updated patches / init.d script / config file

8 files changed, 1273 insertions, 167 deletions

diff --git a/net-analyzer/arpwatch/ChangeLog b/net-analyzer/arpwatch/ChangeLog
index 6e5ff9ac3de9..fb8b5470ee1f 100644
--- a/net-analyzer/arpwatch/ChangeLog
+++ b/net-analyzer/arpwatch/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for net-analyzer/arpwatch
 # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/arpwatch/ChangeLog,v 1.4 2003/02/15 07:35:13 gerk Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/arpwatch/ChangeLog,v 1.5 2003/08/06 14:15:35 lanius Exp $
+
+  06 Aug 2003; lanius <lanius@gentoo.org> files/arpwatch.confd,
+  files/arpwatch.init:
+  addded debian/redhat patches, added config file
 
 *arpwatch-2.1.11 (08 Jan 2003)
 
@@ -9,5 +13,5 @@
 
   08 Jan 2003; Martin Holzer <mholzer@gentoo.org> arpwatch-2.1.11.ebuild files/arpwatch-2.1.11-gentoo.diff files/arpwatch.init files/digest-arpwatch-2.1.11 ChangeLog :
 
-  Added initial version. Submitted by asen@warlock.ru in #13484. 
+  Added initial version. Submitted by asen@warlock.ru in #13483. 
 
diff --git a/net-analyzer/arpwatch/Manifest b/net-analyzer/arpwatch/Manifest
index cd153b54958c..3a138c27454e 100644
--- a/net-analyzer/arpwatch/Manifest
+++ b/net-analyzer/arpwatch/Manifest
@@ -1,7 +1,7 @@
-MD5 35b9dc0e5f046c95fc998199ddb4d810 arpwatch-2.1.11-r1.ebuild 1492
-MD5 d49fcaea901d9517e1b4acd9626ba4cb ChangeLog 724
+MD5 9b75b2b3a81af0a52ceb3094fdbac4bc arpwatch-2.1.11-r1.ebuild 1491
+MD5 bbd5aca7b1b53dc0c9771e35e697c5af ChangeLog 725
 MD5 503ccb1138f9c49f0855884d830988a6 metadata.xml 253
-MD5 3ca4e2f3b4ef69ac6a2bd96267bbb1a6 files/arpwatch-2.1.11-gentoo.diff 29151
+MD5 415b0df73887f021740c60dba1d47e6c files/arpwatch-2.1.11-gentoo.diff 29378
 MD5 6d77d35ffc64dc4cba17ef3e2093d067 files/digest-arpwatch-2.1.11-r1 67
 MD5 e2b8fb77ed42d85c3c9f5576964c7e74 files/arpwatch.confd 124
 MD5 53aaa06cdea752477c45932289293b54 files/arpwatch.init 554
diff --git a/net-analyzer/arpwatch/arpwatch-2.1.11.ebuild b/net-analyzer/arpwatch/arpwatch-2.1.11-r1.ebuild
index 77d2302703c4..f3171163c98b 100644
--- a/net-analyzer/arpwatch/arpwatch-2.1.11.ebuild
+++ b/net-analyzer/arpwatch/arpwatch-2.1.11-r1.ebuild
@@ -1,11 +1,11 @@
 # Copyright 1999-2003 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License, v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/arpwatch/arpwatch-2.1.11.ebuild,v 1.4 2003/07/13 11:30:10 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/arpwatch/arpwatch-2.1.11-r1.ebuild,v 1.1 2003/08/06 14:15:35 lanius Exp $
 
-P=arpwatch-2.1a11
-S=${WORKDIR}/$P
+MY_P=arpwatch-2.1a11
+S=${WORKDIR}/$MY_P
 DESCRIPTION="An ethernet monitor program that keeps track of ethernet/ip address pairings"
-SRC_URI="ftp://ftp.ee.lbl.gov/${P}.tar.gz"
+SRC_URI="ftp://ftp.ee.lbl.gov/${MY_P}.tar.gz"
 HOMEPAGE="http://www-nrg.ee.lbl.gov/"
 LICENSE="BSD"
 SLOT="0"
@@ -18,7 +18,8 @@ DEPEND="net-libs/libpcap
 src_unpack() {
 	unpack $A
 	cd ${S}
-	patch -p0 < ${FILESDIR}/${PF}-gentoo.diff
+	einfo "Patching arpwatch with debian and redhat patches"
+	patch -s < ${FILESDIR}/${P}-gentoo.diff
 }
 
 src_compile() {
@@ -32,15 +33,30 @@ src_compile() {
 }
 
 src_install () {
-	dodir /usr/sbin /etc /var /var/arpwatch /etc /etc/init.d
+	dodir /var/arpwatch /usr/sbin
 	keepdir /var/arpwatch
+
 	make DESTDIR=${D} install || die
+
+	doman *.8
+
+	exeinto /var/arpwatch
+	doexe arp2ethers arpfetch bihourly massagevendor massagevendor-old
+	
+	insinto /var/arpwatch
+	doins d.awk duplicates.awk e.awk euppertolower.awk p.awk
+
+	insinto /usr/share/arpwatch
+	doins ethercodes.dat
+	
+	dodoc README CHANGES
     exeinto /etc/init.d ; newexe ${FILESDIR}/arpwatch.init arpwatch
+
+	insinto /etc/conf.d
+	newins ${FILESDIR}/arpwatch.confd arpwatch
 	
 }
 pkg_postinst() {
 	ewarn "NOTE: if you want to run arpwatch on boot then execute"
 	ewarn "      rc-update add arpwatch default                  "
 }
-
-
diff --git a/net-analyzer/arpwatch/files/arpwatch-2.1.11-gentoo.diff b/net-analyzer/arpwatch/files/arpwatch-2.1.11-gentoo.diff
index f6e488de1a81..2aaa848a6ad3 100644
--- a/net-analyzer/arpwatch/files/arpwatch-2.1.11-gentoo.diff
+++ b/net-analyzer/arpwatch/files/arpwatch-2.1.11-gentoo.diff
@@ -1,204 +1,1270 @@
---- Makefile.in.orig	Wed Jul 29 06:16:45 1998
-+++ Makefile.in	Fri Aug 21 10:57:51 1998
-@@ -109,8 +109,8 @@
- 	$(CC) $(CFLAGS) -o $@ zap.o intoa.o -lutil
- 
- install: force
--	$(INSTALL) -m 555 -o bin -g bin arpwatch $(DESTDIR)$(BINDEST)
--	$(INSTALL) -m 555 -o bin -g bin arpsnmp $(DESTDIR)$(BINDEST)
-+	$(INSTALL) -s -m 555 -o bin -g bin arpwatch $(DESTDIR)$(BINDEST)
-+	$(INSTALL) -s -m 555 -o bin -g bin arpsnmp $(DESTDIR)$(BINDEST)
- 
- install-man: force
- 	$(INSTALL) -m 444 -o bin -g bin $(srcdir)/arpwatch.8 \
---- ethercodes.dat.orig	Tue Mar 21 02:37:05 2000
-+++ ethercodes.dat	Thu Sep 14 11:18:09 2000
-@@ -897,3 +897,5 @@
- c0:0:0	Western Digital (may be reversed 00 00 C0?)
- e2:c:f	Kingston Technologies
- ec:10:0	Enance Source Co., Ltd.	PC clones(?)
-+0:bd:11	VMWare Inc
-+0:bd:fb	VMWare Inc
---- arpwatch.c.orig	Thu Feb 22 22:47:29 2001
-+++ arpwatch.c	Thu Feb 22 22:47:29 2001
-@@ -107,6 +107,8 @@
+Index: arpwatch/Makefile.in
+diff -u arpwatch/Makefile.in:1.1.1.1 arpwatch/Makefile.in:1.1.1.1.10.1
+--- Makefile.in:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ Makefile.in	Tue Apr 17 13:53:29 2001
+@@ -31,7 +31,8 @@
+ # Pathname of directory to install the man page
+ MANDEST = @mandir@
+ # Pathname of directory to install database file
+-ARPDIR = $(prefix)/arpwatch
++ARPDIR = /var/lib/arpwatch
++ETHERCODES = /usr/share/arpwatch/ethercodes.dat
  
