mirror of
https://github.com/AMS-IX/arpsponge.git
synced 2024-09-21 07:47:08 +00:00
Switch around changelog/Changelog symlink.
This commit is contained in:
parent
81729855d2
commit
561be4ea51
893
Changelog
893
Changelog
@ -1,893 +0,0 @@
|
||||
arpsponge (3.17.4) unstable; urgency=low
|
||||
|
||||
[2014-11-24] - steven (r348)
|
||||
=> init.d/arpsponge.sh:
|
||||
* Fix "status" to exit with appropriate code when there's no
|
||||
sponge running. Also don't try to send a USR1 signal when not
|
||||
running as root.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Mon, 24 Nov 2014 15:12:52 +0100
|
||||
|
||||
arpsponge (3.17.3-2) unstable; urgency=low
|
||||
|
||||
[2014-10-23] - steven (r346)
|
||||
=> debian/arpsponge.init, debian/conffiles:
|
||||
* Fix init file reference.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 23 Oct 2014 10:19:45 +0200
|
||||
|
||||
arpsponge (3.17.3-1) unstable; urgency=low
|
||||
|
||||
[2014-10-23] - steven (r343-r344)
|
||||
=> init.d/arpsponge.sh:
|
||||
* Use "/bin/sh" instead of "/bin/bash" for init script.
|
||||
=> defaults.sample.src, sbin/arpsponge.pl:
|
||||
* Add support/doc for LOGMASK init variable.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 23 Oct 2014 10:16:15 +0200
|
||||
|
||||
arpsponge (3.17.2) unstable; urgency=high
|
||||
|
||||
[2014-10-22] - steven (r338)
|
||||
=> lib/M6/ARP/Event.pm:
|
||||
* Export event_err instead of event_errr.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 22 Oct 2014 17:04:26 +0200
|
||||
|
||||
arpsponge (3.17.1) unstable; urgency=low
|
||||
|
||||
[2014-10-07] - steven (r336)
|
||||
=> sbin/asctl.pl:
|
||||
* Fix "Use of uninitialized value within %state_table" warning
|
||||
when reloading.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 07 Oct 2014 11:31:45 +0200
|
||||
|
||||
arpsponge (3.17) unstable; urgency=low
|
||||
|
||||
[2014-09-23] - steven (r317-r319)
|
||||
=> lib/M6/ReadLine.pm:
|
||||
* Ignore SIGPIPE when piping to the $PAGER.
|
||||
=> lib/M6/ARP/Log.pm:
|
||||
* Export log_debug() as well.
|
||||
=> sbin/arpsponge.pl:
|
||||
* Fix setting of log_level on startup.
|
||||
|
||||
[2014-09-24] - steven (r320-r333)
|
||||
=> lib/M6/ARP/Const.pm:
|
||||
* Fix quoting in diagnostic message in parse_update_flags.
|
||||
=> lib/M6/ARP/Log.pm:
|
||||
* Re-order some variable declarations. Use "reverse" to turn the
|
||||
int/string hash on its head.
|
||||
=> sbin/arpsponge.pl:
|
||||
* The "M6::ARP::Sponge" object has no log_*() methods, so don't
|
||||
try to use them.
|
||||
=> lib/M6/ARP/Log.pm:
|
||||
* Export print_log_level() as well.
|
||||
* Forgot the "reverse" the assignment to %STR_TO_LOGLEVEL.
|
||||
=> lib/M6/ARP/Event.pm:
|
||||
* Add M6::Log::Event for event specific logging.
|
||||
=> lib/M6/ARP/Control/Server.pm, lib/M6/ARP/Sponge.pm,
|
||||
=> sbin/arpsponge.pl, sbin/asctl.pl:
|
||||
* Use the M6::ARP::Event module for event specific
|
||||
logging/filtering. Add asctl support for event filtering.
|
||||
=> lib/M6/ARP/Control/Server.pm:
|
||||
* Use M6::ARP::Event.
|
||||
=> lib/M6/ARP/Makefile:
|
||||
* Add Event.pm to Makefile.
|
||||
=> lib/M6/ARP/Event.pm, lib/M6/ARP/Log.pm:
|
||||
* Remove prototypes where possible. Fix other prototypes to fold
|
||||
$fmt in @args.
|
||||
=> sbin/arpsponge.pl:
|
||||
* Parse the loglevel argument before trying to set it...
|
||||
=> sbin/asctl.pl:
|
||||
* Parse set_log_mask arguments based on the current log_mask, so
|
||||
we can do "set log_mask !alien" to subtract only "alien" from
|
||||
the current mask or "set log_mask +sponge" to add "sponge" to
|
||||
the current mask.
|
||||
=> lib/M6/ARP/Event.pm:
|
||||
* When using the EVENT macros as keys in a hash, make sure to
|
||||
tack on "()", lest Perl will turn them into strings. Parse
|
||||
event mask against current setting.
|
||||
=> sbin/arpsponge.pl, sbin/asctl.pl:
|
||||
* Add log_mask to POD info.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 24 Sep 2014 18:23:22 +0200
|
||||
|
||||
arpsponge (3.16) unstable; urgency=low
|
||||
|
||||
[2014-07-21] - steven (r315)
|
||||
=> defaults.sample.src, init.d/arpsponge.sh, sbin/arpsponge.pl:
|
||||
* Add "DISABLED" variable to init script and defaults. Fix
|
||||
arpsponge POD to sort the init script variables.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Mon, 21 Jul 2014 10:36:55 +0200
|
||||
|
||||
arpsponge (3.15.1) unstable; urgency=low
|
||||
|
||||
[2014-06-10] - steven (r312)
|
||||
=> MANIFEST:
|
||||
* Add TODO and debian/changelog.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 10 Jun 2014 13:50:27 +0200
|
||||
|
||||
arpsponge (3.15) unstable; urgency=low
|
||||
|
||||
[2014-05-12] - steven (r304-r310)
|
||||
=> sbin/arpsponge.pl, sbin/asctl.pl:
|
||||
* Update POD. Cross-reference ARP update flags between
|
||||
arpsponge and asctl.
|
||||
=> init.d/arpsponge.sh:
|
||||
* Make "start" and "restart" do a re-read of the state table as
|
||||
well. Add a "flush" action to do a daemon restart with clean
|
||||
state table. Add "help" action to show more help.
|
||||
* Include SWEEP_AT_START option (--sweep-at-start).
|
||||
=> sbin/arpsponge.pl:
|
||||
* Add --sweep-at-start option.
|
||||
* Tag manual and auto informs differently in the log.
|
||||
* Add SWEEP_AT_START to POD.
|
||||
* Make sure IP states are initialised with mtime of 0, so any
|
||||
initial sweep will sweep all silent IPs.
|
||||
* Live IPs are probed if their age is too high and they
|
||||
have no MAC address (regardless of --sweep-skip-alive).
|
||||
=> lib/M6/ARP/Sponge.pm:
|
||||
* Add optional "time" argument to "set_state".
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Mon, 12 May 2014 13:44:37 +0200
|
||||
|
||||
arpsponge (3.14) unstable; urgency=low
|
||||
|
||||
[2014-02-04] - steven (r299-r301)
|
||||
=> Get rid of "given/when".
|
||||
=> sbin/asctl.pl:
|
||||
* Check "arp_update_flags" on "inform" command.
|
||||
=> lib/M6/ARP/Control/Base.pm:
|
||||
* Fix bad grammar in POD.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 04 Feb 2014 12:28:06 +0100
|
||||
|
||||
arpsponge (3.13.1) unstable; urgency=low
|
||||
|
||||
[2013-06-03] - steven (r296)
|
||||
=> Makefile:
|
||||
* Fix DIST target!
|
||||
|
||||
[2013-12-28] - steven (r297)
|
||||
=> lib/M6/ARP/Control/Base.pm:
|
||||
* When sending data on a control socket, temporarily force
|
||||
blocking to avoid socket overflow on large data buffers
|
||||
(causing the client to miss the READY marker and thus wait
|
||||
indefinitely).
|
||||
|
||||
Found by Niels Bakker and Attilla de Groot, when running "show
|
||||
ip" on a /19.
|
||||
|
||||
This is a stop-gap, really. A malicious client could
|
||||
connect, send many requests, and never read back the
|
||||
results, causing the socket to fill up and at some point,
|
||||
the arpsponge daemon to hang.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 02 Jan 2014 15:43:15 +0100
|
||||
|
||||
arpsponge (3.13) unstable; urgency=low
|
||||
|
||||
[2012-09-12] - steven (r288)
|
||||
=> sbin/asctl.pl:
|
||||
* If the input does not come from an interactive terminal, the
|
||||
$TERM object is not initialised, so we shouldn't try to call
|
||||
methods on it.
|
||||
|
||||
[2012-10-08] - steven (r289)
|
||||
=> Makefile:
|
||||
* Fix intermediate file creation in dist making.
|
||||
|
||||
[2013-03-30] - steven (r290)
|
||||
=> sbin/arpsponge.pl:
|
||||
* POD fixes, courtesy of Chris Caputo, SIX (Seattle Internet
|
||||
Exchange).
|
||||
|
||||
[2013-05-01] - steven (r291-r293)
|
||||
=> debian/control:
|
||||
* Fixed dependency on libnetaddr-ip-perl. Dependency was
|
||||
based on AMS-IX specific local install (which was newer for
|
||||
an unrelated reason). Dependency is now on the default
|
||||
squeeze version.
