1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
$Id$
--- arpd.orig/arpd.c 2003-02-09 05:20:40.000000000 +0100
+++ arpd/arpd.c 2007-01-21 00:39:05.000000000 +0100
@@ -70,7 +70,7 @@ static int arpd_sig;
static void
usage(void)
{
- fprintf(stderr, "Usage: arpd [-d] [-i interface] [net]\n");
+ fprintf(stderr, "Usage: arpd [-d] [-i interface] [-a 'pcap_expr'] [{host|net|range} ...]\n");
exit(1);
}
@@ -182,7 +182,7 @@ arpd_expandips(int naddresses, char **ad
}
static void
-arpd_init(char *dev, int naddresses, char **addresses)
+arpd_init(char *dev, char *and_pcap_exp, int naddresses, char **addresses)
{
struct bpf_program fcode;
char filter[1024], ebuf[PCAP_ERRBUF_SIZE], *dst;
@@ -214,9 +214,13 @@ arpd_init(char *dev, int naddresses, cha
errx(1, "bad interface configuration: not IP or Ethernet");
arpd_ifent.intf_addr.addr_bits = IP_ADDR_BITS;
- snprintf(filter, sizeof(filter), "arp %s%s%s and not ether src %s",
+ snprintf(filter, sizeof(filter), "arp %s%s%s and not ether src %s%s%s%s",
dst ? "and (" : "", dst ? dst : "", dst ? ")" : "",
- addr_ntoa(&arpd_ifent.intf_link_addr));
+ addr_ntoa(&arpd_ifent.intf_link_addr),
+ and_pcap_exp ? " and (" : "",
+ and_pcap_exp ? and_pcap_exp : "",
+ and_pcap_exp ? ")" : ""
+ );
if ((arpd_pcap = pcap_open_live(dev, 128, 0, 500, ebuf)) == NULL)
errx(1, "pcap_open_live: %s", ebuf);
@@ -265,7 +269,7 @@ arpd_send(eth_t *eth, int op,
spa->addr_ip, tha->addr_eth, tpa->addr_ip);
if (op == ARP_OP_REQUEST) {
- syslog(LOG_DEBUG, __FUNCTION__ ": who-has %s tell %s",
+ syslog(LOG_DEBUG, "%s: who-has %s tell %s", __FUNCTION__,
addr_ntoa(tpa), addr_ntoa(spa));
} else if (op == ARP_OP_REPLY) {
syslog(LOG_INFO, "arp reply %s is-at %s",
@@ -282,7 +286,7 @@ arpd_lookup(struct addr *addr)
int error;
if (addr_cmp(addr, &arpd_ifent.intf_addr) == 0) {
- syslog(LOG_DEBUG, __FUNCTION__ ": %s at %s",
+ syslog(LOG_DEBUG, "%s: %s at %s", __FUNCTION__,
addr_ntoa(addr), addr_ntoa(&arpd_ifent.intf_link_addr));
return (0);
}
@@ -291,10 +295,10 @@ arpd_lookup(struct addr *addr)
error = arp_get(arpd_arp, &arpent);
if (error == -1) {
- syslog(LOG_DEBUG, __FUNCTION__ ": no entry for %s",
+ syslog(LOG_DEBUG, "%s: no entry for %s", __FUNCTION__,
addr_ntoa(addr));
} else {
- syslog(LOG_DEBUG, __FUNCTION__ ": %s at %s",
+ syslog(LOG_DEBUG, "%s: %s at %s", __FUNCTION__,
addr_ntoa(addr), addr_ntoa(&arpent.arp_ha));
}
return (error);
@@ -423,7 +427,7 @@ arpd_recv_cb(u_char *u, const struct pca
if ((req = SPLAY_FIND(tree, &arpd_reqs, &tmp)) != NULL) {
addr_pack(&src.arp_ha, ADDR_TYPE_ETH, ETH_ADDR_BITS,
ethip->ar_sha, ETH_ADDR_LEN);
- syslog(LOG_DEBUG, __FUNCTION__ ": %s at %s",
+ syslog(LOG_DEBUG, "%s: %s at %s", __FUNCTION__,
addr_ntoa(&req->pa), addr_ntoa(&src.arp_ha));
/* This address is claimed */
@@ -465,14 +469,14 @@ main(int argc, char *argv[])
{
struct event recv_ev;
extern int (*event_sigcb)(void);
- char *dev;
+ char *dev, *and_pcap_exp;
int c, debug;
FILE *fp;
dev = NULL;
debug = 0;
- while ((c = getopt(argc, argv, "di:h?")) != -1) {
+ while ((c = getopt(argc, argv, "a:di:h?")) != -1) {
switch (c) {
case 'd':
debug = 1;
@@ -480,6 +484,9 @@ main(int argc, char *argv[])
case 'i':
dev = optarg;
break;
+ case 'a':
+ and_pcap_exp = optarg;
+ break;
default:
usage();
break;
@@ -489,9 +496,9 @@ main(int argc, char *argv[])
argv += optind;
if (argc == 0)
- arpd_init(dev, 0, NULL);
+ arpd_init(dev, and_pcap_exp, 0, NULL);
else
- arpd_init(dev, argc, argv);
+ arpd_init(dev, and_pcap_exp, argc, argv);
if ((fp = fopen(PIDFILE, "w")) == NULL)
err(1, "fopen");
|