- char *prog;
+ # VPATH
+ srcdir = @srcdir@
+@@ -45,7 +46,8 @@
+ PROG = arpwatch
+ CCOPT = @V_CCOPT@
+ INCLS = -I. @V_INCLS@
+-DEFS = -DDEBUG @DEFS@ -DARPDIR=\"$(ARPDIR)\" -DPATH_SENDMAIL=\"$(SENDMAIL)\"
++DEFS = -DDEBUG @DEFS@ -DARPDIR=\"$(ARPDIR)\" -DPATH_SENDMAIL=\"$(SENDMAIL)\" \
++	-DETHERCODES=\"$(ETHERCODES)\"
+ 
+ # Standard CFLAGS
+ CFLAGS = $(CCOPT) $(DEFS) $(INCLS)
+Index: arpwatch/arpsnmp.8
+diff -u arpwatch/arpsnmp.8:1.1.1.1 arpwatch/arpsnmp.8:1.1.1.1.10.1
+--- arpsnmp.8:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpsnmp.8	Tue Apr 17 13:53:29 2001
+@@ -1,4 +1,4 @@
+-.\" @(#) $Id: arpwatch-2.1.11-gentoo.diff,v 1.2 2003/08/06 14:15:35 lanius Exp $ (LBL)
++.\" @(#) $Id: arpwatch-2.1.11-gentoo.diff,v 1.2 2003/08/06 14:15:35 lanius Exp $ (LBL)
+ .\"
+ .\" Copyright (c) 1996, 1997, 1999, 2000
+ .\"	The Regents of the University of California.  All rights reserved.
+@@ -69,9 +69,9 @@
+ .na
+ .nh
+ .nf
+-/usr/operator/arpwatch - default directory
++/var/lib/arpwatch - default directory
+ arp.dat - ethernet/ip address database
+-ethercodes.dat - vendor ethernet block list
++/usr/share/arpwatch/ethercodes.dat - vendor ethernet block list
+ .ad
+ .hy
+ .fi
+Index: arpwatch/arpwatch.8
+diff -u arpwatch/arpwatch.8:1.1.1.1 arpwatch/arpwatch.8:1.1.1.1.10.1
+--- arpwatch.8:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpwatch.8	Tue Apr 17 13:53:29 2001
+@@ -1,4 +1,4 @@
+-.\" @(#) $Id: arpwatch-2.1.11-gentoo.diff,v 1.2 2003/08/06 14:15:35 lanius Exp $ (LBL)
++.\" @(#) $Id: arpwatch-2.1.11-gentoo.diff,v 1.2 2003/08/06 14:15:35 lanius Exp $ (LBL)
+ .\"
+ .\" Copyright (c) 1992, 1994, 1996, 1997, 2000
+ .\"	The Regents of the University of California.  All rights reserved.
+@@ -152,9 +152,9 @@
+ .na
+ .nh
+ .nf
+-/usr/operator/arpwatch - default directory
++/var/lib/arpwatch - default directory
+ arp.dat - ethernet/ip address database
+-ethercodes.dat - vendor ethernet block list
++/usr/share/arpwatch/ethercodes.dat - vendor ethernet block list
+ .ad
+ .hy
+ .fi
+Index: arpwatch/arpwatch.h
+diff -u arpwatch/arpwatch.h:1.1.1.1 arpwatch/arpwatch.h:1.1.1.1.10.1
+--- arpwatch.h:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpwatch.h	Tue Apr 17 13:53:29 2001
+@@ -1,7 +1,7 @@
+ /* @(#) $Id: arpwatch-2.1.11-gentoo.diff,v 1.2 2003/08/06 14:15:35 lanius Exp $ (LBL) */
  