|
||||
=> init.d/arpsponge.sh, lib/M6/ARP/Control/Server.pm,
|
||||
=> sbin/arpsponge.pl, sbin/asctl.pl:
|
||||
* Added patch for "--sweep-skip-alive" by Chris Caputo (SIX).
|
||||
Also added controls for run-time setting. Updated asctl's POD.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 01 May 2013 16:31:47 +0200
|
||||
|
||||
arpsponge (3.12.2) unstable; urgency=low
|
||||
|
||||
[2012-08-14] - steven (r285)
|
||||
=> sbin/arpsponge.pl:
|
||||
* Don't give "-1" as a count argument in pcap_dispatch(). If the
|
||||
box is hammered with traffic (like, 100Mb/s non-stop), it will
|
||||
starve all other tasks on other file descriptors.
|
||||
|
||||
Chose a reasonable default, that will still allow for some
|
||||
interactive response.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 14 Aug 2012 21:38:13 +0200
|
||||
|
||||
arpsponge (3.12.1) unstable; urgency=low
|
||||
|
||||
man/Makefile:
|
||||
- Fixed POD building.
|
||||
- Fixed dist building.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 20 Sep 2011 13:59:00 +0200
|
||||
|
||||
arpsponge (3.12) unstable; urgency=low
|
||||
|
||||
Changelog, debian/changelog
|
||||
- Replaced changelog with symlink to ../Changelog.
|
||||
- Changelog is now in Debian format.
|
||||
|
||||
M6::ARP::Sponge:
|
||||
- Make the "pending:" log line the same as sponging/unsponging.
|
||||
|
||||
Makefile, rules.mk:
|
||||
- Fixed "dist" target building.
|
||||
- Fixed dpkg building for "make dpkg".
|
||||
- Fixes for nroff targets. Automatic version determination.
|
||||
- Pre-format the "asctl" man page as well for the "dist" target.
|
||||
|
||||
README:
|
||||
- Updated Perl requirements.
|
||||
- Re-tabbed.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 20 Sep 2011 13:32:36 +0200
|
||||
|
||||
arpsponge (3.11) unstable; urgency=low
|
||||
|
||||
arpsponge:
|
||||
- Tiny, but significant bug in the code for sending ARP updates:
|
||||
we checked whether we had a MAC address in our ARP table for
|
||||
the target IP, but we didn't check whether it was actually ALIVE.
|
||||
|
||||
- Added an early check for non-nullness of arp_update_flags(),
|
||||
to short-circuit the nested if()s in the code for sending ARP
|
||||
updates.
|
||||
|
||||
- The "inform" command will send updates for DEAD addresses using the
|
||||
sponge's own MAC address, so we can issue "inform all about dead".
|
||||
|
||||
asctl:
|
||||
- Improved feedback format of "inform" command.
|
||||
- Better time estimation for "inform".
|
||||
- Added possibility for "inform" command to take IP filters,
|
||||
rather than just IP ranges (e.g. "inform alive about dead").
|
||||
- Check for and avoid adjacent duplicates in history list. Fixed
|
||||
filtering for "show ip pending".
|
||||
|
||||
M6::ARP::Sponge:
|
||||
- Log string for "sponging" consistent with "clearing" and
|
||||
"unsponging" now.
|
||||
|
||||
Packaging:
|
||||
- Fixed binmode for utilities.
|
||||
- Remove dependency on libsys-syslog-perl, in preparation
|
||||
for debian-squeeze.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 23 Aug 2011 15:27:01 +0200
|
||||
|
||||
arpsponge (3.10-1) unstable; urgency=low
|
||||
|
||||
* 3.10 production release.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 19 Jul 2011 10:36:24 +0200
|
||||
|
||||
arpsponge (3.10-0.20) unstable; urgency=low
|
||||
|
||||
* 3.10-beta15
|
||||
|
||||
asctl:
|
||||
- Parse a little more loosely on the status file. Initialize
|
||||
counters for STATIC as well.
|
||||
|
||||
M6::ReadLine:
|
||||
- print_output should not append a newline if the text is
|
||||
all empty.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 07 Jul 2011 17:48:21 +0200
|
||||
|
||||
arpsponge (3.10-0.19) unstable; urgency=low
|
||||
|
||||
* Added dependency on libterm-readkey-perl
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 7 Jul 2011 17:22:14 +0200
|
||||
|
||||
arpsponge (3.10-0.18) unstable; urgency=low
|
||||
|
||||
* 3.10-beta14
|
||||
|
||||
M6::ReadLine:
|
||||
- Use of $PAGER only if output is a terminal and we are
|
||||
using ReadLine.
|
||||
- Make sure print_output returns sensible values.
|
||||
|
||||
asctl:
|
||||
- Dump status command can now also dump to arbitrary file; the
|
||||
client will take care of parsing and writing.
|
||||
|
||||
- More appropriate exit status (in case of non-interactive run,
|
||||
exits with 0 only if the command was successful).
|
||||
|
||||
- Better error formatting. Moved fmt_text from asctl to
|
||||
M6::ReadLine.
|
||||
|
||||
- Added --quiet option.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 07 Jul 2011 16:39:31 +0200
|
||||
|
||||
arpsponge (3.10-0.17) unstable; urgency=low
|
||||
|
||||
* 3.10-beta13
|
||||
|
||||
init.d/arpsponge:
|
||||
- Dump status before stopping as well.
|
||||
|
||||
asctl:
|
||||
- Fix reply mapping/splitting in asctl. Fix typo in comments in
|
||||
arpsponge.
|
||||
|
||||
M6::ARP::Queue:
|
||||
- Added level of indirection in Queue data. Object hash was
|
||||
storing max_depth parameter and ip queues at the same level,
|
||||
causing problems when clear_all was called.
|
||||
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 06 Jul 2011 17:00:32 +0200
|
||||
|
||||
arpsponge (3.10-0.16) unstable; urgency=low
|
||||
|
||||
* 3.10-beta12
|
||||
|
||||
arpsponge:
|
||||
- Don't clear is_dummy() when running as a daemon.
|
||||
- It's $eth_obj->{dest_mac} instead of "dst_mac"...
|
||||
- The init_state() function is now called with an integer
|
||||
argument (i.e. already translated state), but was still trying
|
||||
to look up the state in a hash, resulting in state "undef" for
|
||||
all IPs (i.e. equivalent to state NONE).
|
||||
- Added note about status loading in POD.
|
||||
|
||||
asctl:
|
||||
- Added "load status" and "dump status" to asctl.
|
||||
|
||||
lib/M6/ReadLine.pm:
|
||||
- Add argument type "filename" and filename completion.
|
||||
- Added a "yesno" prompting interface:
|
||||
if (yesno("question", "yN")) { ... }
|
||||
|
||||
init.d/arpsponge:
|
||||
- (Force-)reload now causes the state to be re-read.
|
||||
- Fixed use of "ls" to find files.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 6 Jul 2011 11:31:39 +0200
|
||||
|
||||
arpsponge (3.10-0.15) unstable; urgency=low
|
||||
|
||||
* 3.10-beta11
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 23 Jun 2011 12:28:15 +0200
|
||||
|
||||
arpsponge (3.10-0.14) unstable; urgency=low
|
||||
|
||||
* Minor fix for dummy mode.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 23 Jun 2011 12:18:56 +0200
|
||||
|
||||
arpsponge (3.10-0.13) unstable; urgency=low
|
||||
|
||||
* 3.10-beta10
|
||||
|
||||
lib/M6/ARP/Const.pm:
|
||||
- Added is_valid_state to the exportable functions list.
|
||||
|
||||
debian/control:
|
||||
- Added extra dependencies.
|
||||
|
||||
arpsponge:
|
||||
- Added extra info for arp spoofing log messages (dst mac).
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 23 Jun 2011 11:23:49 +0200
|
||||
|
||||
arpsponge (3.10-0.12) unstable; urgency=low
|
||||
|
||||
* 3.10-beta9
|
||||
|
||||
asctl:
|
||||
- Fixed POD and help.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 22 Jun 2011 10:50:14 +0200
|
||||
|
||||
arpsponge (3.10-0.11) unstable; urgency=low
|
||||
|
||||
* 3.10-beta8 (see entry below)
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 14 Jun 2011 15:49:27 +0200
|
||||
|
||||
arpsponge (3.10-0.10) unstable; urgency=low
|
||||
|
||||
* 3.10-beta7/beta8
|
||||
|
||||
arpsponge, asctl:
|
||||
- Added arp_update_flags to specify how to force neighbor
|
||||
cache updates.
|
||||
- Added log_level to specify the minimum log level.
|
||||
- Split off some of the output from "show status" to new
|
||||
"show parameters".
|
||||
- Added "set log_level".
|
||||
|
||||
asctl:
|
||||
- Parameter names for "set" now use underscores
|
||||
instead of hyphens.
|
||||
|
||||
general:
|
||||
- Logging split off into separate module (M6::ARP::Log).
|
||||
- Rename verbose/sverbose to log_verbose, log_sverbose.
|
||||
- State and update flag definitions defined in separate module
|
||||
(M6::ARP::Const), making it easier for server and client
|
||||
to share these values.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 14 Jun 2011 12:10:10 +0200
|
||||
|
||||
arpsponge (3.10-0.9) unstable; urgency=low
|
||||
|
||||
* 3.10-beta6
|
||||
|
||||
arpsponge:
|
||||
* The actual select/dispatch bit has been split off
|
||||
from packet_capture_loop() into handle_input().
