Blob Blame Raw
--- a/arpwatch.8	2016-01-26 10:13:58.344326599 +0100
+++ b/arpwatch.8	2016-01-26 09:59:46.620048949 +0100
@@ -27,7 +27,7 @@ arpwatch - keep track of ethernet/ip add
 .na
 .B arpwatch
 [
-.B -dN
+.B -dNp
 ] [
 .B -f
 .I datafile
@@ -70,6 +70,10 @@ background and emailing the reports. Ins
 .IR stderr .
 .LP
 The
+.B -p
+flag disables promiscous mode.
+.LP
+The
 .B -f
 flag is used to set the ethernet/ip address database filename.
 The default is
diff -rup arpwatch-2.1a15/arpwatch.c arpwatch-2.1a15-new/arpwatch.c
--- a/arpwatch.c	2016-01-26 10:13:58.356326563 +0100
+++ b/arpwatch.c	2016-01-26 10:13:37.273390029 +0100
@@ -162,7 +162,7 @@ void dropprivileges(const char* user)
 }
 
 char *
-try_dev(char *interface, pcap_t **pd, int *linktype, char *errbuf)
+try_dev(char *interface, pcap_t **pd, int *linktype, int promisc, char *errbuf)
 {
 	register int snaplen, timeout;
 
@@ -170,7 +170,7 @@ try_dev(char *interface, pcap_t **pd, in
 				  sizeof(struct fddi_header)) + sizeof(struct ether_arp);
 	timeout = 1000;
 
-	*pd = pcap_open_live(interface, snaplen, 1, timeout, errbuf);
+	*pd = pcap_open_live(interface, snaplen, promisc, timeout, errbuf);
 	if (NULL == *pd) {
 		syslog(LOG_ERR, "pcap open %s: %s", interface,  errbuf);
 		return NULL;
@@ -187,14 +187,14 @@ try_dev(char *interface, pcap_t **pd, in
 }
 
 char *
-iterate_dev(char *arginterface, pcap_t **pd, int *linktype, char *errbuf)
+iterate_dev(char *arginterface, pcap_t **pd, int *linktype, int promisc, char *errbuf)
 {
 	static char interface[64 + 1];
 	pcap_if_t *alldevs;
 	pcap_if_t *dev;
 
 	if (NULL != arginterface) {
-		return try_dev(arginterface, pd, linktype, errbuf);
+		return try_dev(arginterface, pd, linktype, promisc, errbuf);
 	} else {
 		if (pcap_findalldevs(&alldevs, errbuf) == -1) {
 			(void)fprintf(stderr, "%s: lookup_device: %s\n",
@@ -203,7 +203,7 @@ iterate_dev(char *arginterface, pcap_t *
 		}
 		for (dev = alldevs; dev && (arginterface == NULL); dev = dev->next) {
 			strncpy(interface, dev->name, strlen(dev->name)+1);
-			arginterface = try_dev(interface, pd, linktype, errbuf);
+			arginterface = try_dev(interface, pd, linktype, promisc, errbuf);
 		}
 		pcap_freealldevs(alldevs);
 		return arginterface;
@@ -224,6 +224,7 @@ main(int argc, char **argv)
 	struct bpf_program code;
 	char errbuf[PCAP_ERRBUF_SIZE];
 	char* serveruser = NULL;
+	int promisc = 1;
 
 	if (argv[0] == NULL)
 		prog = "arpwatch";
@@ -242,7 +243,7 @@ main(int argc, char **argv)
 	linktype = -1;
 	rfilename = NULL;
 	pd = NULL;
-	while ((op = getopt(argc, argv, "df:i:n:Nr:u:e:s:")) != EOF)
+	while ((op = getopt(argc, argv, "df:i:n:Nr:u:e:s:p")) != EOF)
 		switch (op) {
 
 		case 'd':
@@ -304,6 +305,10 @@ main(int argc, char **argv)
 			}
 			break;
 
+		case 'p':
+			promisc = 0;
+			break;
+
 		default:
 			usage();
 		}
@@ -317,7 +322,7 @@ main(int argc, char **argv)
 	} else {
 
 		/* Determine interface if not specified */
-		interface = iterate_dev(interface, &pd, &linktype, errbuf);
+		interface = iterate_dev(interface, &pd, &linktype, promisc, errbuf);
 		if (interface == NULL) {
 			(void)fprintf(stderr, "%s: lookup_device: no suitable interface found\n",
 						  prog);