arpsnmp man page
arpsnmp — keep track of ethernet/ip address pairings
arpsnmp [ -d ] [ -f datafile ] [ -e username ] [ -s username ] file [ ... ]
Arpsnmp keeps track for ethernet/ip address pairings. It syslogs activity and reports certain changes via email. Arpsnmp reads information from a file (usually generated by snmpwalk(1)).
The -d flag is used enable debugging. This also inhibits mailing the reports. Instead, they are sent to stderr.
The -f flag is used to set the ethernet/ip address database filename. The default is arp.dat.
Note that an empty arp.dat file must be created before the first time you run arpsnmp.
If the -e flag is used, arpsnmp sends e-mail messages to username rather than the default (root). If a single `-' character is given for the username, sending of e-mail is suppressed, but logging via syslog is still done as usual. (This can be useful during initial runs, to collect data without being flooded with messages about new stations.)
If the -s flag is used, arpsnmp sends e-mail messages with username as the return address, rather than the default (root).
(See the arpwatch(8) man page for details on the report messages generated by arpsnmp(8).)
/var/lib/arpwatch - default directory arp.dat - ethernet/ip address database ethercodes.dat - vendor ethernet block list
arpwatch(8), snmpwalk(1), arp(8)
Craig Leres of the Lawrence Berkeley National Laboratory Network Research Group, University of California, Berkeley, CA.
The current version is available via anonymous ftp:
Please send bug reports to email@example.com.
Attempts are made to suppress DECnet flip flops but they aren't always successful.