Differences

This shows you the differences between two versions of the page.

--- arpwatch [2014/06/24 19:49] – [ARP monitoring with arpwatch] admin
+++ arpwatch [2021/10/30 13:20] (current) – [ARP monitoring with arpwatch and msmtp] admin
@@ Line 1: / Line 1: @@
 {{tag>[network security arp linux]}}
-~~TOC~~
-=====ARP monitoring with arpwatch=====
+=====ARP monitoring with arpwatch and msmtp=====
-===Prerequisites:===
-  * Make sure e-mail works
-===Install and configure arpwatch===
+  * Install packages. <code>apt install arpwatch msmtp</code>
-  * Install aprwatch. <code>yum install arpwatch</code>
+  * Configure arpwatch interface. <code>cat > /etc/arpwatch/eth0.iface <<'EOF'
-  * Start arpwatch at boot. <code>chkconfig arpwatch on</code>
+IFACE_ARGS="-s /usr/bin/msmtp -m monitor@1k2.nl"
-  * Change config if needed, edit **/etc/sysconfig/arpwatch**.
+EOF</code>
-  * Start arpwatch. <code>service arpwatch start</code>
+  * Configure msmtp (Fastmail example).<code>cat > /var/lib/arpwatch/.msmtprc <<'EOF'
+defaults
+auth           on
+tls            on
+tls_trust_file /etc/ssl/certs/ca-certificates.crt
+logfile        ~/.msmtp.log
+account         fastmail
+host            smtp.fastmail.com
+port            465
+from            <FROM ADDRESS>
+user            <YOUR USERNAME>
+password        <YOUR APP PASSWORD>
+tls_starttls    off
+set_from_header on
+account default : fastmail
+EOF</code>
+  * Set owner and mode:<code>chown arpwatch. /var/lib/arpwatch/.msmtprc
+chmod 600 /var/lib/arpwatch/.msmtprc</code>
+  * Start arpwatch at boot. <code>systemctl enable --now arpwatch@eth0</code>
-===Example mail===
-<code>subject: new station (apc.mgmt.polaire.nl)
-           hostname: apc.mgmt.polaire.nl
-         ip address: 1.2.3.4
-   ethernet address: 0:c0:b7:95:ca:fe
-    ethernet vendor: AMERICAN POWER CONVERSION CORP
-          timestamp: Tuesday, June 24, 2014 21:48:39 +0200</code>