-+char *Watcher = NULL;
+ #define ARPFILE "arp.dat"
+-#define ETHERCODES "ethercodes.dat"
++/* #define ETHERCODES "ethercodes.dat" */
+ #define CHECKPOINT (15*60)		/* Checkpoint time in seconds */
+ 
+ #define MEMCMP(a, b, n) memcmp((char *)a, (char *)b, n)
+Index: arpwatch/bihourly
+diff -u arpwatch/bihourly:1.1.1.1 arpwatch/bihourly:1.1.1.1.10.1
+--- bihourly:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ bihourly	Tue Apr 17 13:53:29 2001
+@@ -6,7 +6,7 @@
+ PATH=$PATH:/usr/local/sbin
+ export PATH
+ #
+-cd /usr/operator/arpwatch
++cd /var/lib/arpwatch
+ #
+ list=`cat list`
+ cname=`cat cname`
+@@ -14,7 +14,7 @@
+ #
+ alist=""
+ for r in $list; do \
+-	./arpfetch $r $cname > $r 2> $errs
++	arpfetch $r $cname > $r 2> $errs
+ 	if test -s $errs; then
+ 		echo "arpfetch $r failed:"
+ 		sed -e 's/^/    /' $errs
+Index: arpwatch/arp2ethers.8
+diff -u /dev/null arpwatch/arp2ethers.8:1.1.2.2
+--- /dev/null	Fri Oct 26 17:37:30 2001
++++ arp2ethers.8	Tue Apr 17 14:12:51 2001
+@@ -0,0 +1,56 @@
++.TH ARP2ETHERS 8
++.SH NAME
++arp2ethers \- convert arpwatch address database to ethers file format
++.SH SYNOPSIS
++.na
++.B arp2ethers
++.ad
++.SH "DESCRIPTION"
++.B arp2ethers
++converts a file named
++.IR arp.dat
++in the current working directory into
++.BR ethers(5)
++format on
++.IR stdout .
++Usually
++.IR arp.dat
++is an ethernet/ip database file generated by
++.BR arpwatch(8) .
++.SH FILES
++.na
++.nh
++.nf
++/var/lib/arpwatch - default directory for arp.dat
++arp.dat - ethernet/ip address database
++.ad
++.hy
++.fi
++.SH "SEE ALSO"
++.na
++.nh
++.BR arpwatch (8),
++.BR ethers (5),
++.BR rarp (8),
++.BR arp (8),
++.ad
++.hy
++.SH BUGS
++Please send bug reports to arpwatch@ee.lbl.gov.
++.SH AUTHORS
++.LP
++Original version by Craig Leres of the Lawrence Berkeley
++National Laboratory Network Research Group, University of
++California, Berkeley, CA.
++.LP
++Modified for the Debian Project by Peter Kelemen, with
++additions from Erik Warmelink.
++.LP
++The current version is available via anonymous ftp:
++.LP
++.RS
++.I ftp://ftp.ee.lbl.gov/arpwatch.tar.gz
++.RE
++.LP
++This manual page was contributed by Hugo Graumann.
 +
- int can_checkpoint;
- int swapped;
- int nobogons;
-@@ -170,7 +172,7 @@
+Index: arpwatch/arpfetch.8
+diff -u /dev/null arpwatch/arpfetch.8:1.1.2.2
+--- /dev/null	Fri Oct 26 17:37:30 2001
++++ arpfetch.8	Tue Apr 17 14:12:51 2001
+@@ -0,0 +1,63 @@
++.TH ARPFETCH 8
++.SH NAME
++arpfetch \- obtain ethernet/ip address pairings via snmp
++.SH SYNOPSIS
++.na
++arpfetch
++.I host
++.I cname
++.SH "DESCRIPTION"
++.B arpfetch
++gets pairings between ip addresses and the ethernet address of the
++corresponding network card. These pairings are retrieved from other
++network entities, like routers, by the SNMP protocol using
++.BR snmpwalk(1) .
++Mostly, this program is an agent that
++is used to get data for
++.BR arpsnmp(8) .
++This fetching of address mappings can be further automated by use of
++.BR bihourly(8) .
++.LP
++Both command arguments must be present for proper operation.
++The
++.IR host
++argument is the hostname of the network entity being queried and the
++.IR cname
++argument is the SNMP community name of the network entity.
++.LP
++The information is presented on
++.IR stdout
++in a format compatible with
++.BR arpsnmp(8)
++and
++.BR arpwatch(8) .
++.LP
++Further information about SNMP can be found in
++.BR snmpcmd(1)
++and
++.BR variables(5) .
++.SH "SEE ALSO"
++.na
++.nh
++.BR arpsnmp (8),
++.BR arpwatch(8),
++.BR bihourly (8),
++.BR snmpwalk (1),
++.BR snmpcmd (1),
++.BR variables (5)
++.ad
++.hy
++.SH BUGS
++Please send bug reports to arpwatch@ee.lbl.gov.
++.SH AUTHORS
++Craig Leres of the
++Lawrence Berkeley National Laboratory Network Research Group,
++University of California, Berkeley, CA.
++.LP
++The current version is available via anonymous ftp:
++.LP
++.RS
++.I ftp://ftp.ee.lbl.gov/arpwatch.tar.gz
++.RE
++.LP
++This manual page was contributed by Hugo Graumann.
+Index: arpwatch/arpsnmp.8
+diff -u arpwatch/arpsnmp.8:1.1.1.1 arpwatch/arpsnmp.8:1.1.1.1.16.2
+--- arpsnmp.8:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpsnmp.8	Tue Apr 17 14:53:57 2001
+@@ -22,7 +22,7 @@
+ .TH ARPSNMP 8 "17 September 2000"
+ .UC 4
+ .SH NAME
+-arpsnmp - keep track of ethernet/ip address pairings
++arpsnmp \- keep track of ethernet/ip address pairings
+ .SH SYNOPSIS
+ .B arpsnmp
+ [
+Index: arpwatch/arpwatch.8
+diff -u arpwatch/arpwatch.8:1.1.1.1 arpwatch/arpwatch.8:1.1.1.1.16.2
+--- arpwatch.8:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpwatch.8	Tue Apr 17 14:53:57 2001
+@@ -22,7 +22,7 @@
+ .TH ARPWATCH 8 "8 October 2000"
+ .UC 4
+ .SH NAME
+-arpwatch - keep track of ethernet/ip address pairings
++arpwatch \- keep track of ethernet/ip address pairings
+ .SH SYNOPSIS
+ .na
+ .B arpwatch
+Index: arpwatch/bihourly.8
+diff -u /dev/null arpwatch/bihourly.8:1.1.2.2
+--- /dev/null	Fri Oct 26 17:37:30 2001
++++ bihourly.8	Tue Apr 17 14:12:51 2001
+@@ -0,0 +1,73 @@
++.TH BIHOURLY 8
++.SH NAME
++bihourly \- track ethernet/ip address pairs
++.SH SYNOPSIS
++.na
++bihourly
++.SH "DESCRIPTION"
++.B bihourly
++is a script that automates the operation of
++.B arpsnmp(8)
++by executing
++.B arpfetch(8)
++on a series of hostnames and then
++sending the results to
++.B arpsnmp(8)
++for analysis.
++.LP
++The result is a report of the current pairings
++between ip addresses and the corresponding ethernet address
++of the network hardware as reported by
++.B snmpwalk(8).
++Activity
++is logged and noted changes are reported by email.
++.LP
++In its working directory
++.B bihourly
++expects a file named
++.IR list
++which contains a space separated list of hostnames to be queried
++and a file named
++.IR cname
++which holds the SNMP community name by which to query these hosts.
++.LP
++Contrary to the name,
++.B bihourly
++does not run twice every hour. It
++runs once each time it is invoked. For repeated operation
++.B bihourly
++must be invoked on a periodic basis by a program like
++.B cron(1).
++.SH FILES
++.na
++.nh
++.nf
++/var/lib/arpwatch - default working directory
++list - file containing names of hosts to query
++cname - file containing the SNMP community name by which to query
++.ad
++.hy
++.fi
++.SH "SEE ALSO"
++.na
++.nh
++.BR arpsnmp (8),
++.BR arpfetch(8),
++.BR snmpwalk (8),
++.BR cron (8)
++.ad
++.hy
++.SH BUGS
++Please send bug reports to arpwatch@ee.lbl.gov.
++.SH AUTHORS
++Craig Leres of the
++Lawrence Berkeley National Laboratory Network Research Group,
++University of California, Berkeley, CA.
++.LP
++The current version is available via anonymous ftp:
++.LP
++.RS
++.I ftp://ftp.ee.lbl.gov/arpwatch.tar.gz
++.RE
++.LP
++This manual page was contributed by Hugo Graumann.
+Index: arpwatch/massagevendor.8
+diff -u /dev/null arpwatch/massagevendor.8:1.1.2.2
+--- /dev/null	Fri Oct 26 17:37:30 2001
++++ massagevendor.8	Tue Apr 17 14:12:51 2001
+@@ -0,0 +1,91 @@
++.TH MASSAGEVENDOR 8
++.SH NAME
++massagevendor \- convert the ethernet vendor codes master list to arpwatch format
++.SH SYNOPSIS
++.na
++massagevendor
++.I vendorfile
++.SH "DESCRIPTION"
++.B massagevendor
++is a program that converts a text file containing ethernet vendor codes
++into a format suitable for use by
++.B arpwatch(8)
++and
++.B arpsnmp(8).
++The input
++.I vendorfile
++is a master text file containing vendor codes. The output
++is sent to
++.I stdout.
++Each line of the
++.I vendorfile
++is expected to have a six digit hexadecimal vendor code
++followed by spaces followed by the name of the manufacturer.
++.LP
++All ethernet devices have a unique identifier which
++includes a vendor code specifying the manufacturer of the
++device. In normal operation
++.B arpwatch(8)
++and
++.B arpsnmp(8)
++use the file
++.I ethercodes.dat
++to report this vendor code.
++.B massagevendor
++is used to generate the
++.I ethercodes.dat
++file from text files containing these vendor codes.
++.LP
++Locations where an ethernet vendor codes master text file
++can be obtained are given below.
++.SH FILES
++.na
++.nh
++.nf
++/usr/share/arpwatch - default location of the ethernet vendor list
++ethercodes.dat - file containing the list of ethernet vendor codes
++.ad
++.hy
++.fi
++.SH "SEE ALSO"
++.na
++.nh
++.BR arpwatch(8),
++.BR arpsnmp(8)
++.ad
++.hy
++.SH NOTES
++Sources for ethernet vendor codes seen in the wild are
++.LP
++.na
++.nh
++.nf
++.RS
++.I http://map-ne.com/Ethernet/vendor.html
++.I ftp://ftp.cavebear.com/pub/Ethernet.txt
++.I http://www.cavebear.com/CaveBear/Ethernet/vendor.html
++.RE
++.ad
++.hy
++.LP
++Useful for comparison or completeness are the
++ethernet vendor codes as assigned
++by the IEEE which can be found at
++.LP
++.RS
++.I http://standards.ieee.org/regauth/oui/oui.txt
++.RE
++.SH BUGS
++Please send bug reports to arpwatch@ee.lbl.gov.
++.SH AUTHORS
++Craig Leres of the
++Lawrence Berkeley National Laboratory Network Research Group,
++University of California, Berkeley, CA.
++.LP
++The current version is available via anonymous ftp:
++.LP
++.RS
++.I ftp://ftp.ee.lbl.gov/arpwatch.tar.gz
++.RE
++.LP
++This manual page was contributed by Hugo Graumann.
+Index: arpwatch/arpsnmp.c
+diff -u arpwatch/arpsnmp.c:1.1.1.1 arpwatch/arpsnmp.c:1.1.1.1.2.1
+--- arpsnmp.c:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpsnmp.c	Tue Apr 17 13:47:57 2001
+@@ -78,6 +78,10 @@
+ 	register char *cp;
+ 	register int op, i;
+ 	char errbuf[256];
++	char options[] =
++		"d"
++		"f:"
++	;
+ 
+ 	if ((cp = strrchr(argv[0], '/')) != NULL)
+ 		prog = cp + 1;
+@@ -90,7 +94,7 @@
+ 	}
+ 
+ 	opterr = 0;
+-	while ((op = getopt(argc, argv, "df:")) != EOF)
++	while ((op = getopt(argc, argv, options)) != EOF)
+ 		switch (op) {
+ 
+ 		case 'd':
+@@ -181,9 +185,14 @@
+ usage(void)
+ {
+ 	extern char version[];
++	char usage[] =
++		"[-d] "
++		"[-f datafile] "
++		"file [...]\n"
++	;
+ 
+ 	(void)fprintf(stderr, "Version %s\n", version);
+ 	(void)fprintf(stderr,
+-	    "usage: %s [-d] [-f datafile] file [...]\n", prog);
++	    "usage: %s %s", prog, usage);
+ 	exit(1);
+ }
+Index: arpwatch/arpwatch.c
+diff -u arpwatch/arpwatch.c:1.1.1.1 arpwatch/arpwatch.c:1.1.1.1.2.1
+--- arpwatch.c:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpwatch.c	Tue Apr 17 13:47:57 2001
+@@ -153,6 +153,14 @@
+ 	register char *interface, *rfilename;
+ 	struct bpf_program code;
+ 	char errbuf[PCAP_ERRBUF_SIZE];
++	char options[] =
++		"d"
++		"f:"
++		"i:"
++		"n:"
++		"N"
++		"r:"
++	;
+ 
+ 	if (argv[0] == NULL)
+ 		prog = "arpwatch";
+@@ -170,7 +178,7 @@
  	interface = NULL;
  	rfilename = NULL;
  	pd = NULL;
 -	while ((op = getopt(argc, argv, "df:i:n:Nr:")) != EOF)
-+	while ((op = getopt(argc, argv, "df:i:m:n:Nr:")) != EOF)
++	while ((op = getopt(argc, argv, options)) != EOF)
  		switch (op) {
  
