Bug 202548 - update to net-mgmt/arpwatch to ignore VRRP/CARP traffic
Summary: update to net-mgmt/arpwatch to ignore VRRP/CARP traffic
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Kurt Jaeger
Depends on:
Reported: 2015-08-21 15:27 UTC by paul
Modified: 2016-08-27 20:15 UTC (History)
1 user (show)

See Also:

patch to net-mgmt/arpwatch (3.02 KB, patch)
2015-08-21 15:27 UTC, paul
no flags Details | Diff
patch to net-mgmt/arpwatch (3.06 KB, patch)
2015-08-21 15:52 UTC, paul
no flags Details | Diff
patch-v3 (4.31 KB, patch)
2016-08-27 20:07 UTC, Kurt Jaeger
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description paul 2015-08-21 15:27:23 UTC
Created attachment 160178 [details]
patch to net-mgmt/arpwatch

net-mgmt/arpwatch complains verbosely in the presence of machines that use CARP:

2015-08-21T01:21:00+00:00 host.example.com arpwatch: ethernet mismatch 0:25:33:22:11:00 (0:0:5e:0:1:1)

I found an email from Jordan Gordeev from 2006 that contains a patch to silence these messages:


The attached file adds a build option called NOVRRP that causes arpwatch to ignore MAC addresses that use the VRRP/CARP ethernet prefix.
Comment 1 paul 2015-08-21 15:52:08 UTC
Created attachment 160180 [details]
patch to net-mgmt/arpwatch

Patch to net-mgmt/arpwatch that enables arpwatch to ignore ARP traffic involving CARP/VRRP addresses.
Comment 2 Kurt Jaeger freebsd_committer 2016-03-28 09:23:45 UTC
Would you mind to provide the patch so that it can be switched on/off using a command line option ? Sometimes the use of carp / vrrp might not be known in advance and then arpwatch can be used to detect it.
Comment 3 Kurt Jaeger freebsd_committer 2016-03-28 09:53:23 UTC
please note that


is adding a -z flag, maybe you can provide some similar patch for VRRP/CARP ?
Comment 4 Kurt Jaeger freebsd_committer 2016-08-27 20:07:35 UTC
Created attachment 174134 [details]

add the vrrp option as command line option
Comment 5 commit-hook freebsd_committer 2016-08-27 20:14:59 UTC
A commit references this bug:

Author: pi
Date: Sat Aug 27 20:14:48 UTC 2016
New revision: 420995
URL: https://svnweb.freebsd.org/changeset/ports/420995

  net-mgmt/arpwatch: add flag -v to ignore VRRP/CARP traffic

  - The -v flag disables reporting on VRRP/CARP ethernet prefixes as
    described in RFC5798 (00:00:5e:00:01:xx)

  PR:		202548
  Submitted by:	paul@dokas.name

Comment 6 Kurt Jaeger freebsd_committer 2016-08-27 20:15:31 UTC
Committed, thanks!