 +0400
++++ arpwatch-2.1a15/bihourly.sh 2006-09-22 21:29:38.000000000 +0400
+@@ -10,8 +10,8 @@
+ #
+ list="`cat list`"
+ cname="`cat cname`"
+-temp1=/tmp/bihourly.1.$$
+-temp2=/tmp/bihourly.2.$$
++temp1=$(mktemp)
++temp2=$(mktemp)
+ d=/tmp/errs
+
+ # imperfect hack
+diff -Naru arpwatch-2.1a15.orig/mkdep arpwatch-2.1a15/mkdep
+--- arpwatch-2.1a15.orig/mkdep 1996-06-23 13:25:24.000000000 +0400
++++ arpwatch-2.1a15/mkdep 2006-09-22 21:30:04.000000000 +0400
+@@ -51,7 +51,7 @@
+ exit 1
+ fi
+
+-TMP=/tmp/mkdep$$
++TMP=$(mktemp)
+
+ trap 'rm -f $TMP ; exit 1' 1 2 3 13 15
+
diff --git a/main/arpwatch/12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch b/main/arpwatch/12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch
new file mode 100644
index 000000000000..de4db37b68e8
--- /dev/null
+++ b/main/arpwatch/12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch
@@ -0,0 +1,24 @@
+diff -Naru arpwatch-2.1a15.orig/arpsnmp.8 arpwatch-2.1a15/arpsnmp.8
+--- arpwatch-2.1a15.orig/arpsnmp.8 2006-09-22 20:02:04.000000000 +0400
++++ arpwatch-2.1a15/arpsnmp.8 2006-09-22 21:35:52.000000000 +0400
+@@ -100,7 +100,7 @@
+ .na
+ .nh
+ .nf
+-/usr/operator/arpwatch - default directory
++/usr/lib/arpwatch - default directory
+ arp.dat - ethernet/ip address database
+ ethercodes.dat - vendor ethernet block list
+ .ad
+diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-22 20:32:56.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 21:36:16.000000000 +0400
+@@ -275,7 +275,7 @@
+ .na
+ .nh
+ .nf
+-/usr/operator/arpwatch - default directory
++/usr/lib/arpwatch - default directory
+ arp.dat - ethernet/ip address database
+ ethercodes.dat - vendor ethernet block list
+ .ad
diff --git a/main/arpwatch/13_all_arpwatch-2.1a15-scripts-awk.patch b/main/arpwatch/13_all_arpwatch-2.1a15-scripts-awk.patch
new file mode 100644
index 000000000000..227fd328de42
--- /dev/null
+++ b/main/arpwatch/13_all_arpwatch-2.1a15-scripts-awk.patch
@@ -0,0 +1,31 @@
+diff -Naru arpwatch-2.1a15.orig/arp2ethers arpwatch-2.1a15/arp2ethers
+--- arpwatch-2.1a15.orig/arp2ethers 2002-01-05 22:40:48.000000000 +0300
++++ arpwatch-2.1a15/arp2ethers 2006-09-23 22:47:02.000000000 +0400
+@@ -13,11 +13,10 @@
+ # - sort
+ #
+
+-sort +2rn arp.dat | \
+- awk 'NF == 4 { print }' | \
++export AWKPATH="$AWKPATH:/usr/share/arpwatch/awk"
++
++sort -k 3rn ${1:-/var/lib/arpwatch/arp.dat} | \
+ awk -f p.awk | \
+- egrep -v '\.[0-9][0-9]*$' | \
+- sed -e 's/ .* / /' | \
+ awk -f d.awk | \
+ awk -f e.awk | \
+ sort
+diff -Naru arpwatch-2.1a15.orig/massagevendor arpwatch-2.1a15/massagevendor
+--- arpwatch-2.1a15.orig/massagevendor 2004-01-28 22:32:43.000000000 +0300
++++ arpwatch-2.1a15/massagevendor 2006-09-23 22:49:42.000000000 +0400
+@@ -9,6 +9,9 @@
+ #
+ # - Deal with duplicates in oui.txt (concatenate company names)
+ #
++
++export AWKPATH="$AWKPATH:/usr/share/arpwatch/awk"
++
+ (sed -n \
+ -e 's/^\([0-9A-F][0-9A-F]\)-\([0-9A-F][0-9A-F]\)-\([0-9A-F][0-9A-F]\) *(hex)[ ]*\(..*\)/\1\2\3 \4/p' \
+ $* | \
diff --git a/main/arpwatch/14_all_arpwatch-2.1a15-paths-fix.patch b/main/arpwatch/14_all_arpwatch-2.1a15-paths-fix.patch
new file mode 100644
index 000000000000..6162aeebfc89
--- /dev/null
+++ b/main/arpwatch/14_all_arpwatch-2.1a15-paths-fix.patch
@@ -0,0 +1,35 @@
+diff -Naru arpwatch-2.1a15.orig/arpwatch.h arpwatch-2.1a15/arpwatch.h
+--- arpwatch-2.1a15.orig/arpwatch.h 2000-10-01 03:40:55.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.h 2006-09-22 22:48:13.000000000 +0400
+@@ -1,7 +1,7 @@
+ /* @(#) $Id: arpwatch.h,v 1.29 2000/09/30 23:40:49 leres Exp $ (LBL) */
+
+ #define ARPFILE "arp.dat"
+-#define ETHERCODES "ethercodes.dat"
++/*#define ETHERCODES "ethercodes.dat" */
+ #define CHECKPOINT (15*60) /* Checkpoint time in seconds */
+
+ #define MEMCMP(a, b, n) memcmp((char *)a, (char *)b, n)
+diff -Naru arpwatch-2.1a15.orig/Makefile.in arpwatch-2.1a15/Makefile.in
+--- arpwatch-2.1a15.orig/Makefile.in 2006-09-22 22:48:59.000000000 +0400
++++ arpwatch-2.1a15/Makefile.in 2006-09-22 22:49:23.000000000 +0400
+@@ -31,7 +31,8 @@
+ # Pathname of directory to install the man page
+ MANDEST = @mandir@
+ # Pathname of directory to install database file
+-ARPDIR = $(prefix)/arpwatch
++ARPDIR = /var/lib/arpwatch
++ETHERCODES = /usr/share/arpwatch/ethercodes.dat
+
+ # VPATH
+ srcdir = @srcdir@
+@@ -45,7 +46,8 @@
+ PROG = arpwatch
+ CCOPT = @V_CCOPT@
+ INCLS = -I. @V_INCLS@
+-DEFS = -DDEBUG @DEFS@ -DARPDIR=\"$(ARPDIR)\" -DPATH_SENDMAIL=\"$(SENDMAIL)\"
++DEFS = -DDEBUG @DEFS@ -DARPDIR=\"$(ARPDIR)\" -DPATH_SENDMAIL=\"$(SENDMAIL)\" \
++ -DETHERCODES=\"$(ETHERCODES)\"
+
+ # Standard CFLAGS
+ CFLAGS = $(CCOPT) $(DEFS) $(INCLS)
diff --git a/main/arpwatch/15_all_arpwatch-2.1a15-fix-dead-lock.patch b/main/arpwatch/15_all_arpwatch-2.1a15-fix-dead-lock.patch
new file mode 100644
