10 files changed, 678 insertions, 0 deletions
diff --git a/network/arpwatch/patches/arpwatch-2.1a10-man.patch b/network/arpwatch/patches/arpwatch-2.1a10-man.patch
new file mode 100644
index 0000000000..73b3068a36
--- /dev/null
+++ b/network/arpwatch/patches/arpwatch-2.1a10-man.patch
@@ -0,0 +1,33 @@
+diff -uNr arpwatch-2.1a10/arpsnmp.8 arpwatch-2.1a10.man/arpsnmp.8
+--- arpwatch-2.1a10/arpsnmp.8	Sun Sep 17 23:34:48 2000
++++ arpwatch-2.1a10.man/arpsnmp.8	Sun Dec 31 02:00:54 2000
+@@ -41,7 +41,7 @@
+ and reports certain changes via email.
+ .B Arpsnmp
+ reads information from a file (usually generated by
+-.BR snmpwalk (8)).
++.BR snmpwalk (1)).
+ .LP
+ The
+ .B -d
+@@ -62,9 +62,9 @@
+ .LP
+ .SH "REPORT MESSAGES"
+ (See the
+-.BR arpwatch (1)
++.BR arpwatch (8)
+ man page for details on the report messages generated by
+-.BR arpsnmp (1).)
++.BR arpsnmp (8).)
+ .SH FILES
+ .na
+ .nh
+@@ -79,7 +79,7 @@
+ .na
+ .nh
+ .BR arpwatch (8),
+-.BR snmpwalk (8),
++.BR snmpwalk (1),
+ .BR arp (8)
+ .ad
+ .hy
diff --git a/network/arpwatch/patches/arpwatch-2.1a15-bogon.patch b/network/arpwatch/patches/arpwatch-2.1a15-bogon.patch
new file mode 100644
index 0000000000..784deb015b
--- /dev/null
+++ b/network/arpwatch/patches/arpwatch-2.1a15-bogon.patch
@@ -0,0 +1,20 @@
+--- arpwatch-2.1a15/arpwatch.c.bogon	2007-08-09 13:53:47.000000000 +0200
++++ arpwatch-2.1a15/arpwatch.c	2007-08-09 13:58:17.000000000 +0200
+@@ -730,11 +730,12 @@ addnet(register const char *str)
+ 
+ 	/* XXX hack */
+ 	n = ntohl(inet_addr(tstr));
+-	while ((n & 0xff000000) == 0) {
+-		n <<= 8;
+-		if (n == 0)
+-			return (0);
+-	}
++	if (n || width != 32)
++		while ((n & 0xff000000) == 0) {
++			n <<= 8;
++			if (n == 0)
++				return (0);
++		}
+ 	n = htonl(n);
+ 
+ 	if (width != 0) {
diff --git a/network/arpwatch/patches/arpwatch-2.1a15-extraman.patch b/network/arpwatch/patches/arpwatch-2.1a15-extraman.patch
new file mode 100644
index 0000000000..502404ec59
--- /dev/null
+++ b/network/arpwatch/patches/arpwatch-2.1a15-extraman.patch
@@ -0,0 +1,173 @@
+diff -up arpwatch-2.1a15/Makefile.in.extraman arpwatch-2.1a15/Makefile.in
+--- arpwatch-2.1a15/Makefile.in.extraman	2009-12-14 18:01:27.000000000 +0100
++++ arpwatch-2.1a15/Makefile.in	2010-03-30 15:11:30.000000000 +0200
+@@ -118,6 +118,10 @@ install-man: force
+ 	    $(DESTDIR)$(MANDEST)/man8
+ 	$(INSTALL) -m 644 $(srcdir)/arpsnmp.8 \
+ 	    $(DESTDIR)$(MANDEST)/man8
++	$(INSTALL) -m 644 $(srcdir)/arp2ethers.8 \
++	    $(DESTDIR)$(MANDEST)/man8
++	$(INSTALL) -m 644 $(srcdir)/massagevendor.8 \
++	    $(DESTDIR)$(MANDEST)/man8
+ 
+ lint:	$(GENSRC) force
+ 	lint -hbxn $(SRC) | \
+diff -up arpwatch-2.1a15/arp2ethers.8.extraman arpwatch-2.1a15/arp2ethers.8
+--- arpwatch-2.1a15/arp2ethers.8.extraman	2010-03-30 15:12:37.000000000 +0200
++++ arpwatch-2.1a15/arp2ethers.8	2010-03-30 15:53:01.000000000 +0200
+@@ -0,0 +1,60 @@
++.TH ARP2ETHERS 8
++.SH NAME
++arp2ethers \- convert arpwatch address database to ethers file format
++.SH SYNOPSIS
++.na
++.B arp2ethers
++.ad
++.SH "DESCRIPTION"
++.B arp2ethers
++converts file
++.IR arp.dat
++in the current directory into
++.BR ethers(5)
++format on
++.IR stdout .