|
||||
* Instead of calling sleep() between sending packets,
|
||||
the probe/sweep loops use handle_input() so they can
|
||||
still process packets/commands during their idle moments.
|
||||
This hopefully reduces the chances of missing ARP replies
|
||||
and keeps the sponge responsive during probe/sweep runs,
|
||||
even if the proberate is set low.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 09 Jun 2011 16:50:15 +0200
|
||||
|
||||
arpsponge (3.10-0.8) unstable; urgency=low
|
||||
|
||||
* 3.10-beta5
|
||||
|
||||
asctl:
|
||||
* Small fix in asctl for "ping" command arguments.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 8 Jun 2011 16:16:13 +0200
|
||||
|
||||
arpsponge (3.10-0.7) unstable; urgency=low
|
||||
|
||||
* 3.10-beta4
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Fri, 13 May 2011 15:20:37 +0200
|
||||
|
||||
arpsponge (3.10-0.6) unstable; urgency=low
|
||||
|
||||
* 3.10-beta3
|
||||
|
||||
general:
|
||||
* Added dependency on Term::ReadLine::Gnu.
|
||||
|
||||
asctl:
|
||||
* Always use STDIN and STDOUT as in/output in Term::ReadLine.
|
||||
* Fix verbosity in the face of interactiveness.
|
||||
* Non-interactivity implies no ReadLine.
|
||||
* Make sure history is read and written.
|
||||
* Match prefixes for commands and arguments.
|
||||
* Output/Error messages more consistent.
|
||||
|
||||
arpsponge:
|
||||
* Control socket permissions.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Mon, 09 May 2011 15:19:15 +0200
|
||||
|
||||
arpsponge (3.10-0.5) unstable; urgency=high
|
||||
|
||||
* 3.10-beta2
|
||||
|
||||
Code cleanups all around.
|
||||
|
||||
Major changes:
|
||||
|
||||
* AV Feature request implemented.
|
||||
|
||||
Some routers do not update their ARP cache when an
|
||||
IP gets unsponged. There are two cases in which this
|
||||
can happen:
|
||||
|
||||
1. A and B have a direct peering. A goes down, address gets
|
||||
sponged. B ARPs for A, gets the sponge's MAC and starts
|
||||
trying to set up BGP sessions to it (port 179 SYN). When
|
||||
A comes back, B for some reason does not update its ARP
|
||||
cache and continues to think A is behind the sponge's MAC.
|
||||
|
||||
We're not sure why this happens. Normally, A would try to
|
||||
re-establish its peerings as well (often also sending out
|
||||
a gratuitous ARP), and B should quickly find out A's new address,
|
||||
since it's getting BGP SYNs from it. Perhaps A has its peerings
|
||||
configured in passive mode and doesn't send gratuitous ARPs, but
|
||||
then, most routers ARP for their peer before attempting to
|
||||
connect. In this case, B apparently doesn't ARP for A (or it would
|
||||
find out A's real address), but rather it seems to hold on to
|
||||
the cached (sponged) ARP entry until it times out.
|
||||
|
||||
2. There is no direct BGP session between A and B, but they exchange
|
||||
prefixes over a routeserver instead, AND the data flow is only in
|
||||
one direction (i.e. asymmetric routing):
|
||||
|
||||
->-> [C] >->-
|
||||
/ \
|
||||
| |
|
||||
(data) | -<-<-<-<-<-<- |
|
||||
|/ \|
|
||||
[A] [B]
|
||||
\ /
|
||||
(BGP) -<-> [RS] <->
|
||||
|
||||
If A gets sponged, RS loses the peering with A, and
|
||||
will withdraw A's routes, so B will stop sending
|
||||
traffic to A.
|
||||
|
||||
Now, when A gets back, it will re-establish its direct
|
||||
peering sessions, updating its peers' ARP caches appropriately
|
||||
(including that of RS).
|
||||
|
||||
If, however, for some reason, B got hold of the sponged
|
||||
mapping while A was down, it will start sending traffic
|
||||
to the sponge thinking it is using A as next-hop. It will
|
||||
continue doing so until its ARP entry for A times out.
|
||||
|
||||
AFAICS, this can happen only for two reasons:
|
||||
|
||||
* B's ARP entry for A timed out and it was somehow
|
||||
attempting to send traffic to A. This would indicate
|
||||
a (probably very) slow withdrawal of A's prefixes by
|
||||
RS, or (more likely), someone trying to ping A from
|
||||
behind B.
|
||||
|
||||
* B picked up the gratuitous ARP from the sponge. When A
|
||||
came back it (A) did _not_ send a gratuitous ARP, so
|
||||
B still thinks A is at the sponge's HW address.
|
||||
|
||||
Given the usual configuration of a 4 hour ARP timeout,
|
||||
the first scenario is not so likely.
|
||||
|
||||
In any case: in order to fix this, we need to update B's ARP cache.
|
||||
In order to do that, we need to know A's IP address. Unfortunately,
|
||||
in case "2" we cannot know that, since there is no BGP traffic
|
||||
between the two, so the destination IP is that of the final
|
||||
destination.
|
||||
|
||||
In case "1" however, it's easy: the destination IP is that of A.
|
||||
|
||||
Now, how do we update B's ARP cache? One way is by sending a
|
||||
gratuitous arp on behalf of A. However, this is yet another
|
||||
broadcast, which is exactly what we're trying to avoid.
|
||||
|
||||
Therefore, we fake two unicast ARP packets from A. When
|
||||
misdirected IP traffic ends up at the sponge, it will
|
||||
send two ARP packets back to the source: a unicast reply
|
||||
followed by a unicast request in the hopes that one of these
|
||||
will trigger an update of the ARP entry at the other side:
|
||||
|
||||
ARP <IP-A> IS AT <MAC-A>
|
||||
ARP WHO HAS <B> TELL <IP-A>@<MAC-A>
|
||||
|
||||
Testing suggests that Linux's ARP cache responds to the unicast
|
||||
request, but not the reply. Still, the request above would result
|
||||
in a reply from B back to A (who actually didn't initiate the
|
||||
request). We could try:
|
||||
|
||||
ARP WHO HAS <A> TELL <IP-A>@<MAC-A>
|
||||
|
||||
I.e., a unicast proxy gratuitous ARP request :-)
|
||||
|
||||
* UNIX control socket for the daemon.
|
||||
* asctl and aslogtail "clients" for the control socket.
|
||||
|
||||
* Speed improvements:
|
||||
* IP and MAC addresses are kept as hexstrings internally.
|
||||
* Packet decoding now done using self-written code to prevent
|
||||
binary -> dotted-quat -> hex translations.
|
||||
|
||||
arpsponge:
|
||||
|
||||
* Signals are now masked with sigprocmask().
|
||||
* Reworked event loop for more accurate timing.
|
||||
* Fixed set_pending/incr_pending so it will log per
|
||||
pending update.
|
||||
* The "notify" socket has been removed. There is now a UNIX control
|
||||
socket that can be used to send commands and receive log events.
|
||||
* Default "rundir" (--rundir) used to set default values for
|
||||
statusfile, pidfile and control socket.
|
||||
* --daemon=pidfile replaced by --[no]daemon and --pidfile=file
|
||||
* Restored --verbose and --dummy functionality.
|
||||
|
||||
asctl, aslogtail:
|
||||
|
||||
* new
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 26 Apr 2011 16:52:17 +0200
|
||||
|
||||
arpsponge (3.10-0.4) unstable; urgency=high
|
||||
|
||||
* 3.10-beta
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Fri, 22 Apr 2011 17:43:08 +0200
|
||||
|
||||
arpsponge (3.10-0.3) unstable; urgency=high
|
||||
|
||||
* 3.10-alpha2
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 10 Aug 2010 17:03:35 +0200
|
||||
|
||||
arpsponge (3.10-0.2) unstable; urgency=high
|
||||
|
||||
* 3.10-alpha
|
||||
|
||||
* 17.nov.2010 - steven
|
||||
|
||||
Backported fixes from mon-eun-014 for the signal handling.
|
||||
|
||||
Notify FIFO no longer default on init startup.
|
||||
|
||||
More robust init script. Don't execute the daemon if
|
||||
SPONGE_DEBUG or SPONGE_DUMMY is set.
|
||||
|
||||
* 07.oct.2010 - steven
|
||||
|
||||
Added flood protection by limiting the significance of
|
||||
ARP queries if they all come from the same source.
|
||||
|
||||
Add src_ip to the queue as well, and when the queue is full, collapse
|
||||
entries of the same source if they are timed too closely together
|
||||
(less than 1/$flood_protection_rate).
|
||||
|
||||
* Take list:
|
||||
[t0, s1], [t1, s2], [t2, s2], [t3, s1], [t4, s2], [t5, s2]
|
||||
|
||||
* Sort by SRC, then TIMESTAMP:
|
||||
[t0, s1], [t3, s1], [t1, s2], [t2, s2], [t4, s2], [t5, s2]
|
||||
|
||||
* Reduce closely spaced entries from the same SRC:
|
||||
[t0, s1], [t3, s1], [t1, s2], [t4, s2]
|
||||
|
||||
* Sort by TIMESTAMP again:
|
||||
[t0, s1], [t1, s2], [t3, s1], [t4, s2]
|
||||
|
||||
Advantage: works even if multiple sources are spamming us with
|
||||
ARP queries. Flood protection overhead only kicks in when queue
|
||||
is full and apparent rate (i.e. pre-reduce) > max-rate.