index 000000000000..9e94c7dd0cfb
--- /dev/null
+++ b/main/arpwatch/15_all_arpwatch-2.1a15-fix-dead-lock.patch
@@ -0,0 +1,32 @@
+diff -Naru arpwatch-2.1a15.orig/report.c arpwatch-2.1a15/report.c
+--- arpwatch-2.1a15.orig/report.c 2006-09-23 19:31:47.000000000 +0400
++++ arpwatch-2.1a15/report.c 2006-09-23 19:38:54.000000000 +0400
+@@ -217,7 +217,12 @@
+ continue;
+ /* ECHILD means no one left */
+ if (errno != ECHILD)
+- syslog(LOG_ERR, "reaper: %m");
++ /* It is dangerous to call non reentrant */
++ /* functions from callback (POSIX) */
++ /* Next line effectively disables this as */
++ /* we never get here in debug */
++ if (debug)
++ syslog(LOG_ERR, "reaper: %m");
+ break;
+ }
+ /* Already got everyone who was done */
+@@ -225,8 +230,13 @@
+ break;
+ --cdepth;
+ if (WEXITSTATUS(status))
++ /* It is dangerous to call non-reentrant */
++ /* functions from callback (POSIX) */
++ /* Next line effectively disables this as */
++ /* we never get here in debug */
++ if (debug)
+ syslog(LOG_DEBUG, "reaper: pid %d, exit status %d",
+- pid, WEXITSTATUS(status));
++ pid, WEXITSTATUS(status));
+ }
+ return RETSIGVAL;
+ }
diff --git a/main/arpwatch/16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch b/main/arpwatch/16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch
new file mode 100644
index 000000000000..c026fcfc48b6
--- /dev/null
+++ b/main/arpwatch/16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch
@@ -0,0 +1,98 @@
+diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-23 22:23:03.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.8 2006-09-23 22:22:15.000000000 +0400
+@@ -30,70 +30,70 @@
+ .B -dN
+ ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -f
+ .I datafile
+ ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -i
+ .I interface
+ ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -n
+ .IR net [/ width
+ ] ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -r
+ .I file
+ ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -m
+ .I e-mail
+ ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -s
+ .I sendmail_path
+ ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -p
+ ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -a
+ ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -u
+ .I username
+ ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -R
+ .I seconds
+ ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -Q
+ ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -z
+ .I ignorenet/ignoremask
+@@ -175,9 +175,9 @@
+ .B -a
+ flag tells
+ .B arpwatch
+-to report bogons about every IP address. By default,
++to record bogons about every IP address. By default,
+ .B arpwatch
+-reports bogons for IP addresses that are in the same subnet with the first IP
++records bogons for IP addresses that are in the same subnet with the first IP
+ address of the default interface (unless
+ .B -N
+ is given). (This feature comes from Debian).
diff --git a/main/arpwatch/17_all_arpwatch-2.1a15-restart.patch b/main/arpwatch/17_all_arpwatch-2.1a15-restart.patch
new file mode 100644
index 000000000000..9c7f119df4e3
--- /dev/null
+++ b/main/arpwatch/17_all_arpwatch-2.1a15-restart.patch
@@ -0,0 +1,162 @@
+diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-23 22:20:51.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.c 2006-09-23 22:24:49.000000000 +0400
+@@ -179,6 +179,8 @@
+ struct bpf_program code;
+ char errbuf[PCAP_ERRBUF_SIZE];
+ char* username = NULL;
++ int restart = 0;
++ int restarting_loop = 0;
+ char options[] =
+ "d"
+ "f:"
+@@ -191,6 +193,7 @@
+ "p"
+ "a"
+ "u:"
++ "R:"
+ "Q"
+ "z:"
+ ;
+@@ -267,6 +270,10 @@
+ username = optarg;
+ break;
+
++ case 'R':
++ restart = atoi(optarg);
++ break;
++
+ case 'Q':
+ ++quiet;
+ break;
+@@ -285,6 +292,12 @@
+ if (optind != argc)
+ usage();
+
++ if ( username && restart ) {
++ syslog(LOG_ERR, "Please, specify either -u or -R");
++ (void)fprintf(stderr,"Please, specify either -u or -R. See arpwatch.8\n");
++ exit(1);
++ }
++
+ if (rfilename != NULL) {
+ net = 0;
+ netmask = 0;
+@@ -334,6 +347,7 @@
+ syslog(LOG_ERR, "(using current working directory)");
+ }
+
++label_restart:
+ if (rfilename != NULL) {
+ pd = pcap_open_offline(rfilename, errbuf);
+ if (pd == NULL) {
+@@ -348,22 +362,30 @@
+ pd = pcap_open_live(interface, snaplen, !nopromisc, timeout, errbuf);
+ if (pd == NULL) {
+ syslog(LOG_ERR, "pcap open %s: %s", interface, errbuf);
+- exit(1);
++ if (restart) {
++ syslog(LOG_ERR, "restart in %d secs", restart);
++ } else {
++ exit(1);
++ }
++ sleep(restart);
++ goto label_restart;
+ }
+ #ifdef WORDS_BIGENDIAN
+ swapped = 1;
+ #endif
+ }
+
+- if ( username ) {
+- dropprivileges( username );
+- } else {
+- /*
+- * Revert to non-privileged user after opening sockets
+- * (not needed on most systems).