  		case 'd':
-@@ -202,6 +204,10 @@
- 			rfilename = optarg;
+@@ -748,9 +756,16 @@
+ usage(void)
+ {
+ 	extern char version[];
++	char usage[] =
++		"[-dN] "
++		"[-f datafile] "
++		"[-i interface] "
++		"[-n net[/width]] "
++		"[-r file] "
++		"\n"
++	;
+ 
+ 	(void)fprintf(stderr, "Version %s\n", version);
+-	(void)fprintf(stderr, "usage: %s [-dN] [-f datafile] [-i interface]"
+-	    " [-n net[/width]] [-r file]\n", prog);
++	(void)fprintf(stderr, "usage: %s %s", prog, usage);
+ 	exit(1);
+ }
+Index: arpwatch/arpsnmp.8
+diff -u arpwatch/arpsnmp.8:1.1.1.1 arpwatch/arpsnmp.8:1.1.1.1.4.1
+--- arpsnmp.8:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpsnmp.8	Tue Apr 17 13:49:16 2001
+@@ -30,7 +30,12 @@
+ ] [
+ .B -f
+ .I datafile
++] [
++.B -s
++.I sendmail_path
+ ]
++.br
++.ti +8
+ .I file
+ [
+ .I ...
+@@ -54,6 +59,13 @@
+ flag is used to set the ethernet/ip address database filename.
+ The default is
+ .IR arp.dat .
++.LP
++The
++.B -s
++flag is used to specify the path to the sendmail program.
++Any program that takes the option -odi and then text from stdin
++can be substituted. This is useful for redirecting reports
++to log files instead of mail. (Debian specific)
+ .LP
+ Note that an empty
+ .I arp.dat
+Index: arpwatch/arpsnmp.c
+diff -u arpwatch/arpsnmp.c:1.1.1.1.2.1 arpwatch/arpsnmp.c:1.1.1.1.2.1.2.1
+--- arpsnmp.c:1.1.1.1.2.1	Tue Apr 17 13:47:57 2001
++++ arpsnmp.c	Tue Apr 17 13:49:16 2001
+@@ -67,6 +67,7 @@
+ __dead	void usage(void) __attribute__((volatile));
+ 
+ char *prog;
++char *path_sendmail = PATH_SENDMAIL;
+ 
+ extern int optind;
+ extern int opterr;
+@@ -81,6 +82,7 @@
+ 	char options[] =
+ 		"d"
+ 		"f:"
++		"s:"
+ 	;
+ 
+ 	if ((cp = strrchr(argv[0], '/')) != NULL)
+@@ -109,6 +111,10 @@
+ 			arpfile = optarg;
  			break;
  
-+		case 'm':
-+			Watcher = optarg;
++		case 's':
++			path_sendmail = optarg;
 +			break;
 +
  		default:
  			usage();
  		}
-@@ -751,6 +757,6 @@
+@@ -188,6 +194,7 @@
+ 	char usage[] =
+ 		"[-d] "
+ 		"[-f datafile] "
++		"[-s sendmail_path] "
+ 		"file [...]\n"
+ 	;
  