|
||||
|
||||
Disadvantage: more state to keep, more processing when queue is
|
||||
full.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 10 Aug 2010 17:03:35 +0200
|
||||
|
||||
arpsponge (3.9.5-3) unstable; urgency=high
|
||||
|
||||
* 10.aug.2010 - steven
|
||||
- Added LSB headers for init script.
|
||||
- Added post/pre scripts to make initscript handling smooth.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 10 Aug 2010 17:03:35 +0200
|
||||
|
||||
arpsponge (3.9.4-1) unstable; urgency=high
|
||||
|
||||
* 12.apr.2010 - steven
|
||||
Remove useless reference to Net::PcapUtils from Sponge.pm.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Mon, 12 Apr 2010 10:36:21 +0200
|
||||
|
||||
arpsponge (3.9.3-1) unstable; urgency=high
|
||||
|
||||
* Signals set flags. These flags get evaluated before a packet is
|
||||
processed. This might solve the crashes since Debian Etch.
|
||||
This change was made after a hint from dvorak.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 8 Apr 2010 19:07:58 +0200
|
||||
|
||||
arpsponge (3.9.2-2) unstable; urgency=high
|
||||
|
||||
* Changed architecture to "all" (instead of "any").
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 7 Apr 2010 22:52:35 +0200
|
||||
|
||||
arpsponge (3.9.2) unstable; urgency=high
|
||||
|
||||
* See upstream Changelog.
|
||||
|
||||
-- Arien Vijn <arien.vijn@ams-ix.net> Sat, 26 Jan 2007 22:00:00 +0100
|
||||
|
||||
arpsponge (3.9.1) unstable; urgency=low
|
||||
|
||||
* Pretty stupid bug in init.d script. Called the sponge with:
|
||||
|
||||
--queuedepth=${QUEUE_DEPTH}
|
||||
--queuedepth=${RATE}
|
||||
|
||||
Obviously, the second option should have been "--rate"; this
|
||||
caused the production install to run with a queue depth of 50,
|
||||
which works miraculously well. ;-)
|
||||
|
||||
* Added the PROBERATE variable.
|
||||
|
||||
* Added defaults.sample file.
|
||||
|
||||
* Added some more info in do_status.
|
||||
|
||||
* Fine-tuned logging information. For instance, a log entry is
|
||||
printed when we clear a pending entry.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Wed, 26 Oct 2005 12:07:00 +0200
|
||||
|
||||
arpsponge (3.9) unstable; urgency=low
|
||||
|
||||
* Something (syslog?) is causing clone() calls, which exit using
|
||||
EXIT{} block which tends to unlink() the PID file :-(
|
||||
Traces seem to indicate that the clone()-d process is connected
|
||||
to syslog, since it opens "/dev/console" which is typically a
|
||||
last resort for failed syslog() connections.
|
||||
|
||||
As a first fix, I modified the EXIT{} block to only unlink()
|
||||
the pid file if the pid of the current process ($$) matches
|
||||
that of the master ($wrote_pid).
|
||||
|
||||
Second, I modified the code a bit to also log when dumping
|
||||
status (if no filename is set, it will use /dev/null), and
|
||||
to log a summary of the status.
|
||||
|
||||
Finally, the "probed 0 IP addresses" messages should have
|
||||
gone from the log now...
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Mon, 24 Oct 2005 15:23:00 +0200
|
||||
|
||||
arpsponge (3.8) unstable; urgency=low
|
||||
|
||||
* Updated init script to move away from $SPONGE_OPTS and have a
|
||||
more flexible set-up using separate variables which can be
|
||||
overridden in the individual interface files.
|
||||
|
||||
This breaks the old syntax! Instead of a single string
|
||||
in /etc/default/arpsponge/ethX (namely the network/prefix),
|
||||
we need to define "NETWORK=network/prefix". It is also possible
|
||||
to override the device "ethX" by setting "DEVICE".
|
||||
|
||||
* Added POD documentation for the new init set-up.
|
||||
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Wed, 19 Oct 2005 23:25:00 +0200
|
||||
|
||||
arpsponge (3.7) unstable; urgency=low
|
||||
|
||||
* Fixed the f*cking call to f*cking Net::ARP::get_mac($dev, $mac).
|
||||
It never wanted a reference as the second parameter, which
|
||||
is bad enough in itself, but newer versions don't like an
|
||||
undef or empty value for $mac either :-(
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Fri, 30 Sep 2005 18:10:00 +0200
|
||||
|
||||
arpsponge (3.6.4-1) unstable; urgency=low
|
||||
|
||||
* Dependency fixes.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Fri, 30 Sep 2005 17:49:00 +0200
|
||||
|
||||
arpsponge (3.6.4) unstable; urgency=low
|
||||
|
||||
* Fixed POD section for --init. In the OPTIONS section, it was
|
||||
missing the "NONE".
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Thu, 28 Jul 2005 12:41:00 +0200
|
||||
|
||||
arpsponge (3.6.3) unstable; urgency=low
|
||||
|
||||
* See upstream Changelog.
|
||||
* Fixed POD comments regarding LEARN state. Added check for
|
||||
--dummy and --daemon (mutually exclusive). Added comment
|
||||
about this in POD.
|
||||
* Added some verbosity in M6::ARP::Sponge::set_alive().
|
||||
|
||||
* Fixed verbosity in do_learn.
|
||||
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Wed, 20 Jul 2005 13:11:00 +0200
|
||||
|
||||
arpsponge (3.6.2) unstable; urgency=low
|
||||
|
||||
* Fixed "rate" calculation. Off-by-one error spoiled the calculation :-(
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Mon, 11 Jul 2005 13:11:00 +0200
|
||||
|
||||
arpsponge (3.6.1) unstable; urgency=low
|
||||
|
||||
* Four ways to initialise the program:
|
||||
* --init=DEAD
|
||||
* --init=ALIVE
|
||||
* --init=PENDING
|
||||
* --init=NONE
|
||||
|
||||
* LEARN state does not probe, only listen.
|
||||
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Mon, 27 Jun 2005 14:01:34 +0200
|
||||
|
||||
arpsponge (3.5) unstable; urgency=low
|
||||
|
||||
* Incorporated Arien's ideas:
|
||||
|
||||
* Start in LEARN state, where we probe every second or so, for
|
||||
"--learn" times. During this period, we do not sponge addresses,
|
||||
we only probe and learn.
|
||||
* Rewrote the handling of pending addresses. Pending addresses are
|
||||
now probed once per second for max_pending times. The previous
|
||||
behaviour was to probe a pending IP whenever an ARP query for it
|
||||
came in. If the incoming rate is high enough, we exhaust our pending
|
||||
probes before the target IP has a chance to answer.
|
||||
|
||||
* Added ARP rating through the "--proberate" option. Throwing ARP
|
||||
queries at the interface at full CPU speed causes many packets to
|
||||
be dropped, whether it's at the interface, the LAN (switch), or
|
||||
the receiving end. Besides, broadcast storms are the very thing
|
||||
we are trying to avoid here.
|
||||
|
||||
* --dummy now sends probes, but never sponged answers. Previously
|
||||
it was not sending probes either, making it difficult to test the
|
||||
sweeping/probing code.
|
||||
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Thu, 12 May 2005 16:35:00 +0200
|
||||
|
||||
arpsponge (3.4.1-1) unstable; urgency=low
|
||||
|
||||
* Logging fixes. One log line for a sponge event.
|
||||
* Also log/notify for "pending" states.
|
||||
* Various POD fixes.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Tue, 10 May 2005 14:25:00 +0200
|
||||
|
||||
arpsponge (3.4-2) unstable; urgency=low
|
||||
|
||||
* Renamed to "arpsponge" to prevent lawsuits :-)
|
||||
* Cleaned up a bunch of stub files in the debian directory.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Mon, 09 May 2005 18:03:00 +0200
|
||||
|
||||
arpsponge (3.3.2-1) unstable; urgency=low
|
||||
|
||||
* "misfit" ARPs now get their src MAC logged as well.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Tue, 03 May 2005 13:15:00 +0200
|
||||
|
||||
arpsponge (3.3.1-1) unstable; urgency=low
|
||||
|
||||
* Added check for "misfit" ARPs and logging of those.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Tue, 03 May 2005 13:15:00 +0200
|
||||
|
||||
arpsponge (3.3-1) unstable; urgency=low
|
||||
|
||||
* Added "HUP" signal to arpswiffer. Added README file.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Tue, 03 May 2005 11:48:00 +0200
|
||||
|
||||
arpsponge (3.2-1) unstable; urgency=low
|
||||
|
||||
* Sponge.pm "set_alive" needs to check for local IP, otherwise the
|
||||
state table gets contaminated.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Sun, 01 May 2005 11:48:00 +0200
|
||||
|
||||
arpsponge (3.1-1) unstable; urgency=low
|
||||
|
||||
* Properly Debianized.
