ArpON ver. 2.7: the DARPI and -d (--darpi) flag bug.
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| arpon (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Bug Description
Hello. Because on Ubuntu 12.04 LTS an ArpON package is pretty outdated (ver. 2.0-2.1) I've decided to use a version from a Vivid release - 2.7.
It seems that ArpON ver. 2.7 has a bug related to a DARPI anti Arp Poisoning techniques. Because I am using a DHCP method to obtain an IP address, I had to use a DARPI method (Dynamin Arp Inspect.) instead of SARPI (Static Arp Inspect). After installation via 'apt-get' utility, configuring "arpon" file from '/etc/default/' directory and uncomment line responsible for a DARPI method, ArpON failed to start with a following error:
$ sudo /etc/init.d/arpon start
* Starting anti ARP poisoning daemon arpon
20:38:55 PID = </var/run/
/usr/bin/arpon: invalid option -- 'd' [fail]
By default a line responsible for a DARPI technique (in the '/etc/default/
DAEMON_OPTS="-q -f /var/log/
According to the Ubuntu manpage[1] '-g' flag stands for "Works in logging mode", since '-d' flag means "Manages Arp Cache dynamically". Everything should work okay, but it does not. I've tried many possibilities, configurations etc., but nothing worked.
And it seems, that a new ArpON 2.7 version requires a '-D' flag instead '-d'. At least in Ubuntu 12.04 LTS and it seems that in others flavors (Xubuntu etc) also. Please see:
DAEMON_OPTS="-q -f /var/log/
After this small change everything started to work okay:
$ sudo /etc/init.d/arpon start
* Starting anti ARP poisoning daemon arpon
20:43:32 PID = </var/run/
One more test, to be one hundred percent sure: status of anti ARP poisoning daemon arpon is [OK] after running 'sudo /etc/init.d/arpon status' command, . Here are some technical details:
* Ubuntu 3.2.0-98.
* lsb_release -rd
Description: Ubuntu 12.04.5 LTS
Release: 12.04
* arpon: 2.7.2-1
By the way: ArpON sometimes crashing with "SIGSEGV in pthread_kill()" (right after user login), but I have to create a new bug report.
Best regards.
_____________
[1] http://
| affects: | linux (Ubuntu) → arpon (Ubuntu) |
| description: | updated |
| description: | updated |
| description: | updated |
| description: | updated |
| description: | updated |
| daniel CURTIS (anoda) wrote | #2 |
| daniel CURTIS (anoda) wrote | #3 |
| Launchpad Janitor (janitor) wrote | #4 |
| Changed in arpon (Ubuntu): | |
| status: | New → Confirmed |
| Mirzet Kadic (caracal-enl) wrote | #5 |
Hello. Bug report is not needed. According to a manpage for an ArpON package ver. 2.7.2-1 included in e.g. Vivid release[1], there is mentioned 'D' flag. I apologize for the confusion. I should check mentioned manpage first (see [1]). Generally look for "DYNAMIC ARP INSPECTION" sub-thread. There is a "-D (--darpi)" flag mentioned.
I created this bug report, because one user tell me that I should do this. I'm sorry once again. So, if it is possible please remove this bug report. It is not needed anymore.
Best regards.
_____________
[1] http://