+- */
+- setgid(getgid());
+- setuid(getuid());
++ if (!restarting_loop) {
++ if ( username && !restart ) {
++ dropprivileges( username );
++ } else {
++ /*
++ * Revert to non-privileged user after opening sockets
++ * (not needed on most systems).
++ */
++ setgid(getgid());
++ setuid(getuid());
++ }
+ }
+
+ /* Must be ethernet or fddi */
+@@ -386,26 +408,30 @@
+ if (rfilename == NULL)
+ syslog(LOG_INFO, "listening on %s", interface);
+
+- /* Read in database */
+- initializing = 1;
+- if (!readdata())
+- exit(1);
+- sorteinfo();
++ if (!restarting_loop) {
++ /* Read in database */
++ initializing = 1;
++ if (!readdata())
++ exit(1);
++ sorteinfo();
++ }
+ #ifdef DEBUG
+ if (debug > 2) {
+ debugdump();
+ exit(0);
+ }
+ #endif
+- initializing = 0;
++ if (!restarting_loop) {
++ initializing = 0;
+
+- (void)setsignal(SIGINT, die);
+- (void)setsignal(SIGTERM, die);
+- (void)setsignal(SIGHUP, die);
+- if (rfilename == NULL) {
+- (void)setsignal(SIGQUIT, checkpoint);
+- (void)setsignal(SIGALRM, checkpoint);
+- (void)alarm(CHECKPOINT);
++ (void)setsignal(SIGINT, die);
++ (void)setsignal(SIGTERM, die);
++ (void)setsignal(SIGHUP, die);
++ if (rfilename == NULL) {
++ (void)setsignal(SIGQUIT, checkpoint);
++ (void)setsignal(SIGALRM, checkpoint);
++ (void)alarm(CHECKPOINT);
++ }
+ }
+
+ switch (linktype) {
+@@ -424,7 +450,15 @@
+ }
+ if (status < 0) {
+ syslog(LOG_ERR, "pcap_loop: %s", pcap_geterr(pd));
+- exit(1);
++ if (restart && rfilename == NULL) {
++ syslog(LOG_ERR, "restart in %d secs", restart);
++ ++restarting_loop;
++ pcap_close(pd);
++ } else {
++ exit(1);
++ }
++ sleep(restart);
++ goto label_restart;
+ }
+ pcap_close(pd);
+ if (!dump())
+@@ -851,6 +885,7 @@
+ "[-p] "
+ "[-a] "
+ "[-u username] "
++ "[-R seconds ] "
+ "[-Q ] "
+ "[-z ignorenet/ignoremask] "
+ "\n"
diff --git a/main/arpwatch/18_all_arpwatch-2.1a15-nofork.patch b/main/arpwatch/18_all_arpwatch-2.1a15-nofork.patch
new file mode 100644
index 000000000000..83447f794f99
--- /dev/null
+++ b/main/arpwatch/18_all_arpwatch-2.1a15-nofork.patch
@@ -0,0 +1,94 @@
+Origianl idea comes from Matthias Andree.
+
+diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-24 09:34:36.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.8 2006-09-24 10:06:24.000000000 +0400
+@@ -27,7 +27,12 @@
+ .na
+ .B arpwatch
+ [
+-.B -dN
++.B -d
++]
++.br
++.ti +9
++[
++.B -F
+ ]
+ .br
+ .ti +9
+@@ -50,6 +55,11 @@
+ .br
+ .ti +9
+ [
++.B -N
++]
++.br
++.ti +9
++[
+ .B -r
+ .I file
+ ]
+@@ -115,6 +125,14 @@
+ .IR stderr .
+ .LP
+ The
++.B -F
++flag is used to prevent
++.I arpwatch
++from forking. This is allows to run
++.I arpwatch
++from daemon tools.
++.LP
++The
+ .B -f
+ flag is used to set the ethernet/ip address database filename.
