clones/arpsponge
1
0
Fork 0
mirror of https://github.com/AMS-IX/arpsponge.git synced 2024-09-21 07:47:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
Page: Home
Pages
Home
2 Home
Steven Bakker edited this page 2021-05-20 14:24:53 +02:00
Table of Contents

Welcome to the arpsponge wiki!

Not much here yet, just a rough TODO / road-map

Feature: switch to disable sweeping of unknown addresses

Right now, we sweep for all addresses that we haven't heard from in a while. For some subnets (e.g. /21 with only active hosts), this will add a boat-load of unnecessary ARP queries. By distinguishing known and unknown ALIVE entries (i.e. those that have a MAC address in the table and those that don't) we can skip probing the unknown ones.

Feature: add possibility to mark IP addresses as "static ALIVE", "static DEAD", or "IGNORE"

  • static ALIVE: don't ever sponge this, do update MAC address if packets come in with that source IP. Do query in sweeps, if alive sweeping is enabled.
  • static DEAD: don't ever release this address, even if another device starts using this IP.
  • IGNORE: don't sponge, query, or answer for this address; pretend it doesn't exist.

Feature: use configuration (YAML) files, instead of shell files & complicated init scripts.

  • Put config files in /etc/arpsponge instead of /etc/default.
  • Have the multiple instances started by either the init script, or the arpsponge itself.

For backwards compatibility: if /etc/arpsponge/arpsponge.yml does not exist, then use the legacy shell-script route. Otherwise, call arpsponge with the global config file. The arpsponge process will read the global config, which may contain a list of interface configurations. Additionally, it will get interface definitions from /etc/arpsponge/arpsponge/interfaces.d/.

---
dummy_mode:        false
init_mode:         alive
sponge_network:    true
gratuitous:        true
passive:           false
learning:          60
arp_max_age:       600
logmask:           "!alien"
arp_update_method: all
query_rate:        100
rundir:            /var/run/arpsponge

sponge_threshold:
    queue_depth: 500
    rate:        50
    pending:     10

sweep:
    enabled:       true
    at_start:      true
    interval:      900
    sweep_dead:    true
    sweep_alive:   false
    sweep_unknown: true
    age_threshold: 3600

flood_protection:
    enabled:       enabled
    rate:          3.0

For interfaces, there can either be an interfaces array, or a separate file per interface in the interfaces.d directory.

---

[...]

interfaces:
    - name: eth1.501
      interface: eth1.501
      network: 80.249.208.0/21
      enabled: true
      init_mode: alive
      learning: 120
    - name: eth1.502
      network: 193.105.101.0/25
      dummy_mode: true
      init_mode: alive
      sponge_network: false
      gratuitous: false
      learning: 120
      arp_update_method: none
      sponge_threshold:
        queue_depth: 100
        rate:        500
        pending:     3

Or (/etc/arpsponge/interfaces.d/eth1.501):

---
name: eth1.502
network: 193.105.101.0/25
dummy_mode: true
init_mode: alive
sponge_network: false
gratuitous: false
learning: 120
arp_update_method: none
sponge_threshold:
  queue_depth: 100
  rate:        500
  pending:     3