I get this code from Lindmann, but somehow it doesn't work. Can somebody help me?
fetcharp.sh
#!/bin/bash
################################################## #############
# arpfetch.sh version 0.1
# Author: Peter Lindman
#
# Copyright © 2001 Peter Lindman. All rights reserved.
# Individuals wishing to use the data or methodology reported
# herein should contact Peter Lindman, at peter@blizz.se
# for permission and terms.
#
# This script samples ARP-traffic until enough packets has
# been collected or until a timeout period has expired.
# Used to prevent logs filling up harddrives on busy networks.
# After samping is done, call arpmatch.se to analyse the data.
#
################################################## #############
LOGDIR=/tmp
TIMEOUT=5m
MAXPACKETS=200
##################### END CONFIGURATION #######################
SCRIPTNAME=`basename $0`
IFACE=eth0
LOGFILE=`date +"$LOGDIR/%s.arp"`
# Test number of arguments to script
if [ $# -lt 1 ]
then
echo "Usage: `basename $0` [-i interface] network"
echo "ex. `basename $0` 192.168.1.0/23"
echo "
exit 1
fi
`basename $0` -i eth1 192.168.0.0/20"
# Find optional commandline arguments
# Only one is used [-i interface]
while getopts ":i:" Option
do
case $Option in
i
esac
done
) IFACE=$OPTARG
shift $(($OPTIND - 1))
# Find out the IP-address of the interface used
IPADDRESS=`ifconfig $IFACE | grep "inet addr" | awk '{print $2}' | \
sed 's/addr://g'`
# Start logging the ARP traffic, remember the process id.
- 30 -
tcpdump -i $IFACE -p -w $LOGFILE -c $MAXPACKETS -n arp net $1 >/dev/null 2>&1 &
TCPDUMPPID=$!
# Start the timeout process, remember the process id.
sleep $TIMEOUT &
SLEEPPID=$!
# Check every 10 seconds if any of the processes has stopped execution.
# If so, terminate the loop and call the program to analyse the log.
while [ 1 ]
do
kill -0 $TCPDUMPPID 2> /dev/null
if [ $? != 0 ]
then
break
fi
kill -0 $SLEEPPID 2> /dev/null
if [ $? != 0 ]
then
break
fi
sleep 10s
done
kill $TCPDUMPPID 2> /dev/null
`dirname $0`/arpmatch.sh $LOGFILE $IPADDRESS
rm $LOGFILE
Posting Permissions
Reply With Quote
Bookmarks