+ The default is
+diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-24 09:34:36.000000000 +0400
++++ arpwatch-2.1a15/arpwatch.c 2006-09-24 10:10:17.000000000 +0400
+@@ -179,10 +179,12 @@
+ struct bpf_program code;
+ char errbuf[PCAP_ERRBUF_SIZE];
+ char* username = NULL;
++ int nofork = 0;
+ int restart = 0;
+ int restarting_loop = 0;
+ char options[] =
+ "d"
++ "F"
+ "f:"
+ "i:"
+ "n:"
+@@ -229,6 +231,10 @@
+ #endif
+ break;
+
++ case 'F':
++ ++nofork;
++ break;
++
+ case 'f':
+ arpfile = optarg;
+ break;
+@@ -319,12 +325,14 @@
+
+ /* Drop into the background if not debugging */
+ if (!debug) {
+- pid = fork();
+- if (pid < 0) {
+- syslog(LOG_ERR, "main fork(): %m");
+- exit(1);
+- } else if (pid != 0)
+- exit(0);
++ if (!nofork) {
++ pid = fork();
++ if (pid < 0) {
++ syslog(LOG_ERR, "main fork(): %m");
++ exit(1);
++ } else if (pid != 0)
++ exit(0);
++ }
+ (void)close(fileno(stdin));
+ (void)close(fileno(stdout));
+ (void)close(fileno(stderr));
diff --git a/main/arpwatch/19_all_arpwatch-2.1a15-nonewstation.patch b/main/arpwatch/19_all_arpwatch-2.1a15-nonewstation.patch
new file mode 100644
index 000000000000..521d31ae1bf2
--- /dev/null
+++ b/main/arpwatch/19_all_arpwatch-2.1a15-nonewstation.patch
@@ -0,0 +1,100 @@
+diff -Naur arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-12-11 12:56:18.000000000 +0300
++++ arpwatch-2.1a15/arpwatch.8 2006-12-11 12:56:53.000000000 +0300
+@@ -60,6 +60,11 @@
+ .br
+ .ti +9
+ [
++.B -S
++]
++.br
++.ti +9
++[
+ .B -r
+ .I file
+ ]
+@@ -155,6 +160,10 @@
+ flag disables reporting any bogons.
+ .LP
+ The
++.B -S
++flag disables reporting of new stations.
++.LP
++The
+ .B -r
+ flag is used to specify a savefile
+ (perhaps created by
+diff -Naur arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15.orig/arpwatch.c 2006-12-11 12:56:18.000000000 +0300
++++ arpwatch-2.1a15/arpwatch.c 2006-12-11 12:56:53.000000000 +0300
+@@ -189,6 +189,7 @@
+ "i:"
+ "n:"
+ "N"
++ "S"
+ "r:"
+ "m:"
+ "s:"
+@@ -252,6 +253,10 @@
+ ++nobogons;
+ break;
+
++ case 'S':
++ ++nonewstations;
++ break;
++
+ case 'r':
+ rfilename = optarg;
+ break;
+@@ -883,7 +888,7 @@
+ {
+ extern char version[];
+ char usage[] =
+- "[-dN] "
++ "[-dNS] "
+ "[-f datafile] "
+ "[-i interface] "
+ "[-n net[/width]] "
+@@ -894,7 +899,7 @@
+ "[-a] "
+ "[-u username] "
+ "[-R seconds ] "
+- "[-Q ] "
++ "[-Q] "
+ "[-z ignorenet/ignoremask] "
+ "\n"
+ ;
+diff -Naur arpwatch-2.1a15.orig/arpwatch.h arpwatch-2.1a15/arpwatch.h
+--- arpwatch-2.1a15.orig/arpwatch.h 2006-12-11 12:56:18.000000000 +0300
++++ arpwatch-2.1a15/arpwatch.h 2006-12-11 12:57:13.000000000 +0300
+@@ -16,6 +16,8 @@
+
+ extern char *prog;
+
++extern int nonewstations; /* Turns off new-station reporting. */
++
+ #ifdef ETHER_HEADER_HAS_EA
+ #define ESRC(ep) ((ep)->ether_shost.ether_addr_octet)
+ #define EDST(ep) ((ep)->ether_dhost.ether_addr_octet)
+diff -Naur arpwatch-2.1a15.orig/db.c arpwatch-2.1a15/db.c
+--- arpwatch-2.1a15.orig/db.c 2006-12-11 12:56:18.000000000 +0300
++++ arpwatch-2.1a15/db.c 2006-12-11 12:57:34.000000000 +0300
+@@ -86,6 +86,8 @@
+ static void check_hname(struct ainfo *);
+ struct ainfo *newainfo(void);
+
++int nonewstations = 0;
++
+ int
+ ent_add(register u_int32_t a, register u_char *e, time_t t, register char *h,
+ char *interface)
+@@ -118,7 +120,8 @@
+ if (ap->ecount == 0) {
+ ap->ecount = 1;
+ ap->elist[0] = elist_alloc(a, e, t, h, interface);
+- report("new station", a, e, NULL, &t, NULL, interface);
++ if (!nonewstations)
++ report("new station", a, e, NULL, &t, NULL, interface);
+ return (1);
+ }
+
diff --git a/main/arpwatch/20_all_arpwatch-2.1a15-noreversedns-resolve.patch b/main/arpwatch/20_all_arpwatch-2.1a15-noreversedns-resolve.patch
new file mode 100644
index 000000000000..b2d523d491c0
--- /dev/null
+++ b/main/arpwatch/20_all_arpwatch-2.1a15-noreversedns-resolve.patch
@@ -0,0 +1,99 @@
+diff -Naur arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8
+--- arpwatch-2.1a15.orig/arpwatch.8 2006-12-11 13:00:39.000000000 +0300
++++ arpwatch-2.1a15/arpwatch.8 2006-12-11 13:00:55.000000000 +0300
+@@ -110,6 +110,11 @@
+ .br
+ .ti +9
+ [
++.B -D
++]
++.br
++.ti +9
++[
+ .B -z
+ .I ignorenet/ignoremask
+ ]
+@@ -240,6 +245,10 @@
+ flags prevents arpwatch from sending reports by mail. (This feature comes from Debian).
+ .LP
+ The
++.B -D
++flag turns off reverse-DNS queries. This can speed up operations significantly.
++.LP
++The
+ .B -z
+ flag is used to set a range of ip addresses to ignore (such as a DHCP
+ range). Netmask is specified as 255.255.128.0. (This feature comes from Debian).
