arpsnmp man page

arpsnmp — keep track of ethernet/ip address pairings

Synopsis

arpsnmp [ -d ] [ -f datafile ] [ -e username ] [ -s username ] file [ ... ]

Description

Arpsnmp keeps track for ethernet/ip address pairings. It syslogs activity and reports certain changes via email. Arpsnmp reads information from a file (usually generated by snmpwalk(1)).

The -d flag is used enable debugging. This also inhibits mailing the reports. Instead, they are sent to stderr.

The -f flag is used to set the ethernet/ip address database filename. The default is arp.dat.

Note that an empty arp.dat file must be created before the first time you run arpsnmp.

If the -e flag is used, arpsnmp sends e-mail messages to username rather than the default (root). If a single `-' character is given for the username, sending of e-mail is suppressed, but logging via syslog is still done as usual. (This can be useful during initial runs, to collect data without being flooded with messages about new stations.)

If the -s flag is used, arpsnmp sends e-mail messages with username as the return address, rather than the default (root).

Report Messages

(See the arpwatch(8) man page for details on the report messages generated by arpsnmp(8).)

Files

/var/lib/arpwatch - default directory
arp.dat - ethernet/ip address database
ethercodes.dat - vendor ethernet block list

See Also

arpwatch(8), snmpwalk(1), arp(8)

Authors

Craig Leres of the Lawrence Berkeley National Laboratory Network Research Group, University of California, Berkeley, CA.

The current version is available via anonymous ftp:

ftp://ftp.ee.lbl.gov/arpwatch.tar.gz

Bugs

Please send bug reports to arpwatch@ee.lbl.gov.

Attempts are made to suppress DECnet flip flops but they aren't always successful.

Referenced By

arpwatch(8), massagevendor(8).

17 September 2000