- 	(void)fprintf(stderr, "Version %s\n", version);
- 	(void)fprintf(stderr, "usage: %s [-dN] [-f datafile] [-i interface]"
--	    " [-n net[/width]] [-r file]\n", prog);
-+	    " [-m email] [-n net[/width]] [-r file]\n", prog);
- 	exit(1);
- }
---- report.c.orig	Sun Oct  1 00:41:10 2000
-+++ report.c	Thu May 16 11:34:33 2002
-@@ -45,6 +45,8 @@
- 
- #include <ctype.h>
- #include <errno.h>
-+#include <fcntl.h>
-+#include <paths.h>
- #include <signal.h>
- #include <stdio.h>
- #include <stdlib.h>
-@@ -70,6 +72,8 @@
- 
- #define PLURAL(n) ((n) == 1 || (n) == -1 ? "" : "s")
- 
-+extern char *Watcher;
+Index: arpwatch/arpwatch.8
+diff -u arpwatch/arpwatch.8:1.1.1.1 arpwatch/arpwatch.8:1.1.1.1.4.1
+--- arpwatch.8:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpwatch.8	Tue Apr 17 13:49:16 2001
+@@ -44,6 +44,12 @@
+ .B -r
+ .I file
+ ]
++.br
++.ti +8
++[
++.B -s
++.I sendmail_path
++]
+ .ad
+ .SH DESCRIPTION
+ .B Arpwatch
+@@ -93,6 +99,13 @@
+ of reading from the network. In this case,
+ .B arpwatch
+ does not fork.
++.LP
++The
++.B -s
++flag is used to specify the path to the sendmail program.
++Any program that takes the option -odi and then text from stdin
++can be substituted. This is useful for redirecting reports
++to log files instead of mail. (Debian specific)
+ .LP
+ Note that an empty
+ .I arp.dat
+Index: arpwatch/arpwatch.c
+diff -u arpwatch/arpwatch.c:1.1.1.1.2.1 arpwatch/arpwatch.c:1.1.1.1.2.1.2.1
+--- arpwatch.c:1.1.1.1.2.1	Tue Apr 17 13:47:57 2001
++++ arpwatch.c	Tue Apr 17 13:49:16 2001
+@@ -106,6 +106,7 @@
+ #endif
+ 
+ char *prog;
++char *path_sendmail = PATH_SENDMAIL;
+ 
+ int can_checkpoint;
+ int swapped;
+@@ -160,6 +161,7 @@
+ 		"n:"
+ 		"N"
+ 		"r:"
++		"s:"
+ 	;
+ 
+ 	if (argv[0] == NULL)
+@@ -210,6 +212,10 @@
+ 			rfilename = optarg;
+ 			break;
+ 
++		case 's':
++			path_sendmail = optarg;
++			break;
 +
- static int cdepth;	/* number of outstanding children */
+ 		default:
+ 			usage();
+ 		}
+@@ -761,7 +767,8 @@
+ 		"[-f datafile] "
+ 		"[-i interface] "
+ 		"[-n net[/width]] "
+-		"[-r file] "
++		"[-r file]\n\t"
++		"[-s sendmail_path] "
+ 		"\n"
+ 	;
  
- static char *fmtdate(time_t);
-@@ -240,7 +244,7 @@
+Index: arpwatch/report.c
+diff -u arpwatch/report.c:1.1.1.1 arpwatch/report.c:1.1.1.1.4.1
+--- report.c:1.1.1.1	Tue Apr 17 13:31:37 2001
++++ report.c	Tue Apr 17 13:49:16 2001
+@@ -235,6 +235,7 @@
+ report(register char *title, register u_int32_t a, register u_char *e1,
+     register u_char *e2, register time_t *t1p, register time_t *t2p)
+ {
++        extern char *path_sendmail;
+ 	register char *cp, *hn;
+ 	register int fd, pid;
  	register FILE *f;
- 	char tempfile[64], cpu[64], os[64];
+@@ -242,7 +243,7 @@
  	char *fmt = "%20s: %s\n";
--	char *watcher = WATCHER;
-+	char *watcher = Watcher ? Watcher : WATCHER;
+ 	char *watcher = WATCHER;
  	char *watchee = WATCHEE;
- 	char *sendmail = PATH_SENDMAIL;
+-	char *sendmail = PATH_SENDMAIL;
++	char *sendmail = path_sendmail;
  	char *unknown = "<unknown>";
-@@ -344,6 +348,25 @@
- 		exit(1);
- 	}
- 	/* XXX Need to freopen()? */
-+
-+	/*
-+	 * Open /dev/null as stdout and stderr so that sendmail 8.12.1 (and
-+	 * above ?) won't complain about missing file descriptors.
-+	 */
-+	if ((fd = open(_PATH_DEVNULL, O_RDWR)) == -1) {
-+		syslog(LOG_ERR, "Cannot open %s: %m", _PATH_DEVNULL);
-+		exit(1);
-+	}
-+	if (dup2(fd, STDOUT_FILENO) == -1) {
-+		syslog(LOG_ERR, "Cannot dup2 %s to stdout: %m", _PATH_DEVNULL);
-+		exit(1);
-+	}
-+	if (dup2(fd, STDERR_FILENO) == -1) {
-+		syslog(LOG_ERR, "Cannot dup2 %s to stderr: %m", _PATH_DEVNULL);
-+		exit(1);
-+	}
-+	close(fd);
-+
- 	/* Always Deliver interactively (pause when child depth gets large) */
- 	execl(sendmail, "sendmail", "-odi", watcher, NULL);
- 	syslog(LOG_ERR, "execl: %s: %m", sendmail);
---- arpsnmp.c.orig	Mon Jan 18 01:47:40 1999
-+++ arpsnmp.c	Thu Feb 22 22:47:29 2001
-@@ -68,6 +68,8 @@
+ 	char buf[132];
+ 	static int init = 0;
+Index: arpwatch/arpwatch.8
+diff -u arpwatch/arpwatch.8:1.1.1.1 arpwatch/arpwatch.8:1.1.1.1.6.1
+--- arpwatch.8:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpwatch.8	Tue Apr 17 13:50:23 2001
+@@ -29,6 +29,8 @@
+ [
+ .B -dN
+ ] [
++.B -p
++] [
+ .B -f
+ .I datafile
+ ] [
+@@ -81,6 +83,15 @@
+ The
+ .B -N
+ flag disables reporting any bogons.
++.LP
++The
++.B -p
++flag disables promiscuous operation.  ARP broadcasts get through hubs without
++having the interface in promiscuous mode, while saving considerable resources
++that would be wasted on processing gigabytes of non-broadcast traffic.  OTOH,
++setting promiscuous mode does not mean getting 100% traffic that would concern
++.B arpwatch .
++YMMV. (Debian specific)
+ .LP
+ The
+ .B -r
+Index: arpwatch/arpwatch.c
+diff -u arpwatch/arpwatch.c:1.1.1.1.2.1 arpwatch/arpwatch.c:1.1.1.1.2.1.4.1
+--- arpwatch.c:1.1.1.1.2.1	Tue Apr 17 13:47:57 2001
++++ arpwatch.c	Tue Apr 17 13:50:23 2001
+@@ -159,6 +159,7 @@
+ 		"i:"
+ 		"n:"
+ 		"N"
++		"p"
+ 		"r:"
+ 	;
  
- char *prog;
+@@ -206,6 +207,10 @@
+ 			++nobogons;
+ 			break;
  