+diff -Naur arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15.orig/arpwatch.c 2006-12-11 13:00:39.000000000 +0300
++++ arpwatch-2.1a15/arpwatch.c 2006-12-11 13:00:55.000000000 +0300
+@@ -198,6 +198,7 @@
+ "u:"
+ "R:"
+ "Q"
++ "D"
+ "z:"
+ ;
+ char *tmpptr;
+@@ -289,6 +290,10 @@
+ ++quiet;
+ break;
+
++ case 'D':
++ ++noreversedns;
++ break;
++
+ case 'z':
+ tmpptr = strtok(optarg, "/");
+ inet_aton(tmpptr, &ignore_net);
+@@ -900,6 +905,7 @@
+ "[-u username] "
+ "[-R seconds ] "
+ "[-Q] "
++ "[-D] "
+ "[-z ignorenet/ignoremask] "
+ "\n"
+ ;
+diff -Naur arpwatch-2.1a15.orig/arpwatch.h arpwatch-2.1a15/arpwatch.h
+--- arpwatch-2.1a15.orig/arpwatch.h 2006-12-11 13:00:39.000000000 +0300
++++ arpwatch-2.1a15/arpwatch.h 2006-12-11 13:00:55.000000000 +0300
+@@ -17,6 +17,7 @@
+ extern char *prog;
+
+ extern int nonewstations; /* Turns off new-station reporting. */
++extern int noreversedns; /* Turns off reverse-dns. */
+
+ #ifdef ETHER_HEADER_HAS_EA
+ #define ESRC(ep) ((ep)->ether_shost.ether_addr_octet)
+diff -Naur arpwatch-2.1a15.orig/dns.c arpwatch-2.1a15/dns.c
+--- arpwatch-2.1a15.orig/dns.c 2000-10-14 05:50:52.000000000 +0400
++++ arpwatch-2.1a15/dns.c 2006-12-11 13:01:07.000000000 +0300
+@@ -71,6 +71,8 @@
+ } querybuf;
+ #endif
+
++int noreversedns = 0;
++
+ int
+ gethinfo(register char *hostname, register char *cpu, register int cpulen,
+ register char *os, register int oslen)
+@@ -84,6 +86,9 @@
+ register int type, class, buflen, ancount, qdcount;
+ querybuf qbuf;
+
++ if (noreversedns)
++ return (0);
++
+ qb = &qbuf;
+ n = res_query(hostname, C_IN, T_HINFO, qb->buf, sizeof(qb->buf));
+ if (n < 0)
+@@ -144,6 +149,9 @@
+ register int32_t options;
+ register struct hostent *hp;
+
++ if (noreversedns)
++ return (intoa(a));
++
+ options = _res.options;
+ _res.options |= RES_AAONLY;
+ _res.options &= ~(RES_DEFNAMES | RES_DNSRCH);
diff --git a/main/arpwatch/21_all_arpwatch-2.1a15-pid-filename.patch b/main/arpwatch/21_all_arpwatch-2.1a15-pid-filename.patch
new file mode 100644
index 000000000000..af4d6ca51c75
--- /dev/null
+++ b/main/arpwatch/21_all_arpwatch-2.1a15-pid-filename.patch
@@ -0,0 +1,108 @@
+--- ./arpwatch.8.orig 2007-03-27 22:06:16.000000000 +0400
++++ ./arpwatch.8 2007-03-27 22:08:41.000000000 +0400
+@@ -88,6 +88,12 @@
+ .br
+ .ti +9
+ [
++.B -P
++.I pid_path
++]
++.br
++.ti +9
++[
+ .B -a
+ ]
+ .br
+@@ -204,6 +210,10 @@
+ YMMV. (This feature comes from Debian).
+ .LP
+ The
++.B -P
++flag is used to specify pid filename. Default is set to /var/run/arpwatch.pid.
++.LP
++The
+ .B -a
+ flag tells
+ .B arpwatch
+--- ./arpwatch.h.orig 2007-03-27 21:36:50.000000000 +0400
++++ ./arpwatch.h 2007-03-27 21:37:17.000000000 +0400
+@@ -1,6 +1,7 @@
+ /* @(#) $Id: arpwatch.h,v 1.29 2000/09/30 23:40:49 leres Exp $ (LBL) */
+
+ #define ARPFILE "arp.dat"
++#define PIDFILENAME "/var/run/arpwatch.pid"
+ /*#define ETHERCODES "ethercodes.dat" */
+ #define CHECKPOINT (15*60) /* Checkpoint time in seconds */
+
+--- ./arpwatch.c.orig 2007-03-27 21:31:18.000000000 +0400
++++ ./arpwatch.c 2007-03-27 22:04:15.000000000 +0400
+@@ -108,6 +108,8 @@
+
+ char *prog;
+ char *path_sendmail = PATH_SENDMAIL;
++char *pidname = PIDFILENAME;
++int nofork = 0;
+
+ int can_checkpoint;
+ int swapped;
+@@ -179,7 +181,6 @@
+ struct bpf_program code;
+ char errbuf[PCAP_ERRBUF_SIZE];
+ char* username = NULL;
+- int nofork = 0;
+ int restart = 0;
+ int restarting_loop = 0;
+ char options[] =
+@@ -194,6 +195,7 @@
+ "m:"
+ "s:"
+ "p"
++ "P:"
+ "a"
+ "u:"
+ "R:"
+@@ -202,6 +204,7 @@
+ "z:"
+ ;
+ char *tmpptr;
++ FILE *pidfile;
+
+ if (argv[0] == NULL)
+ prog = "arpwatch";
+@@ -274,6 +277,10 @@
+ ++nopromisc;
+ break;
+
++ case 'P':
++ pidname = optarg;
++ break;
++
+ case 'a':
+ ++allsubnets;
+ break;
+@@ -342,6 +349,15 @@
+ exit(1);