|
||||
* Added code to recognize the duplicate detection packets from
|
||||
DHCP clients.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Sat, 30 Apr 2005 22:43:05 +0200
|
1
debian/changelog
vendored
1
debian/changelog
vendored
@ -1 +0,0 @@
|
||||
../Changelog
|
893
debian/changelog
vendored
Normal file
893
debian/changelog
vendored
Normal file
@ -0,0 +1,893 @@
|
||||
arpsponge (3.17.4) unstable; urgency=low
|
||||
|
||||
[2014-11-24] - steven (r348)
|
||||
=> init.d/arpsponge.sh:
|
||||
* Fix "status" to exit with appropriate code when there's no
|
||||
sponge running. Also don't try to send a USR1 signal when not
|
||||
running as root.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Mon, 24 Nov 2014 15:12:52 +0100
|
||||
|
||||
arpsponge (3.17.3-2) unstable; urgency=low
|
||||
|
||||
[2014-10-23] - steven (r346)
|
||||
=> debian/arpsponge.init, debian/conffiles:
|
||||
* Fix init file reference.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 23 Oct 2014 10:19:45 +0200
|
||||
|
||||
arpsponge (3.17.3-1) unstable; urgency=low
|
||||
|
||||
[2014-10-23] - steven (r343-r344)
|
||||
=> init.d/arpsponge.sh:
|
||||
* Use "/bin/sh" instead of "/bin/bash" for init script.
|
||||
=> defaults.sample.src, sbin/arpsponge.pl:
|
||||
* Add support/doc for LOGMASK init variable.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 23 Oct 2014 10:16:15 +0200
|
||||
|
||||
arpsponge (3.17.2) unstable; urgency=high
|
||||
|
||||
[2014-10-22] - steven (r338)
|
||||
=> lib/M6/ARP/Event.pm:
|
||||
* Export event_err instead of event_errr.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 22 Oct 2014 17:04:26 +0200
|
||||
|
||||
arpsponge (3.17.1) unstable; urgency=low
|
||||
|
||||
[2014-10-07] - steven (r336)
|
||||
=> sbin/asctl.pl:
|
||||
* Fix "Use of uninitialized value within %state_table" warning
|
||||
when reloading.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 07 Oct 2014 11:31:45 +0200
|
||||
|
||||
arpsponge (3.17) unstable; urgency=low
|
||||
|
||||
[2014-09-23] - steven (r317-r319)
|
||||
=> lib/M6/ReadLine.pm:
|
||||
* Ignore SIGPIPE when piping to the $PAGER.
|
||||
=> lib/M6/ARP/Log.pm:
|
||||
* Export log_debug() as well.
|
||||
=> sbin/arpsponge.pl:
|
||||
* Fix setting of log_level on startup.
|
||||
|
||||
[2014-09-24] - steven (r320-r333)
|
||||
=> lib/M6/ARP/Const.pm:
|
||||
* Fix quoting in diagnostic message in parse_update_flags.
|
||||
=> lib/M6/ARP/Log.pm:
|
||||
* Re-order some variable declarations. Use "reverse" to turn the
|
||||
int/string hash on its head.
|
||||
=> sbin/arpsponge.pl:
|
||||
* The "M6::ARP::Sponge" object has no log_*() methods, so don't
|
||||
try to use them.
|
||||
=> lib/M6/ARP/Log.pm:
|
||||
* Export print_log_level() as well.
|
||||
* Forgot the "reverse" the assignment to %STR_TO_LOGLEVEL.
|
||||
=> lib/M6/ARP/Event.pm:
|
||||
* Add M6::Log::Event for event specific logging.
|
||||
=> lib/M6/ARP/Control/Server.pm, lib/M6/ARP/Sponge.pm,
|
||||
=> sbin/arpsponge.pl, sbin/asctl.pl:
|
||||
* Use the M6::ARP::Event module for event specific
|
||||
logging/filtering. Add asctl support for event filtering.
|
||||
=> lib/M6/ARP/Control/Server.pm:
|
||||
* Use M6::ARP::Event.
|
||||
=> lib/M6/ARP/Makefile:
|
||||
* Add Event.pm to Makefile.
|
||||
=> lib/M6/ARP/Event.pm, lib/M6/ARP/Log.pm:
|
||||
* Remove prototypes where possible. Fix other prototypes to fold
|
||||
$fmt in @args.
|
||||
=> sbin/arpsponge.pl:
|
||||
* Parse the loglevel argument before trying to set it...
|
||||
=> sbin/asctl.pl:
|
||||
* Parse set_log_mask arguments based on the current log_mask, so
|
||||
we can do "set log_mask !alien" to subtract only "alien" from
|
||||
the current mask or "set log_mask +sponge" to add "sponge" to
|
||||
the current mask.
|
||||
=> lib/M6/ARP/Event.pm:
|
||||
* When using the EVENT macros as keys in a hash, make sure to
|
||||
tack on "()", lest Perl will turn them into strings. Parse
|
||||
event mask against current setting.
|
||||
=> sbin/arpsponge.pl, sbin/asctl.pl:
|
||||
* Add log_mask to POD info.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 24 Sep 2014 18:23:22 +0200
|
||||
|
||||
arpsponge (3.16) unstable; urgency=low
|
||||
|
||||
[2014-07-21] - steven (r315)
|
||||
=> defaults.sample.src, init.d/arpsponge.sh, sbin/arpsponge.pl:
|
||||
* Add "DISABLED" variable to init script and defaults. Fix
|
||||
arpsponge POD to sort the init script variables.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Mon, 21 Jul 2014 10:36:55 +0200
|
||||
|
||||
arpsponge (3.15.1) unstable; urgency=low
|
||||
|
||||
[2014-06-10] - steven (r312)
|
||||
=> MANIFEST:
|
||||
* Add TODO and debian/changelog.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 10 Jun 2014 13:50:27 +0200
|
||||
|
||||
arpsponge (3.15) unstable; urgency=low
|
||||
|
||||
[2014-05-12] - steven (r304-r310)
|
||||
=> sbin/arpsponge.pl, sbin/asctl.pl:
|
||||
* Update POD. Cross-reference ARP update flags between
|
||||
arpsponge and asctl.
|
||||
=> init.d/arpsponge.sh:
|
||||
* Make "start" and "restart" do a re-read of the state table as
|
||||
well. Add a "flush" action to do a daemon restart with clean
|
||||
state table. Add "help" action to show more help.
|
||||
* Include SWEEP_AT_START option (--sweep-at-start).
|
||||
=> sbin/arpsponge.pl:
|
||||
* Add --sweep-at-start option.
|
||||
* Tag manual and auto informs differently in the log.
|
||||
* Add SWEEP_AT_START to POD.
|
||||
* Make sure IP states are initialised with mtime of 0, so any
|
||||
initial sweep will sweep all silent IPs.
|
||||
* Live IPs are probed if their age is too high and they
|
||||
have no MAC address (regardless of --sweep-skip-alive).
|
||||
=> lib/M6/ARP/Sponge.pm:
|
||||
* Add optional "time" argument to "set_state".
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Mon, 12 May 2014 13:44:37 +0200
|
||||
|
||||
arpsponge (3.14) unstable; urgency=low
|
||||
|
||||
[2014-02-04] - steven (r299-r301)
|
||||
=> Get rid of "given/when".
|
||||
=> sbin/asctl.pl:
|
||||
* Check "arp_update_flags" on "inform" command.
|
||||
=> lib/M6/ARP/Control/Base.pm:
|
||||
* Fix bad grammar in POD.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 04 Feb 2014 12:28:06 +0100
|
||||
|
||||
arpsponge (3.13.1) unstable; urgency=low
|
||||
|
||||
[2013-06-03] - steven (r296)
|
||||
=> Makefile:
|
||||
* Fix DIST target!
|
||||
|
||||
[2013-12-28] - steven (r297)
|
||||
=> lib/M6/ARP/Control/Base.pm:
|
||||
* When sending data on a control socket, temporarily force
|
||||
blocking to avoid socket overflow on large data buffers
|
||||
(causing the client to miss the READY marker and thus wait
|
||||
indefinitely).
|
||||
|
||||
Found by Niels Bakker and Attilla de Groot, when running "show
|
||||
ip" on a /19.
|
||||
|
||||
This is a stop-gap, really. A malicious client could
|
||||
connect, send many requests, and never read back the
|
||||
results, causing the socket to fill up and at some point,
|
||||
the arpsponge daemon to hang.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 02 Jan 2014 15:43:15 +0100
|
||||
|
||||
arpsponge (3.13) unstable; urgency=low
|
||||
|
||||
[2012-09-12] - steven (r288)
|
||||
=> sbin/asctl.pl:
|
||||
* If the input does not come from an interactive terminal, the
|
||||
$TERM object is not initialised, so we shouldn't try to call
|
||||
methods on it.
|
||||
|
||||
[2012-10-08] - steven (r289)
|
||||
=> Makefile:
|
||||
* Fix intermediate file creation in dist making.
|
||||
|
||||
[2013-03-30] - steven (r290)
|
||||
=> sbin/arpsponge.pl:
|
||||
* POD fixes, courtesy of Chris Caputo, SIX (Seattle Internet
|
||||
Exchange).
|
||||
|
||||
[2013-05-01] - steven (r291-r293)
|
||||
=> debian/control:
|
||||
* Fixed dependency on libnetaddr-ip-perl. Dependency was
|
||||
based on AMS-IX specific local install (which was newer for
|
||||
an unrelated reason). Dependency is now on the default
|
||||
squeeze version.