-+char *Watcher;
++		case 'p':
++			++nopromisc;
++			break;
 +
- extern int optind;
- extern int opterr;
- extern char *optarg;
-@@ -90,7 +92,7 @@
- 	}
+ 		case 'r':
+ 			rfilename = optarg;
+ 			break;
+@@ -277,7 +282,7 @@
+ 		snaplen = max(sizeof(struct ether_header),
+ 		    sizeof(struct fddi_header)) + sizeof(struct ether_arp);
+ 		timeout = 1000;
+-		pd = pcap_open_live(interface, snaplen, 1, timeout, errbuf);
++		pd = pcap_open_live(interface, snaplen, !nopromisc, timeout, errbuf);
+ 		if (pd == NULL) {
+ 			syslog(LOG_ERR, "pcap open %s: %s", interface, errbuf);
+ 			exit(1);
+@@ -758,6 +763,7 @@
+ 	extern char version[];
+ 	char usage[] =
+ 		"[-dN] "
++		"[-p] "
+ 		"[-f datafile] "
+ 		"[-i interface] "
+ 		"[-n net[/width]] "
+Index: arpwatch/util.c
+diff -u arpwatch/util.c:1.1.1.1 arpwatch/util.c:1.1.1.1.6.1
+--- util.c:1.1.1.1	Tue Apr 17 13:31:37 2001
++++ util.c	Tue Apr 17 13:50:23 2001
+@@ -61,6 +61,7 @@
  
- 	opterr = 0;
--	while ((op = getopt(argc, argv, "df:")) != EOF)
-+	while ((op = getopt(argc, argv, "df:m:")) != EOF)
+ int debug = 0;
+ int initializing = 1;			/* true if initializing */
++int nopromisc = 0;			/* don't activate promisc mode */
+ 
+ /* syslog() helper routine */
+ void
+Index: arpwatch/util.h
+diff -u arpwatch/util.h:1.1.1.1 arpwatch/util.h:1.1.1.1.6.1
+--- util.h:1.1.1.1	Tue Apr 17 13:31:37 2001
++++ util.h	Tue Apr 17 13:50:23 2001
+@@ -17,3 +17,4 @@
+ 
+ extern int debug;
+ extern int initializing;
++extern int nopromisc;
+Index: arpwatch/arpwatch.8
+diff -u arpwatch/arpwatch.8:1.1.1.1 arpwatch/arpwatch.8:1.1.1.1.8.1
+--- arpwatch.8:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpwatch.8	Tue Apr 17 13:51:23 2001
+@@ -27,6 +27,8 @@
+ .na
+ .B arpwatch
+ [
++.B -a
++] [
+ .B -dN
+ ] [
+ .B -f
+@@ -53,6 +55,17 @@
+ uses
+ .BR pcap (3)
+ to listen for arp packets on a local ethernet interface.
++.LP
++.B -a
++By default,
++.B arpwatch
++reports bogons (unless
++.B -N
++is given) for IP addresses that are in the same subnet than the
++first IP address of the default interface.  If this option is
++specified,
++.B arpwatch
++will report bogons about every IP addresses. (Debian specific)
+ .LP
+ The
+ .B -d
+Index: arpwatch/arpwatch.c
+diff -u arpwatch/arpwatch.c:1.1.1.1.2.1 arpwatch/arpwatch.c:1.1.1.1.2.1.6.1
+--- arpwatch.c:1.1.1.1.2.1	Tue Apr 17 13:47:57 2001
++++ arpwatch.c	Tue Apr 17 13:51:23 2001
+@@ -154,6 +154,7 @@
+ 	struct bpf_program code;
+ 	char errbuf[PCAP_ERRBUF_SIZE];
+ 	char options[] =
++		"a"
+ 		"d"
+ 		"f:"
+ 		"i:"
+@@ -181,6 +182,10 @@
+ 	while ((op = getopt(argc, argv, options)) != EOF)
  		switch (op) {
  
++		case 'a':
++			++allsubnets;
++			break;
++
  		case 'd':
-@@ -105,6 +107,10 @@
- 			arpfile = optarg;
+ 			++debug;
+ #ifndef DEBUG
+@@ -389,7 +394,7 @@
+ 	/* Watch for bogons */
+ 	if (isbogon(sia)) {
+ 		dosyslog(LOG_INFO, "bogon", sia, sea, sha);
+-		return;
++		if (!allsubnets) return;
+ 	}
+ 
+ 	/* Watch for ethernet broadcast */
+@@ -538,7 +543,7 @@
+ 	/* Watch for bogons */
+ 	if (isbogon(sia)) {
+ 		dosyslog(LOG_INFO, "bogon", sia, sea, sha);
+-		return;
++		if (!allsubnets) return;
+ 	}
+ 
+ 	/* Watch for ethernet broadcast */
+@@ -757,6 +762,7 @@
+ {
+ 	extern char version[];
+ 	char usage[] =
++		"[-a] "
+ 		"[-dN] "
+ 		"[-f datafile] "
+ 		"[-i interface] "
+Index: arpwatch/util.c
+diff -u arpwatch/util.c:1.1.1.1 arpwatch/util.c:1.1.1.1.8.1
+--- util.c:1.1.1.1	Tue Apr 17 13:31:37 2001
++++ util.c	Tue Apr 17 13:51:24 2001
+@@ -59,6 +59,7 @@
+ u_char zero[6] = { 0, 0, 0, 0, 0, 0 };
+ u_char allones[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
+ 
++int allsubnets = 0;			/* watch all attached subnets */
+ int debug = 0;
+ int initializing = 1;			/* true if initializing */
+ 
+Index: arpwatch/util.h
+diff -u arpwatch/util.h:1.1.1.1 arpwatch/util.h:1.1.1.1.8.1
+--- util.h:1.1.1.1	Tue Apr 17 13:31:37 2001
++++ util.h	Tue Apr 17 13:51:24 2001
+@@ -15,5 +15,6 @@
+ extern u_char zero[6];
+ extern u_char allones[6];
+ 
++extern int allsubnets;
+ extern int debug;
+ extern int initializing;
+Index: arpwatch/arpsnmp.8
+diff -u arpwatch/arpsnmp.8:1.1.1.1 arpwatch/arpsnmp.8:1.1.1.1.12.1
+--- arpsnmp.8:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpsnmp.8	Tue Apr 17 13:54:38 2001
+@@ -28,6 +28,9 @@
+ [
+ .B -d
+ ] [
++.B -m
++.I addr
++] [
+ .B -f
+ .I datafile
+ ]
+@@ -48,6 +51,13 @@
+ flag is used enable debugging. This also inhibits mailing the reports.
+ Instead, they are sent to
+ .IR stderr .
++.LP
++The
++.B -m
++option is used to specify the e-mail address to which reports will be
++sent.  By default, reports are sent to
++.I root
++on the local machine. (Debian specific)
+ .LP
+ The
+ .B -f
+Index: arpwatch/arpsnmp.c
+diff -u arpwatch/arpsnmp.c:1.1.1.1.2.1 arpwatch/arpsnmp.c:1.1.1.1.2.1.8.1
+--- arpsnmp.c:1.1.1.1.2.1	Tue Apr 17 13:47:57 2001
++++ arpsnmp.c	Tue Apr 17 13:54:38 2001
+@@ -80,6 +80,7 @@
+ 	char errbuf[256];
+ 	char options[] =
+ 		"d"
++		"m:"
+ 		"f:"
+ 	;
+ 
+@@ -105,6 +106,10 @@
+ #endif
  			break;
  
 +		case 'm':
-+			Watcher = optarg;
++			mailaddress = optarg;
 +			break;
 +
- 		default:
- 			usage();
- 		}
-@@ -184,6 +190,6 @@
- 
- 	(void)fprintf(stderr, "Version %s\n", version);
- 	(void)fprintf(stderr,
--	    "usage: %s [-d] [-f datafile] file [...]\n", prog);
-+	    "usage: %s [-d] [-f datafile] [-m email] file [...]\n", prog);
- 	exit(1);
- }
---- arpwatch.8.orig	Sun Oct  8 21:31:28 2000
-+++ arpwatch.8	Thu Feb 22 22:47:29 2001
-@@ -38,6 +38,9 @@
+ 		case 'f':
+ 			arpfile = optarg;
+ 			break;
+@@ -187,6 +192,7 @@
+ 	extern char version[];
+ 	char usage[] =
+ 		"[-d] "
++		"[-m addr ] "
+ 		"[-f datafile] "
+ 		"file [...]\n"
+ 	;
+Index: arpwatch/arpwatch.8
+diff -u arpwatch/arpwatch.8:1.1.1.1 arpwatch/arpwatch.8:1.1.1.1.12.1
+--- arpwatch.8:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arpwatch.8	Tue Apr 17 13:54:38 2001
+@@ -38,6 +38,10 @@
  .br
  .ti +8
  [
 +.B -m
-+.I email
-+] [
++.I addr
++]
++[
  .B -n
  .IR net [/ width
  ]] [
-@@ -69,6 +72,12 @@
+@@ -69,6 +73,13 @@
  The
  .B -i
  flag is used to override the default interface.
 +.LP
 +The
 +.B -m
-+flag specifies the address that will receive the emails.
-+The default is
-+.IR root .
++option is used to specify the e-mail address to which reports will be
++sent.  By default, reports are sent to
++.I root
++on the local machine. (Debian specific)
  .LP
  The
  .B -n
---- arpsnmp.8.orig	Sun Sep 17 21:34:48 2000
-+++ arpsnmp.8	Thu Feb 22 22:47:29 2001
-@@ -30,6 +30,9 @@
- ] [
- .B -f
- .I datafile
-+] [
-+.B -m
-+.I email
+Index: arpwatch/arpwatch.c
+diff -u arpwatch/arpwatch.c:1.1.1.1.2.1 arpwatch/arpwatch.c:1.1.1.1.2.1.8.1
+--- arpwatch.c:1.1.1.1.2.1	Tue Apr 17 13:47:57 2001
++++ arpwatch.c	Tue Apr 17 13:54:38 2001
+@@ -157,6 +157,7 @@
+ 		"d"
+ 		"f:"
+ 		"i:"
++		"m:"
+ 		"n:"
+ 		"N"
+ 		"r:"
+@@ -197,6 +198,10 @@
+ 			interface = optarg;
+ 			break;
+ 
++		case 'm':
++			mailaddress = optarg;
++			break;
++
+ 		case 'n':
+ 			if (!addnet(optarg))
+ 				usage();
+@@ -760,6 +765,7 @@
+ 		"[-dN] "
+ 		"[-f datafile] "
+ 		"[-i interface] "
++		"[-m addr] "
+ 		"[-n net[/width]] "
+ 		"[-r file] "
+ 		"\n"
+Index: arpwatch/report.c
+diff -u arpwatch/report.c:1.1.1.1 arpwatch/report.c:1.1.1.1.12.1
+--- report.c:1.1.1.1	Tue Apr 17 13:31:37 2001
++++ report.c	Tue Apr 17 13:54:38 2001
+@@ -240,7 +240,7 @@
+ 	register FILE *f;
+ 	char tempfile[64], cpu[64], os[64];
+ 	char *fmt = "%20s: %s\n";
+-	char *watcher = WATCHER;
++	char *watcher = mailaddress;
+ 	char *watchee = WATCHEE;
+ 	char *sendmail = PATH_SENDMAIL;
+ 	char *unknown = "<unknown>";
+Index: arpwatch/util.c
+diff -u arpwatch/util.c:1.1.1.1 arpwatch/util.c:1.1.1.1.12.1
+--- util.c:1.1.1.1	Tue Apr 17 13:31:37 2001
++++ util.c	Tue Apr 17 13:54:38 2001
+@@ -50,10 +50,12 @@
+ #include "ec.h"
+ #include "file.h"
+ #include "util.h"
++#include "addresses.h"
+ 
+ char *arpdir = ARPDIR;
+ char *arpfile = ARPFILE;
+ char *ethercodes = ETHERCODES;
++char *mailaddress = WATCHER;
+ 
+ /* Broadcast ethernet addresses */
+ u_char zero[6] = { 0, 0, 0, 0, 0, 0 };
+Index: arpwatch/util.h
+diff -u arpwatch/util.h:1.1.1.1 arpwatch/util.h:1.1.1.1.12.1
+--- util.h:1.1.1.1	Tue Apr 17 13:31:37 2001
++++ util.h	Tue Apr 17 13:54:38 2001
+@@ -11,6 +11,7 @@
+ extern char *arpfile;
+ extern char *oldarpfile;
+ extern char *ethercodes;
++extern char *mailaddress;
+ 
+ extern u_char zero[6];
+ extern u_char allones[6];
+Index: arpwatch/arp2ethers
+diff -u arpwatch/arp2ethers:1.1.1.1 arpwatch/arp2ethers:1.1.1.1.14.1
+--- arp2ethers:1.1.1.1	Tue Apr 17 13:31:36 2001
++++ arp2ethers	Tue Apr 17 13:56:38 2001
+@@ -1,5 +1,5 @@
+-#!/bin/csh -f
+-# @(#) $Id: arpwatch-2.1.11-gentoo.diff,v 1.2 2003/08/06 14:15:35 lanius Exp $ (LBL)
++#!/bin/sh
++# @(#) $Header: /var/cvsroot/gentoo-x86/net-analyzer/arpwatch/files/arpwatch-2.1.11-gentoo.diff,v 1.2 2003/08/06 14:15:35 lanius Exp $ (LBL)
+ #
+ # Convert arp.dat to ethers format
+ #
+@@ -12,12 +12,74 @@
+ #	- append "-old", "-old1", etc. as necessary
+ #	- sort
+ #
++# 1999-04-12	KELEMEN Peter <fuji@debian.org>
++#	Use sh(1) instead of csh(1).
++#
++# 2000-03-21	Erik Warmelink <erik@selwerd.nl>
++#	Use next instead of continue in included p.awk.
+ 
+ sort +2rn arp.dat | \
+     awk 'NF == 4 { print }' | \
+-    awk -f p.awk | \
++# 1999-04-12	KELEMEN Peter <fuji@debian.org>
++#    awk -f p.awk | \
++    awk '
++# Only print the first ethernet address seen
++
++{
++	e = $1
++	if (seen[e])
++		next
++	seen[e] = 1
++	print $0
++}
++    ' | \
+     egrep -v '\.[0-9][0-9]*$' | \
+     sed -e 's/	.*	/	/' | \
+-    awk -f d.awk | \
+-    awk -f e.awk | \
++# 1999-04-12	KELEMEN Peter <fuji@debian.org>
++#    awk -f d.awk | \
++    awk '
++# DECnet hacking
++
++BEGIN {
++	n = 0
++	sdecnet = "aa:0:4:"
++	ldecnet = length(sdecnet)
++}
++
++{
++	++n
++	e[n] = $1
++	h[n] = $2
++	if (sdecnet == substr($1, 1, ldecnet))
++		decnet[$2] = 1
++}
++
++END {
++	for (i = 1; i <= n; ++i) {
++		if (decnet[h[i]] && sdecnet != substr(e[i], 1, ldecnet))
++			h[i] = h[i] "-ip"
++		print e[i] "\t" h[i]
++	}
++}
++    ' | \
++# 1999-04-12	KELEMEN Peter <fuji@debian.org>
++#    awk -f e.awk | \
++    awk '
++# Add -old suffix to ethers file, as required. Assumed sorted input
++
++{
++	if (!seen[$2]) {
++		seen[$2] = 1
++		print
++		next
++	}
++	h = $2 "-old"
++	s = h
++	for (n = 1; seen[h]; ++n)
++		h = s n
++	seen[h] = 1
++	print $1 "\t" h
++	next
++}
++    ' | \
+     sort
+--- arpwatch.8.orig	Sun Oct  8 23:31:28 2000
++++ arpwatch.8	Mon Oct 16 16:46:19 2000
+@@ -40,17 +40,20 @@
+ .I interface
  ]
- .I file
+ .br
+-.ti +8
++.ti +9
  [
-@@ -54,6 +57,12 @@
- flag is used to set the ethernet/ip address database filename.
- The default is
- .IR arp.dat .
-+.LP
-+The
-+.B -m
-+flag specifies the address that will receive the emails.
-+The default is
-+.IR root .
+ .B -m
+ .I addr
+ ]
+ [
+ .B -n
+ .IR net [/ width
+ ]] [
+ .B -r
+ .I file
++] [
++.B -u
++.I username
+ ]
+ .br
+ .ti +8
+@@ -94,10 +97,26 @@
+ .B arpwatch
+ does not fork.
  .LP
++If 
++.B -u 
++flag is used, 
++.B arpwatch
++drops root privileges and changes user ID to
++.I username
++and group ID to that of the primary group of 
++.IR username .
++This is recommended for security reasons.
++.LP
  Note that an empty
  .I arp.dat
+ file must be created before the first time you run
+-.BR arpwatch .
++.BR arpwatch . 
++Also, the default directory (where arp.dat is stored) must be owned
++by 
++.I username
++if 
++.BR -u
++flag is used.
+ .LP
+ .SH "REPORT MESSAGES"
+ Here's a quick list of the report messages generated by
+--- arpwatch.c	Sat Oct 14 05:07:35 2000
++++ arpwatch.c	Sun Jun 10 16:22:57 2001
+@@ -62,7 +62,7 @@
+ #include <string.h>
+ #include <syslog.h>
+ #include <unistd.h>
+-
++#include <pwd.h>
+ #include <pcap.h>
+ 
+ #include "gnuc.h"
+@@ -141,6 +141,25 @@
+ int	sanity_fddi(struct fddi_header *, struct ether_arp *, int);
+ __dead	void usage(void) __attribute__((volatile));
+ 
++void dropprivileges(const char* user)
++{
++	struct passwd* pw;
++	pw = getpwnam( user );
++	if ( pw ) {
++		if ( initgroups(pw->pw_name, NULL) != 0 || setgid(pw->pw_gid) != 0 ||
++				 setuid(pw->pw_uid) != 0 ) {
++			syslog(LOG_ERR, "Couldn't change to '%.32s' uid=%d gid=%d", user,
++						 pw->pw_uid, pw->pw_gid);
++			exit(1);
++		}
++	}
++	else {
++		syslog(LOG_ERR, "Couldn't find user '%.32s' in /etc/passwd", user);
++		exit(1);
++	}
++	syslog(LOG_DEBUG, "Running as uid=%d gid=%d", getuid(), getgid());
++}
++
+ int
+ main(int argc, char **argv)
+ {
+@@ -153,6 +172,7 @@
+ 	register char *interface, *rfilename;
+ 	struct bpf_program code;
+ 	char errbuf[PCAP_ERRBUF_SIZE];
++	char* serveruser = NULL;
+	char options[] =
+		"a"
+		"d"
+@@ -184,6 +184,7 @@
+		"p"
+		"r:"
+		"s:"
++       "u:"
+	;
+
+	if (argv[0] == NULL)
+@@ -202,6 +222,16 @@
+ 			rfilename = optarg;
+ 			break;
+ 
++		case 'u':
++			if ( optarg ) {
++				serveruser = strdup(optarg);
++			}
++			else {
++				fprintf(stderr, "%s: Need username after -u\n", prog);
++				usage();
++			}
++			break;
++
+ 		default:
+ 			usage();
+ 		}
+@@ -283,8 +313,11 @@
+ 	 * Revert to non-privileged user after opening sockets
+ 	 * (not needed on most systems).
+ 	 */
+-	setgid(getgid());
+-	setuid(getuid());
++	/*setgid(getgid());*/
++	/*setuid(getuid());*/
++	if ( serveruser ) {
++		dropprivileges( serveruser );
++	}
+ 
+ 	/* Must be ethernet or fddi */
+ 	linktype = pcap_datalink(pd);
+@@ -817,6 +817,7 @@
+		"[-i interface] "
+		"[-m addr] "
+		"[-n net[/width]] "
++	    "[-u username] "
+		"[-r file]\n\t"
+		"[-s sendmail_path] "
+		"\n"
diff --git a/net-analyzer/arpwatch/files/arpwatch.confd b/net-analyzer/arpwatch/files/arpwatch.confd
new file mode 100644
index 000000000000..58d85600c311
--- /dev/null
+++ b/net-analyzer/arpwatch/files/arpwatch.confd
@@ -0,0 +1,7 @@
+# Config file for /etc/init.d/arpwatch
+# see arpwatch.8 for more information
+
+#IFACES="eth0 eth1"
+IFACES="eth0"
+
+OPTIONS=""
diff --git a/net-analyzer/arpwatch/files/arpwatch.init b/net-analyzer/arpwatch/files/arpwatch.init
index 3cc7fea48abe..327753a3b136 100644
--- a/net-analyzer/arpwatch/files/arpwatch.init
+++ b/net-analyzer/arpwatch/files/arpwatch.init
@@ -8,13 +8,17 @@ depend() {
 }
 
