Bug#634262: ITP: arpwatch-ng -- Ethernet/FDDI station activity monitor, based on arpwatch
Hi there, Michael
Michael Tautschnig wrote:
> 1. Quoting Aníbal from the message the URL of which you gave above:
> "Yes, I've been aware of arpwatch-ng and was thinking about changing
> arpwatch upstream soruce to arpwatch-ng's."
> Why isn't this approach being pursued?
Because he has had three NMU's, his last upload was on 2004 and I have
got no reply from him since I pinged him and Anibal about a month ago.
I just don't want to step on his toes. It would be a takeover, and he
just asked to be in the Uploaders field for arpwatch-ng.
> 2. The description a) seems to indicate that arpwatch-ng just has a few 64bit
> patches that were best integrated into arpwatch anyhow; b) makes me simply
> wonder what "improving" means, as I'm running it on 64bit systems just fine!?
There's other improvements however, and quite some, just look at
http://freequaos.host.sk/arpwatch/ (pasting changelog here for completeness on
the BTS):
arpwatch NG 1.7:
update autoconf system to support x86_64 better [UPDATED]
arpwatch NG 1.6:
use a central report function table to ease customization [FIXED]
minor cleanups and updates [FIXED]
arpwatch NG 1.5:
try to report error on startup better _ arp.dat _ ethercodes.dat [FIXED]
arpwatch NG 1.4:
try to report _all anomalities via the report function _not syslog [FIXED]
mode 2 _ make action list parseable [FIXED]
further static'fy local functions in arpwatch.c [FIXED]
ethercodes updated from nmap-4.11 and removed old ones [UPDATED]
arpwatch NG 1.2:
on make install also install man-pages [FIXED]
ethercodes updated from nmap-4.00 [UPDATED]
arpwatch NG 1.1:
allow for attaching pcap / tcpdump_style filters [ADDED]
improve and update man-page [FIXED]
arpwatch NG 1.0:
allow getopt() to complain about unknown options [FIXED]
rework help output and send to stdout, not stderr [FIXED]
previous versions _ all changes included in NG 1.0 _
DROP1:
code was in bad and old shape [FIXED]
ethercodes were old - updated from NMAP [FIXED]
DROP2:
reporting to stdout added [ADDED]
ethercodes updated from nmap-3.81 [UPDATED]
DROP3:
report using raw mode _ so later filters can change output as they like _ [ADDED]
close stdin _ stdout _ stderr in daemon again [FIXED]
clean up reporting subsystem [FIXED]
DROP4:
compile fix for arpwatch.c [FIXED]
segfault fix for report.c -> arpwatch.c: uninitialized function pointer [FIXED]
include overflow security fix [FIXED]
DROP4.1:
compile fix for NON-GNU systems: strndup() missing [ADDED]
DROP5:
rewrite make install target [FIXED]
remove #ifdef DEBUG altogether [FIXED]
simplify initialization code in arpwatch.c [FIXED]
DROP6:
apply lots of vendor patches from debian [MERGED]
eg continue on unconfigured interface, option -p for non-promiscous mode, ... - see changelog
misc fixes [FIXED]
DROP7:
more debian patches [MERGED]
drop privileges to user _ specify sendmail-prog _ mail-to option
minor security fix for replacement strndup() [FIXED]
DROP8:
added fancy mac adress printing [ADDED]
DROP9:
ethercodes updated from nmap-3.83 [UPDATED]
add -F as mail_from option [ADDED]
shorten checkpoint time of arp db [FIXED]
also try mktemp in mkdep script [FIXED]
DROP10:
fix bug: arp.dat was not checkpointed or updated while running [FIXED]
Not only 64bits users will benefit from these changes. And yes, I do have
hundreds of installs on 64bits that do segfault with vanilla arpwatch, so I can
confirm it does.
In short, I don't care that much about how to fix this, but I want it fixed and
without getting in arpwatch's maintainer's way.
--
.''`. Ex nihilo nihil fit
: :' :
`. `'
`- Proudly running Debian GNU/Linux
Reply to: