I would like to keep tabs on the MAC/IP addresses in my secure net.
I do know how to do this, but keeping track of ethernet MAC addresses
seems
quite cumbersome in OpenBSD, not that it is more convenient in any
other
general purpose operating system but many interfaces for ex. routers
make it
easy to manage, especially MAC filtering.
At the moment we have:
/etc/ethers file #not the same as arp -s and arp -f !!
arp -a output
arp -s and arp -f input # not the same as /etc/ethers!!
The apps in ports don't seem to do what you (or I) want. After looking
them over,
in the end I wrote a sh script to compare `arp -an` output with a list
of "known" MACs, and it would notice when a new MAC appeared or an
existing
MAC disappeared (most everything is on a wireless DHCP so lots of
transient
behaviour).
When a new one appears, or an existing one disappears, it logs to
syslog.
Previously unseen MACs are logged slightly differently, so the network
management
app can issue an alert.
In general I think the average home network is approximately similar or
even more
complex than a simple small business network. So lots of management
features
are worthwhile: segmentation, MAC and IP surveillance, and a network
management
app.
--J