 start() {
-	ebegin "Starting arpwatch"
-	if [ ! -e /var/arpwatch/arp.dat ]; then
-		touch /var/arpwatch/arp.dat 
-	fi
-	/usr/sbin/arpwatch -i eth0 -f /var/arpwatch/arp.dat
-	result=$?
-	eend $result
+	for IFACE in ${IFACES}
+	do
+		ebegin "Starting arpwatch on ${IFACE}"
+		DATAFILE=/var/arpwatch/${IFACE}.dat
+		if [ ! -f ${DATAFILE} ]; then
+			touch ${DATAFILE}
+		fi
+		/usr/sbin/arpwatch -i $IFACE -f /var/arpwatch/$IFACE.dat ${OPTIONS}
+		result=$?
+		eend $result
+	done
 }
 
 stop() {
diff --git a/net-analyzer/arpwatch/files/digest-arpwatch-2.1.11 b/net-analyzer/arpwatch/files/digest-arpwatch-2.1.11-r1
index b6206100df76..b6206100df76 100644
--- a/net-analyzer/arpwatch/files/digest-arpwatch-2.1.11
+++ b/net-analyzer/arpwatch/files/digest-arpwatch-2.1.11-r1
diff --git a/net-analyzer/arpwatch/metadata.xml b/net-analyzer/arpwatch/metadata.xml
new file mode 100644
index 000000000000..c3504b40c506
--- /dev/null
+++ b/net-analyzer/arpwatch/metadata.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>no-herd</herd>
+<maintainer>
+  <email>lanius@gentoo.org</email>
+  <name>Heinrich Wendel</name>
+</maintainer>
+</pkgmetadata>