|
||||
=> init.d/arpsponge.sh, lib/M6/ARP/Control/Server.pm,
|
||||
=> sbin/arpsponge.pl, sbin/asctl.pl:
|
||||
* Added patch for "--sweep-skip-alive" by Chris Caputo (SIX).
|
||||
Also added controls for run-time setting. Updated asctl's POD.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 01 May 2013 16:31:47 +0200
|
||||
|
||||
arpsponge (3.12.2) unstable; urgency=low
|
||||
|
||||
[2012-08-14] - steven (r285)
|
||||
=> sbin/arpsponge.pl:
|
||||
* Don't give "-1" as a count argument in pcap_dispatch(). If the
|
||||
box is hammered with traffic (like, 100Mb/s non-stop), it will
|
||||
starve all other tasks on other file descriptors.
|
||||
|
||||
Chose a reasonable default, that will still allow for some
|
||||
interactive response.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 14 Aug 2012 21:38:13 +0200
|
||||
|
||||
arpsponge (3.12.1) unstable; urgency=low
|
||||
|
||||
man/Makefile:
|
||||
- Fixed POD building.
|
||||
- Fixed dist building.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 20 Sep 2011 13:59:00 +0200
|
||||
|
||||
arpsponge (3.12) unstable; urgency=low
|
||||
|
||||
Changelog, debian/changelog
|
||||
- Replaced changelog with symlink to ../Changelog.
|
||||
- Changelog is now in Debian format.
|
||||
|
||||
M6::ARP::Sponge:
|
||||
- Make the "pending:" log line the same as sponging/unsponging.
|
||||
|
||||
Makefile, rules.mk:
|
||||
- Fixed "dist" target building.
|
||||
- Fixed dpkg building for "make dpkg".
|
||||
- Fixes for nroff targets. Automatic version determination.
|
||||
- Pre-format the "asctl" man page as well for the "dist" target.
|
||||
|
||||
README:
|
||||
- Updated Perl requirements.
|
||||
- Re-tabbed.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 20 Sep 2011 13:32:36 +0200
|
||||
|
||||
arpsponge (3.11) unstable; urgency=low
|
||||
|
||||
arpsponge:
|
||||
- Tiny, but significant bug in the code for sending ARP updates:
|
||||
we checked whether we had a MAC address in our ARP table for
|
||||
the target IP, but we didn't check whether it was actually ALIVE.
|
||||
|
||||
- Added an early check for non-nullness of arp_update_flags(),
|
||||
to short-circuit the nested if()s in the code for sending ARP
|
||||
updates.
|
||||
|
||||
- The "inform" command will send updates for DEAD addresses using the
|
||||
sponge's own MAC address, so we can issue "inform all about dead".
|
||||
|
||||
asctl:
|
||||
- Improved feedback format of "inform" command.
|
||||
- Better time estimation for "inform".
|
||||
- Added possibility for "inform" command to take IP filters,
|
||||
rather than just IP ranges (e.g. "inform alive about dead").
|
||||
- Check for and avoid adjacent duplicates in history list. Fixed
|
||||
filtering for "show ip pending".
|
||||
|
||||
M6::ARP::Sponge:
|
||||
- Log string for "sponging" consistent with "clearing" and
|
||||
"unsponging" now.
|
||||
|
||||
Packaging:
|
||||
- Fixed binmode for utilities.
|
||||
- Remove dependency on libsys-syslog-perl, in preparation
|
||||
for debian-squeeze.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 23 Aug 2011 15:27:01 +0200
|
||||
|
||||
arpsponge (3.10-1) unstable; urgency=low
|
||||
|
||||
* 3.10 production release.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 19 Jul 2011 10:36:24 +0200
|
||||
|
||||
arpsponge (3.10-0.20) unstable; urgency=low
|
||||
|
||||
* 3.10-beta15
|
||||
|
||||
asctl:
|
||||
- Parse a little more loosely on the status file. Initialize
|
||||
counters for STATIC as well.
|
||||
|
||||
M6::ReadLine:
|
||||
- print_output should not append a newline if the text is
|
||||
all empty.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 07 Jul 2011 17:48:21 +0200
|
||||
|
||||
arpsponge (3.10-0.19) unstable; urgency=low
|
||||
|
||||
* Added dependency on libterm-readkey-perl
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 7 Jul 2011 17:22:14 +0200
|
||||
|
||||
arpsponge (3.10-0.18) unstable; urgency=low
|
||||
|
||||
* 3.10-beta14
|
||||
|
||||
M6::ReadLine:
|
||||
- Use of $PAGER only if output is a terminal and we are
|
||||
using ReadLine.
|
||||
- Make sure print_output returns sensible values.
|
||||
|
||||
asctl:
|
||||
- Dump status command can now also dump to arbitrary file; the
|
||||
client will take care of parsing and writing.
|
||||
|
||||
- More appropriate exit status (in case of non-interactive run,
|
||||
exits with 0 only if the command was successful).
|
||||
|
||||
- Better error formatting. Moved fmt_text from asctl to
|
||||
M6::ReadLine.
|
||||
|
||||
- Added --quiet option.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 07 Jul 2011 16:39:31 +0200
|
||||
|
||||
arpsponge (3.10-0.17) unstable; urgency=low
|
||||
|
||||
* 3.10-beta13
|
||||
|
||||
init.d/arpsponge:
|
||||
- Dump status before stopping as well.
|
||||
|
||||
asctl:
|
||||
- Fix reply mapping/splitting in asctl. Fix typo in comments in
|
||||
arpsponge.
|
||||
|
||||
M6::ARP::Queue:
|
||||
- Added level of indirection in Queue data. Object hash was
|
||||
storing max_depth parameter and ip queues at the same level,
|
||||
causing problems when clear_all was called.
|
||||
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 06 Jul 2011 17:00:32 +0200
|
||||
|
||||
arpsponge (3.10-0.16) unstable; urgency=low
|
||||
|
||||
* 3.10-beta12
|
||||
|
||||
arpsponge:
|
||||
- Don't clear is_dummy() when running as a daemon.
|
||||
- It's $eth_obj->{dest_mac} instead of "dst_mac"...
|
||||
- The init_state() function is now called with an integer
|
||||
argument (i.e. already translated state), but was still trying
|
||||
to look up the state in a hash, resulting in state "undef" for
|
||||
all IPs (i.e. equivalent to state NONE).
|
||||
- Added note about status loading in POD.
|
||||
|
||||
asctl:
|
||||
- Added "load status" and "dump status" to asctl.
|
||||
|
||||
lib/M6/ReadLine.pm:
|
||||
- Add argument type "filename" and filename completion.
|
||||
- Added a "yesno" prompting interface:
|
||||
if (yesno("question", "yN")) { ... }
|
||||
|
||||
init.d/arpsponge:
|
||||
- (Force-)reload now causes the state to be re-read.
|
||||
- Fixed use of "ls" to find files.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 6 Jul 2011 11:31:39 +0200
|
||||
|
||||
arpsponge (3.10-0.15) unstable; urgency=low
|
||||
|
||||
* 3.10-beta11
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 23 Jun 2011 12:28:15 +0200
|
||||
|
||||
arpsponge (3.10-0.14) unstable; urgency=low
|
||||
|
||||
* Minor fix for dummy mode.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 23 Jun 2011 12:18:56 +0200
|
||||
|
||||
arpsponge (3.10-0.13) unstable; urgency=low
|
||||
|
||||
* 3.10-beta10
|
||||
|
||||
lib/M6/ARP/Const.pm:
|
||||
- Added is_valid_state to the exportable functions list.
|
||||
|
||||
debian/control:
|
||||
- Added extra dependencies.
|
||||
|
||||
arpsponge:
|
||||
- Added extra info for arp spoofing log messages (dst mac).
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 23 Jun 2011 11:23:49 +0200
|
||||
|
||||
arpsponge (3.10-0.12) unstable; urgency=low
|
||||
|
||||
* 3.10-beta9
|
||||
|
||||
asctl:
|
||||
- Fixed POD and help.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 22 Jun 2011 10:50:14 +0200
|
||||
|
||||
arpsponge (3.10-0.11) unstable; urgency=low
|
||||
|
||||
* 3.10-beta8 (see entry below)
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 14 Jun 2011 15:49:27 +0200
|
||||
|
||||
arpsponge (3.10-0.10) unstable; urgency=low
|
||||
|
||||
* 3.10-beta7/beta8
|
||||
|
||||
arpsponge, asctl:
|
||||
- Added arp_update_flags to specify how to force neighbor
|
||||
cache updates.
|
||||
- Added log_level to specify the minimum log level.
|
||||
- Split off some of the output from "show status" to new
|
||||
"show parameters".
|
||||
- Added "set log_level".
|
||||
|
||||
asctl:
|
||||
- Parameter names for "set" now use underscores
|
||||
instead of hyphens.
|
||||
|
||||
general:
|
||||
- Logging split off into separate module (M6::ARP::Log).
|
||||
- Rename verbose/sverbose to log_verbose, log_sverbose.
|
||||
- State and update flag definitions defined in separate module
|
||||
(M6::ARP::Const), making it easier for server and client
|
||||
to share these values.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 14 Jun 2011 12:10:10 +0200
|
||||
|
||||
arpsponge (3.10-0.9) unstable; urgency=low
|
||||
|
||||
* 3.10-beta6
|
||||
|
||||
arpsponge:
|
||||
* The actual select/dispatch bit has been split off
|
||||
from packet_capture_loop() into handle_input().