+ } else if (pid != 0)
+ exit(0);
++ pidfile = fopen(pidname, "w");
++ if(pidfile) {
++ int pid = (int)getpid();
++ fprintf(pidfile, "%d\n", pid);
++ fclose(pidfile);
++ syslog(LOG_INFO, "Wrote pid %d to %s", pid, pidname);
++ }
++ else
++ fprintf(stderr, "Couldn't write pid file\n");
+ }
+ (void)close(fileno(stdin));
+ (void)close(fileno(stdout));
+@@ -870,6 +886,9 @@
+ {
+
+ syslog(LOG_DEBUG, "exiting");
++ if (!debug && !nofork)
++ if(!unlink(pidname))
++ syslog(LOG_DEBUG, "unable to remove pid file %s", pidname);
+ checkpoint(0);
+ exit(1);
+ }
diff --git a/main/arpwatch/APKBUILD b/main/arpwatch/APKBUILD
index 662d958059f2..94c269db7f5f 100644
--- a/main/arpwatch/APKBUILD
+++ b/main/arpwatch/APKBUILD
@@ -2,18 +2,40 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=arpwatch
pkgver=2.1a15
-pkgrel=5
+pkgrel=6
pkgdesc="Ethernet monitoring program"
url="http://www-nrg.ee.lbl.gov/"
arch="all"
license="GPL"
depends=
+pkguser=arpwatch
makedepends="libpcap-dev"
-install=
+install="$pkgname.pre-install"
subpackages=""
source="ftp://ftp.ee.lbl.gov/$pkgname.tar.gz
arpwatch.confd
- arpwatch.initd"
+ arpwatch.initd
+ 01_all_arpwatch-2.1a15-manpages.patch
+ 02_all_arpwatch-2.1a15-srcdir.patch
+ 03_all_arpwatch-2.1a15-getopt.patch
+ 04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch
+ 05_all_arpwatch-2.1a15-promiscuous-mode.patch
+ 06_all_arpwatch-2.1a15-bogons-report.patch
+ 07_all_arpwatch-2.1a15-specify-mail.patch
+ 08_all_arpwatch-2.1a15-drop-priveleges.patch
+ 09_all_arpwatch-2.1a15-quite-mail.patch
+ 10_all_arpwatch-2.1a15-ignore-net.patch
+ 11_all_arpwatch-2.1a15-secure-tmp.patch
+ 12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch
+ 13_all_arpwatch-2.1a15-scripts-awk.patch
+ 14_all_arpwatch-2.1a15-paths-fix.patch
+ 15_all_arpwatch-2.1a15-fix-dead-lock.patch
+ 16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch
+ 17_all_arpwatch-2.1a15-restart.patch
+ 18_all_arpwatch-2.1a15-nofork.patch
+ 19_all_arpwatch-2.1a15-nonewstation.patch
+ 20_all_arpwatch-2.1a15-noreversedns-resolve.patch
+ 21_all_arpwatch-2.1a15-pid-filename.patch"
prepare() {
cd "$srcdir/$pkgname-$pkgver"
@@ -39,12 +61,82 @@ package() {
#install command wouldn't create directory ?
mkdir -p "$pkgdir"/usr/sbin/
make -j1 DESTDIR="$pkgdir" install
-
+ mkdir -p "$pkgdir"/var/lib/arpwatch
+ mkdir -p "$pkgdir"/var/run/arpwatch
+ chown arpuser "$pkgdir"/var/run/arpwatch
install -m755 -D "$srcdir"/$pkgname.initd "$pkgdir"/etc/init.d/$pkgname
install -m644 -D "$srcdir"/$pkgname.confd "$pkgdir"/etc/conf.d/$pkgname
-
}
md5sums="cebfeb99c4a7c2a6cee2564770415fe7 arpwatch.tar.gz
dc8300ce5f02d6be95899a2982397064 arpwatch.confd
-51ecada198c4f954ac4d5f5903198ebb arpwatch.initd"
+51ecada198c4f954ac4d5f5903198ebb arpwatch.initd
+05c30c8d960d6b87b2ffc9e414bb9e2d 01_all_arpwatch-2.1a15-manpages.patch
+7097d5d57a4a5897099230b5eb576dfd 02_all_arpwatch-2.1a15-srcdir.patch
+0fa77a4adc8421a95a6bcf424252efca 03_all_arpwatch-2.1a15-getopt.patch
+2ea549bd6b57994eb8564980f2c19eb4 04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch
+d5730ced07035ad493df64bedac59e4c 05_all_arpwatch-2.1a15-promiscuous-mode.patch
+fe051d4b54f7c6cd831bb2aadec445a7 06_all_arpwatch-2.1a15-bogons-report.patch
+c5b855635a9a6d0a484b70dbdc3448bc 07_all_arpwatch-2.1a15-specify-mail.patch
+93fa41c3efa98eb65c5a6f03b4185635 08_all_arpwatch-2.1a15-drop-priveleges.patch
+7fb44f7711cbbbdb32f9258675bb6845 09_all_arpwatch-2.1a15-quite-mail.patch
+b12be2993e6bf7944f8c313464827c3e 10_all_arpwatch-2.1a15-ignore-net.patch
+ea0755f853879d7807417d298cf16ca2 11_all_arpwatch-2.1a15-secure-tmp.patch
+c052ebf34654337fb71d3a7534e9eeac 12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch
+59e995e8897089276719eaf504121f6d 13_all_arpwatch-2.1a15-scripts-awk.patch
