Project

General

Profile

Feature #10547

Add package addrwatch. Addrwatch is like arpwatch but works with ipv4 and ipv6

Added by Rick Coats 5 months ago. Updated 5 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
New Package Request
Target version:
-
Start date:
05/10/2020
Due date:
% Done:

0%

Estimated time:

Description

From the developer website:

This is a tool similar to arpwatch. It main purpose is to monitor network and log discovered ethernet/ip pairings.

Main features of addrwatch:

IPv4 and IPv6 address monitoring
Monitoring multiple network interfaces with one daemon
Monitoring of VLAN tagged (802.1Q) packets.
Output to stdout, plain text file, syslog, sqlite3 db, MySQL db
IP address usage history preserving output/logging
Addrwatch is extremely useful in networks with IPv6 autoconfiguration (RFC4862) enabled. It allows to track IPv6 addresses of hosts using IPv6 privacy extensions (RFC4941).

It has already been added as a package to the FreeBSD Ports
https://github.com/pfsense/FreeBSD-ports/tree/devel/net/addrwatch

Example system log entries generated by addrwatch installed on a FreeBSD 11.3 system(cleaned up ipv6):

addrwatch 1589156272 hn0 0 e0:33:8e:28:a1:95 10.23.30.240 ARP_REQ
addrwatch 1589156274 hn0 0 02:15:5d:0a:0a:03 10.23.30.117 ARP_REP
addrwatch 1589156331 hn0 0 02:15:5d:0a:0a:03 fe80::15:5dff:fe0a:a03 ND_NS
addrwatch 1589156349 hn0 0 e0:33:8e:28:a1:95 fe80::18cf:72c4:e997:8617 ND_DAD
addrwatch 1589156350 hn0 0 d0:03:4b:01:4a:4d fe80::20:b2d3:f1eb:443b ND_NS
addrwatch 1589156350 hn0 0 44:61:32:ca:4d:d6 fe80::4661:32ff:feca:4dd6 ND_NS
addrwatch 1589156350 hn0 0 44:61:32:68:e4:07 fe80::4661:32ff:fe68:e407 ND_NS
addrwatch 1589156350 hn0 0 e0:33:8e:28:a1:95 2605:xxxx:xxxx:xxxx:xxxx:d8b0:c2bf:1f4a ND_DAD
addrwatch 1589156350 hn0 0 e0:33:8e:28:a1:95 2605:xxxx:xxxx:xxxx:xxxx:9676:d3b1:dd7b ND_DAD
addrwatch 1589156350 hn0 0 02:15:5d:ff:2b:0b fe80::1:1 ND_NS
addrwatch 1589156377 hn0 0 64:52:99:23:65:9b 10.23.30.40 ARP_REQ
addrwatch 1589156379 hn0 0 02:15:5d:ff:2b:0b 2605:xxxx:xxxx:xxxx:xxxx:5dff:feff:2b0b ND_NS
addrwatch 1589156380 hn0 0 e0:33:8e:28:a1:95 10.23.30.240 ARP_REQ

Developer: WWW: https://github.com/fln/addrwatch

History

#1 Updated by Jim Pingle 5 months ago

  • Target version deleted (2.5.0)

Also available in: Atom PDF