|
||||
* Instead of calling sleep() between sending packets,
|
||||
the probe/sweep loops use handle_input() so they can
|
||||
still process packets/commands during their idle moments.
|
||||
This hopefully reduces the chances of missing ARP replies
|
||||
and keeps the sponge responsive during probe/sweep runs,
|
||||
even if the proberate is set low.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 09 Jun 2011 16:50:15 +0200
|
||||
|
||||
arpsponge (3.10-0.8) unstable; urgency=low
|
||||
|
||||
* 3.10-beta5
|
||||
|
||||
asctl:
|
||||
* Small fix in asctl for "ping" command arguments.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 8 Jun 2011 16:16:13 +0200
|
||||
|
||||
arpsponge (3.10-0.7) unstable; urgency=low
|
||||
|
||||
* 3.10-beta4
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Fri, 13 May 2011 15:20:37 +0200
|
||||
|
||||
arpsponge (3.10-0.6) unstable; urgency=low
|
||||
|
||||
* 3.10-beta3
|
||||
|
||||
general:
|
||||
* Added dependency on Term::ReadLine::Gnu.
|
||||
|
||||
asctl:
|
||||
* Always use STDIN and STDOUT as in/output in Term::ReadLine.
|
||||
* Fix verbosity in the face of interactiveness.
|
||||
* Non-interactivity implies no ReadLine.
|
||||
* Make sure history is read and written.
|
||||
* Match prefixes for commands and arguments.
|
||||
* Output/Error messages more consistent.
|
||||
|
||||
arpsponge:
|
||||
* Control socket permissions.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Mon, 09 May 2011 15:19:15 +0200
|
||||
|
||||
arpsponge (3.10-0.5) unstable; urgency=high
|
||||
|
||||
* 3.10-beta2
|
||||
|
||||
Code cleanups all around.
|
||||
|
||||
Major changes:
|
||||
|
||||
* AV Feature request implemented.
|
||||
|
||||
Some routers do not update their ARP cache when an
|
||||
IP gets unsponged. There are two cases in which this
|
||||
can happen:
|
||||
|
||||
1. A and B have a direct peering. A goes down, address gets
|
||||
sponged. B ARPs for A, gets the sponge's MAC and starts
|
||||
trying to set up BGP sessions to it (port 179 SYN). When
|
||||
A comes back, B for some reason does not update its ARP
|
||||
cache and continues to think A is behind the sponge's MAC.
|
||||
|
||||
We're not sure why this happens. Normally, A would try to
|
||||
re-establish its peerings as well (often also sending out
|
||||
a gratuitous ARP), and B should quickly find out A's new address,
|
||||
since it's getting BGP SYNs from it. Perhaps A has its peerings
|
||||
configured in passive mode and doesn't send gratuitous ARPs, but
|
||||
then, most routers ARP for their peer before attempting to
|
||||
connect. In this case, B apparently doesn't ARP for A (or it would
|
||||
find out A's real address), but rather it seems to hold on to
|
||||
the cached (sponged) ARP entry until it times out.
|
||||
|
||||
2. There is no direct BGP session between A and B, but they exchange
|
||||
prefixes over a routeserver instead, AND the data flow is only in
|
||||
one direction (i.e. asymmetric routing):
|
||||
|
||||
->-> [C] >->-
|
||||
/ \
|
||||
| |
|
||||
(data) | -<-<-<-<-<-<- |
|
||||
|/ \|
|
||||
[A] [B]
|
||||
\ /
|
||||
(BGP) -<-> [RS] <->
|
||||
|
||||
If A gets sponged, RS loses the peering with A, and
|
||||
will withdraw A's routes, so B will stop sending
|
||||
traffic to A.
|
||||
|
||||
Now, when A gets back, it will re-establish its direct
|
||||
peering sessions, updating its peers' ARP caches appropriately
|
||||
(including that of RS).
|
||||
|
||||
If, however, for some reason, B got hold of the sponged
|
||||
mapping while A was down, it will start sending traffic
|
||||
to the sponge thinking it is using A as next-hop. It will
|
||||
continue doing so until its ARP entry for A times out.
|
||||
|
||||
AFAICS, this can happen only for two reasons:
|
||||
|
||||
* B's ARP entry for A timed out and it was somehow
|
||||
attempting to send traffic to A. This would indicate
|
||||
a (probably very) slow withdrawal of A's prefixes by
|
||||
RS, or (more likely), someone trying to ping A from
|
||||
behind B.
|
||||
|
||||
* B picked up the gratuitous ARP from the sponge. When A
|
||||
came back it (A) did _not_ send a gratuitous ARP, so
|
||||
B still thinks A is at the sponge's HW address.
|
||||
|
||||
Given the usual configuration of a 4 hour ARP timeout,
|
||||
the first scenario is not so likely.
|
||||
|
||||
In any case: in order to fix this, we need to update B's ARP cache.
|
||||
In order to do that, we need to know A's IP address. Unfortunately,
|
||||
in case "2" we cannot know that, since there is no BGP traffic
|
||||
between the two, so the destination IP is that of the final
|
||||
destination.
|
||||
|
||||
In case "1" however, it's easy: the destination IP is that of A.
|
||||
|
||||
Now, how do we update B's ARP cache? One way is by sending a
|
||||
gratuitous arp on behalf of A. However, this is yet another
|
||||
broadcast, which is exactly what we're trying to avoid.
|
||||
|
||||
Therefore, we fake two unicast ARP packets from A. When
|
||||
misdirected IP traffic ends up at the sponge, it will
|
||||
send two ARP packets back to the source: a unicast reply
|
||||
followed by a unicast request in the hopes that one of these
|
||||
will trigger an update of the ARP entry at the other side:
|
||||
|
||||
ARP <IP-A> IS AT <MAC-A>
|
||||
ARP WHO HAS <B> TELL <IP-A>@<MAC-A>
|
||||
|
||||
Testing suggests that Linux's ARP cache responds to the unicast
|
||||
request, but not the reply. Still, the request above would result
|
||||
in a reply from B back to A (who actually didn't initiate the
|
||||
request). We could try:
|
||||
|
||||
ARP WHO HAS <A> TELL <IP-A>@<MAC-A>
|
||||
|
||||
I.e., a unicast proxy gratuitous ARP request :-)
|
||||
|
||||
* UNIX control socket for the daemon.
|
||||
* asctl and aslogtail "clients" for the control socket.
|
||||
|
||||
* Speed improvements:
|
||||
* IP and MAC addresses are kept as hexstrings internally.
|
||||
* Packet decoding now done using self-written code to prevent
|
||||
binary -> dotted-quat -> hex translations.
|
||||
|
||||
arpsponge:
|
||||
|
||||
* Signals are now masked with sigprocmask().
|
||||
* Reworked event loop for more accurate timing.
|
||||
* Fixed set_pending/incr_pending so it will log per
|
||||
pending update.
|
||||
* The "notify" socket has been removed. There is now a UNIX control
|
||||
socket that can be used to send commands and receive log events.
|
||||
* Default "rundir" (--rundir) used to set default values for
|
||||
statusfile, pidfile and control socket.
|
||||
* --daemon=pidfile replaced by --[no]daemon and --pidfile=file
|
||||
* Restored --verbose and --dummy functionality.
|
||||
|
||||
asctl, aslogtail:
|
||||
|
||||
* new
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 26 Apr 2011 16:52:17 +0200
|
||||
|
||||
arpsponge (3.10-0.4) unstable; urgency=high
|
||||
|
||||
* 3.10-beta
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Fri, 22 Apr 2011 17:43:08 +0200
|
||||
|
||||
arpsponge (3.10-0.3) unstable; urgency=high
|
||||
|
||||
* 3.10-alpha2
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 10 Aug 2010 17:03:35 +0200
|
||||
|
||||
arpsponge (3.10-0.2) unstable; urgency=high
|
||||
|
||||
* 3.10-alpha
|
||||
|
||||
* 17.nov.2010 - steven
|
||||
|
||||
Backported fixes from mon-eun-014 for the signal handling.
|
||||
|
||||
Notify FIFO no longer default on init startup.
|
||||
|
||||
More robust init script. Don't execute the daemon if
|
||||
SPONGE_DEBUG or SPONGE_DUMMY is set.
|
||||
|
||||
* 07.oct.2010 - steven
|
||||
|
||||
Added flood protection by limiting the significance of
|
||||
ARP queries if they all come from the same source.
|
||||
|
||||
Add src_ip to the queue as well, and when the queue is full, collapse
|
||||
entries of the same source if they are timed too closely together
|
||||
(less than 1/$flood_protection_rate).
|
||||
|
||||
* Take list:
|
||||
[t0, s1], [t1, s2], [t2, s2], [t3, s1], [t4, s2], [t5, s2]
|
||||
|
||||
* Sort by SRC, then TIMESTAMP:
|
||||
[t0, s1], [t3, s1], [t1, s2], [t2, s2], [t4, s2], [t5, s2]
|
||||
|
||||
* Reduce closely spaced entries from the same SRC:
|
||||
[t0, s1], [t3, s1], [t1, s2], [t4, s2]
|
||||
|
||||
* Sort by TIMESTAMP again:
|
||||
[t0, s1], [t1, s2], [t3, s1], [t4, s2]
|
||||
|
||||
Advantage: works even if multiple sources are spamming us with
|
||||
ARP queries. Flood protection overhead only kicks in when queue
|
||||
is full and apparent rate (i.e. pre-reduce) > max-rate.
|
||||
|
||||
Disadvantage: more state to keep, more processing when queue is
|
||||
full.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 10 Aug 2010 17:03:35 +0200
|
||||
|
||||
arpsponge (3.9.5-3) unstable; urgency=high
|
||||
|
||||
* 10.aug.2010 - steven
|
||||
- Added LSB headers for init script.
|
||||
- Added post/pre scripts to make initscript handling smooth.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Tue, 10 Aug 2010 17:03:35 +0200
|
||||
|
||||
arpsponge (3.9.4-1) unstable; urgency=high
|
||||
|
||||
* 12.apr.2010 - steven
|
||||
Remove useless reference to Net::PcapUtils from Sponge.pm.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Mon, 12 Apr 2010 10:36:21 +0200
|
||||
|
||||
arpsponge (3.9.3-1) unstable; urgency=high
|
||||
|
||||
* Signals set flags. These flags get evaluated before a packet is
|
||||
processed. This might solve the crashes since Debian Etch.
|
||||
This change was made after a hint from dvorak.