+da5e87b06bb5a12edc605f2cb6ef86f3 14_all_arpwatch-2.1a15-paths-fix.patch
+0aa0a10b9158101a56471397e5c0ab60 15_all_arpwatch-2.1a15-fix-dead-lock.patch
+9e033a8e9908974af9ed992bcacd4ea9 16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch
+152e16f44a419782b54c4d737098386b 17_all_arpwatch-2.1a15-restart.patch
+5adc4ee0193b99261be84105860a0771 18_all_arpwatch-2.1a15-nofork.patch
+132e80dadf4bc130df69930a691323dd 19_all_arpwatch-2.1a15-nonewstation.patch
+6214671686599ba7102371a2754a691f 20_all_arpwatch-2.1a15-noreversedns-resolve.patch
+4fae1ab6cb45dd81d50e9e7f474a1ad7 21_all_arpwatch-2.1a15-pid-filename.patch"
+sha256sums="c1df9737e208a96a61fa92ddad83f4b4d9be66f8992f3c917e9edf4b05ff5898 arpwatch.tar.gz
+8acc2840b75c2da57b8f2a99de83e21b908c94acec77485554c801e88b62cb66 arpwatch.confd
+a19419228b46da292947cc1a045c0fd57f3826b805c0ee35f3ff62725076acb4 arpwatch.initd
+ee2aad981f402321960e297ce84df2ca06dbc1e58b63e3d0b62678030efef26c 01_all_arpwatch-2.1a15-manpages.patch
+2053a486c2e2cb50ebaea1a3f677c0939ee80ae899e944940ea7ec8fbed67877 02_all_arpwatch-2.1a15-srcdir.patch
+33c5c469e0e3b2cd135f2246c1b1c558a01dbf8ccaa9120220177c2cda314b87 03_all_arpwatch-2.1a15-getopt.patch
+c35817ecfbfe3bb0a6f08f453a100435a8cc8ae3d9e8c59a613d39253281717b 04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch
+bd048ce3113b724d9384786002e218a221361d57c9484742348bb2c9219e5518 05_all_arpwatch-2.1a15-promiscuous-mode.patch
+c0cfe555a90e915e7d50a165a93cf27ab7f3a831eb912e9a40ead83f1b321595 06_all_arpwatch-2.1a15-bogons-report.patch
+1e59bd9dd872fb0fcfa1d95e00adbf9ac98848cb0b78d6ed3263b73ec088c61c 07_all_arpwatch-2.1a15-specify-mail.patch
+059c73eb408baa587854e1496bfb9c6ba2268950e9d1af787fe1527a7c3b99c6 08_all_arpwatch-2.1a15-drop-priveleges.patch
+eb5717eb4073bb236ad3cc5821b22036a5998382478b4a2c442867a5a9ab9e14 09_all_arpwatch-2.1a15-quite-mail.patch
+35da615a4e830bac2d7588b3d39968d7521424013e726d4c5a79aba0e1a7d152 10_all_arpwatch-2.1a15-ignore-net.patch
+319855bbaa23fc1b5312f766f2bcbc5edb69d156f5a77ab83cffe22b84e44d3e 11_all_arpwatch-2.1a15-secure-tmp.patch
+6e718eb5b98db216b21d630531fd3c574a0a6e4eebe160593cc8924cb0c686d9 12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch
+901442740ede2701b240bd25a1b7afbacf5cb8afd77b5c59fa0b4fd9d225a54c 13_all_arpwatch-2.1a15-scripts-awk.patch
+d7abb5df788b4d86fa8a92ac5c2a9495af0d17c343faa8bf7452957c5e19ae30 14_all_arpwatch-2.1a15-paths-fix.patch
+3996632264b656b7dce0bd4fb8ac9f8e25a3ecbc148a16cc00dced4b6e24d53e 15_all_arpwatch-2.1a15-fix-dead-lock.patch
+64520f39285838decddde166999763e2e0a53098d0f89f026629474f9bd902bc 16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch
+833bf93899bc236551679df149adc31e31c4338250dab8bbf98f13c479f316d6 17_all_arpwatch-2.1a15-restart.patch
+84537f795ed6f5766ee1a552d1e49ee2b5cf13668e64afa0ac11fef76b97ed08 18_all_arpwatch-2.1a15-nofork.patch
+f88728dbcf0adcc2104b294bd7bc8a52fceabf93baa4d7f1a7b63e28ac2dfad3 19_all_arpwatch-2.1a15-nonewstation.patch
+5c62aa5508da7bf061aa9629a9dab68ce945e68bafb24ab30c3cdea56f50c3a5 20_all_arpwatch-2.1a15-noreversedns-resolve.patch
+54811b365f379522306a36eabc89c3c83cd9ddaa9fc8acd2fea84cff442807b9 21_all_arpwatch-2.1a15-pid-filename.patch"
+sha512sums="f770b5b7954afe910dafb016e6e886a4e785564bcdc0ea0de9d7b1ca6a9a0b219a9d1b50b6f42a67afc2f836e782e8ff85ba5780583015d62c9694ac53f0bf90 arpwatch.tar.gz
+e1251f8aa860fc5e27c012d7abe7b879018f8d68eb75a71bdf2b6ac22b0c7697ee23a4dc17692394b07bb98a037bacaa24933acaa0d75d3d654e0c45e13cc996 arpwatch.confd
+8bb9818d72d1330220631c54a1802d8553a3c43e715ede6c88d44993cbae7c9d95585551a3d97f0fcf5f19ef2e93fb654ac756849b9d0783c19d91773e7f9dce arpwatch.initd
+969e956c4fd192d35ce4f23a1f1461eb94a28a8d1e18845d3b099f8833dece003105b415af0a51b4d50221ded4d7434a49bba0ef7f3cac71fda9317b5edeaac3 01_all_arpwatch-2.1a15-manpages.patch
+427a55b7599b8c897f1eae1b8f70b9eaa8e692636b666bf2a3a8703d8227c96e29cdcde8186ebcdcff63d902a919cde660ed6d02f9b5dc650ea9fe23afa44a5f 02_all_arpwatch-2.1a15-srcdir.patch
+04ab5ed5e1097901e80d70925936a2ecdb7e1d815b627cbfa246a15a4fb7cbca59b9be04840c694f71c0ff8e2f3201a6047b4fbbb9e62687e7d95ea29c5e6ae4 03_all_arpwatch-2.1a15-getopt.patch
+7b23ff5f15b98c7d4a2cca39597d2481d072a935f5021dea09be9735aaf54f9378957bf4548cbe004af13a340f0b0ee6c7db44d44cb3605b3d16fd3c08c06897 04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch
+b4b4ce55ec8b2dba7ce9f49eb77874d8ada26322174a9032176ce28f52edd11edf0fbf16f2a48d974b145fa3e8a10fbf7f1ae72169336d4ed219d41da18007eb 05_all_arpwatch-2.1a15-promiscuous-mode.patch
+3b637cbb8a969a43d737ce3a60c4213ed48db7c279cc4776632239d1bd70e150f88e3fee5f14367b1b9fc26a77f512fd5a6d361ce4303a9099ee3b2fb7cca28e 06_all_arpwatch-2.1a15-bogons-report.patch
+0a36a7dcb10870735065b50c5979933217f479c91c6749d4ebabacb666a6dd25c4a767094f215c72cbd9fffd5568a0d2dd16ab36446d2bb2d55595801854e0cd 07_all_arpwatch-2.1a15-specify-mail.patch
+254ac6d166014a49878bea82db26a61a944348633c81b361b2ab54cd959d7540695c2e96b97c666a2af654b0c30dc2eec56749da5cad8558be6d3cc813f76d31 08_all_arpwatch-2.1a15-drop-priveleges.patch
+87bac2fe654e51940d0a8f6ce4131aef8c2c5db10ec73c92c6a4384bb797666beb8d3180895712a2e602fa513daded362cb20f35815563da7ad9a4a6f053d19d 09_all_arpwatch-2.1a15-quite-mail.patch
+9f626f5d824c8706af7d5e53f0e5743a606c0ed0ef903f5f721457da6139a19bc39a3546d750d70f90f506d6f03ea7a37b1ff48aca35f49a9ffa702e16e8b6d3 10_all_arpwatch-2.1a15-ignore-net.patch
+1c9250346896353857904b43e867ffa5de21bfbe3aa03d8678b2844bb6ad8746ad587884c6b8abe479ddc0bc5fdcfee26c746932c947877862c08f532c1608ee 11_all_arpwatch-2.1a15-secure-tmp.patch
+5be13ab5b03ae5ffc1edc8b8657b6f903921c3ffe608ca9bd86a8b0c85f54e3114781bf2ef759b5bcf6e93a50cae55584c5054cb1f510423e7a9b052792829b2 12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch
+cc573ea3f4170be7ff711ad0d63d79802111828d7e913c2eca2e9276fc5f6958f55e2c39b61d885084558bf59f2d95a7c6e3f92f65ac0310ff66505ba4229a57 13_all_arpwatch-2.1a15-scripts-awk.patch
+456f3e42f64022cc9999efeaf4b8b7a759a9745e88ff059785ece43a85e2edc8bf56cee1b03c79f90fa9cbda6957cfec61eb40d1db4e03e214c03dcacf749103 14_all_arpwatch-2.1a15-paths-fix.patch
+e5145f3f8d7c921148af25844d354bdc83dc8a8fe2e392155147dea6c168000c2e30a69dce902002c82746d918757e107ac2a9389e52ef4b550fb4f26b285155 15_all_arpwatch-2.1a15-fix-dead-lock.patch
+e6f5571f8d4823c56f68ea13267f217cc60a9481cf08dfe632124593f8e3a49d3c7fb57c118490b126e2e37eed893470c6b92a079e680b0a03b6d0ffbb10e896 16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch
+76c971bd8ce3aec9a6e72f6192ff7f77a5a4b054fad9db4ed29344b0a9b76e07b188ac78b3de654e82de7276ddc877a7f9bbd4f90dd74454a08fd7a5fd2f379c 17_all_arpwatch-2.1a15-restart.patch
+91f01db73b7979464db9e0616cfc2a19c950c65f1409342220e1c6e7b22716827b681cb03ede88644e67d81efc38af32a1fd372151474e9b917abb9e13cdafdd 18_all_arpwatch-2.1a15-nofork.patch
+5322d2ea02f300d2be2cd17fdf7154cfd6e775376d56c9ad4bdc520196b533060d6602ebb7a02bb1b4088afccb6c843ead3d01b9e0928125fadcdd4d1efadc88 19_all_arpwatch-2.1a15-nonewstation.patch
+fd7231744f8025dbcc0bec65ffc02933e0d14717a824187a955a55509316f8667b11bcc4efe847a5002519337b3cc8e778e216ebbb5ad2af504021ea61df4380 20_all_arpwatch-2.1a15-noreversedns-resolve.patch
+11da1ec9cce70f2f9fb0657e3bbc2ca9cbad68a292205dfb01effd15643f0aeb693f544f2f8d308b7c3a4901de0a0f91e33676e40cb39dda2314e11097c1eae3 21_all_arpwatch-2.1a15-pid-filename.patch"
diff --git a/main/arpwatch/arpwatch.pre-install b/main/arpwatch/arpwatch.pre-install
new file mode 100644
index 000000000000..2326b23b4ee4
--- /dev/null
+++ b/main/arpwatch/arpwatch.pre-install
@@ -0,0 +1,4 @@
+#!/bin/sh
+adduser -S -H -s /bin/false -D arpwatch 2>/dev/null
+exit 0
+
--
GitLab