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Thu, 8 Apr 2010 19:07:58 +0200
|
||||
|
||||
arpsponge (3.9.2-2) unstable; urgency=high
|
||||
|
||||
* Changed architecture to "all" (instead of "any").
|
||||
|
||||
-- Steven Bakker <steven.bakker@ams-ix.net> Wed, 7 Apr 2010 22:52:35 +0200
|
||||
|
||||
arpsponge (3.9.2) unstable; urgency=high
|
||||
|
||||
* See upstream Changelog.
|
||||
|
||||
-- Arien Vijn <arien.vijn@ams-ix.net> Sat, 26 Jan 2007 22:00:00 +0100
|
||||
|
||||
arpsponge (3.9.1) unstable; urgency=low
|
||||
|
||||
* Pretty stupid bug in init.d script. Called the sponge with:
|
||||
|
||||
--queuedepth=${QUEUE_DEPTH}
|
||||
--queuedepth=${RATE}
|
||||
|
||||
Obviously, the second option should have been "--rate"; this
|
||||
caused the production install to run with a queue depth of 50,
|
||||
which works miraculously well. ;-)
|
||||
|
||||
* Added the PROBERATE variable.
|
||||
|
||||
* Added defaults.sample file.
|
||||
|
||||
* Added some more info in do_status.
|
||||
|
||||
* Fine-tuned logging information. For instance, a log entry is
|
||||
printed when we clear a pending entry.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Wed, 26 Oct 2005 12:07:00 +0200
|
||||
|
||||
arpsponge (3.9) unstable; urgency=low
|
||||
|
||||
* Something (syslog?) is causing clone() calls, which exit using
|
||||
EXIT{} block which tends to unlink() the PID file :-(
|
||||
Traces seem to indicate that the clone()-d process is connected
|
||||
to syslog, since it opens "/dev/console" which is typically a
|
||||
last resort for failed syslog() connections.
|
||||
|
||||
As a first fix, I modified the EXIT{} block to only unlink()
|
||||
the pid file if the pid of the current process ($$) matches
|
||||
that of the master ($wrote_pid).
|
||||
|
||||
Second, I modified the code a bit to also log when dumping
|
||||
status (if no filename is set, it will use /dev/null), and
|
||||
to log a summary of the status.
|
||||
|
||||
Finally, the "probed 0 IP addresses" messages should have
|
||||
gone from the log now...
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Mon, 24 Oct 2005 15:23:00 +0200
|
||||
|
||||
arpsponge (3.8) unstable; urgency=low
|
||||
|
||||
* Updated init script to move away from $SPONGE_OPTS and have a
|
||||
more flexible set-up using separate variables which can be
|
||||
overridden in the individual interface files.
|
||||
|
||||
This breaks the old syntax! Instead of a single string
|
||||
in /etc/default/arpsponge/ethX (namely the network/prefix),
|
||||
we need to define "NETWORK=network/prefix". It is also possible
|
||||
to override the device "ethX" by setting "DEVICE".
|
||||
|
||||
* Added POD documentation for the new init set-up.
|
||||
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Wed, 19 Oct 2005 23:25:00 +0200
|
||||
|
||||
arpsponge (3.7) unstable; urgency=low
|
||||
|
||||
* Fixed the f*cking call to f*cking Net::ARP::get_mac($dev, $mac).
|
||||
It never wanted a reference as the second parameter, which
|
||||
is bad enough in itself, but newer versions don't like an
|
||||
undef or empty value for $mac either :-(
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Fri, 30 Sep 2005 18:10:00 +0200
|
||||
|
||||
arpsponge (3.6.4-1) unstable; urgency=low
|
||||
|
||||
* Dependency fixes.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Fri, 30 Sep 2005 17:49:00 +0200
|
||||
|
||||
arpsponge (3.6.4) unstable; urgency=low
|
||||
|
||||
* Fixed POD section for --init. In the OPTIONS section, it was
|
||||
missing the "NONE".
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Thu, 28 Jul 2005 12:41:00 +0200
|
||||
|
||||
arpsponge (3.6.3) unstable; urgency=low
|
||||
|
||||
* See upstream Changelog.
|
||||
* Fixed POD comments regarding LEARN state. Added check for
|
||||
--dummy and --daemon (mutually exclusive). Added comment
|
||||
about this in POD.
|
||||
* Added some verbosity in M6::ARP::Sponge::set_alive().
|
||||
|
||||
* Fixed verbosity in do_learn.
|
||||
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Wed, 20 Jul 2005 13:11:00 +0200
|
||||
|
||||
arpsponge (3.6.2) unstable; urgency=low
|
||||
|
||||
* Fixed "rate" calculation. Off-by-one error spoiled the calculation :-(
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Mon, 11 Jul 2005 13:11:00 +0200
|
||||
|
||||
arpsponge (3.6.1) unstable; urgency=low
|
||||
|
||||
* Four ways to initialise the program:
|
||||
* --init=DEAD
|
||||
* --init=ALIVE
|
||||
* --init=PENDING
|
||||
* --init=NONE
|
||||
|
||||
* LEARN state does not probe, only listen.
|
||||
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Mon, 27 Jun 2005 14:01:34 +0200
|
||||
|
||||
arpsponge (3.5) unstable; urgency=low
|
||||
|
||||
* Incorporated Arien's ideas:
|
||||
|
||||
* Start in LEARN state, where we probe every second or so, for
|
||||
"--learn" times. During this period, we do not sponge addresses,
|
||||
we only probe and learn.
|
||||
* Rewrote the handling of pending addresses. Pending addresses are
|
||||
now probed once per second for max_pending times. The previous
|
||||
behaviour was to probe a pending IP whenever an ARP query for it
|
||||
came in. If the incoming rate is high enough, we exhaust our pending
|
||||
probes before the target IP has a chance to answer.
|
||||
|
||||
* Added ARP rating through the "--proberate" option. Throwing ARP
|
||||
queries at the interface at full CPU speed causes many packets to
|
||||
be dropped, whether it's at the interface, the LAN (switch), or
|
||||
the receiving end. Besides, broadcast storms are the very thing
|
||||
we are trying to avoid here.
|
||||
|
||||
* --dummy now sends probes, but never sponged answers. Previously
|
||||
it was not sending probes either, making it difficult to test the
|
||||
sweeping/probing code.
|
||||
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Thu, 12 May 2005 16:35:00 +0200
|
||||
|
||||
arpsponge (3.4.1-1) unstable; urgency=low
|
||||
|
||||
* Logging fixes. One log line for a sponge event.
|
||||
* Also log/notify for "pending" states.
|
||||
* Various POD fixes.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Tue, 10 May 2005 14:25:00 +0200
|
||||
|
||||
arpsponge (3.4-2) unstable; urgency=low
|
||||
|
||||
* Renamed to "arpsponge" to prevent lawsuits :-)
|
||||
* Cleaned up a bunch of stub files in the debian directory.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Mon, 09 May 2005 18:03:00 +0200
|
||||
|
||||
arpsponge (3.3.2-1) unstable; urgency=low
|
||||
|
||||
* "misfit" ARPs now get their src MAC logged as well.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Tue, 03 May 2005 13:15:00 +0200
|
||||
|
||||
arpsponge (3.3.1-1) unstable; urgency=low
|
||||
|
||||
* Added check for "misfit" ARPs and logging of those.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Tue, 03 May 2005 13:15:00 +0200
|
||||
|
||||
arpsponge (3.3-1) unstable; urgency=low
|
||||
|
||||
* Added "HUP" signal to arpswiffer. Added README file.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Tue, 03 May 2005 11:48:00 +0200
|
||||
|
||||
arpsponge (3.2-1) unstable; urgency=low
|
||||
|
||||
* Sponge.pm "set_alive" needs to check for local IP, otherwise the
|
||||
state table gets contaminated.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Sun, 01 May 2005 11:48:00 +0200
|
||||
|
||||
arpsponge (3.1-1) unstable; urgency=low
|
||||
|
||||
* Properly Debianized.
|
||||
* Added code to recognize the duplicate detection packets from
|
||||
DHCP clients.
|
||||
|
||||
-- Steven Bakker <sb@ams-ix.net> Sat, 30 Apr 2005 22:43:05 +0200
|
Loading…
Reference in New Issue
Block a user