++Usually
++.IR arp.dat
++is an ethernet/ip database file generated by
++.BR arpwatch(8) .
++The arpwatch daemon in Debian will create different 
++.IR arp.dat
++depending on its configuration. All of them will be available at 
++.IR /var/lib/arpwatch/ .
++.SH FILES
++.na
++.nh
++.nf
++/var/lib/arpwatch - default directory for arp.dat
++arp.dat - ethernet/ip address database
++.ad
++.hy
++.fi
++.SH "SEE ALSO"
++.na
++.nh
++.BR arpwatch (8),
++.BR ethers (5),
++.BR rarp (8),
++.BR arp (8),
++.ad
++.hy
++.SH BUGS
++Please send bug reports to arpwatch@ee.lbl.gov.
++.SH AUTHORS
++.LP
++Original version by Craig Leres of the Lawrence Berkeley
++National Laboratory Network Research Group, University of
++California, Berkeley, CA.
++.LP
++Modified for the Debian Project by Peter Kelemen, with
++additions from Erik Warmelink.
++.LP
++The current version is available via anonymous ftp:
++.LP
++.RS
++.I ftp://ftp.ee.lbl.gov/arpwatch.tar.gz
++.RE
++.LP
++This manual page was contributed by Hugo Graumann.
++
+diff -up arpwatch-2.1a15/massagevendor.8.extraman arpwatch-2.1a15/massagevendor.8
+--- arpwatch-2.1a15/massagevendor.8.extraman	2010-03-30 15:15:18.000000000 +0200
++++ arpwatch-2.1a15/massagevendor.8	2010-03-30 15:15:18.000000000 +0200
+@@ -0,0 +1,91 @@
++.TH MASSAGEVENDOR 8
++.SH NAME
++massagevendor \- convert the ethernet vendor codes master list to arpwatch format
++.SH SYNOPSIS
++.na
++massagevendor
++.I vendorfile
++.SH "DESCRIPTION"
++.B massagevendor
++is a program that converts a text file containing ethernet vendor codes
++into a format suitable for use by
++.B arpwatch(8)
++and
++.B arpsnmp(8).
++The input
++.I vendorfile
++is a master text file containing vendor codes. The output
++is sent to
++.I stdout.
++Each line of the
++.I vendorfile
++is expected to have a six digit hexadecimal vendor code
++followed by spaces followed by the name of the manufacturer.
++.LP
++All ethernet devices have a unique identifier which
++includes a vendor code specifying the manufacturer of the
++device. In normal operation
++.B arpwatch(8)
++and
++.B arpsnmp(8)
++use the file
++.I ethercodes.dat
++to report this vendor code.
++.B massagevendor
++is used to generate the
++.I ethercodes.dat
++file from text files containing these vendor codes.
++.LP
++Locations where an ethernet vendor codes master text file
++can be obtained are given below.
++.SH FILES
++.na
++.nh
++.nf
++/var/lib/arpwatch - default location of the ethernet vendor list
++ethercodes.dat - file containing the list of ethernet vendor codes
++.ad
++.hy
++.fi
++.SH "SEE ALSO"
++.na
++.nh
++.BR arpwatch(8),
++.BR arpsnmp(8)
++.ad
++.hy
++.SH NOTES
++Sources for ethernet vendor codes seen in the wild are
++.LP
++.na
++.nh
++.nf
++.RS
++.I http://map-ne.com/Ethernet/vendor.html
++.I ftp://ftp.cavebear.com/pub/Ethernet.txt
++.I http://www.cavebear.com/CaveBear/Ethernet/vendor.html
++.RE
++.ad
++.hy
++.LP
++Useful for comparison or completeness are the
++ethernet vendor codes as assigned
++by the IEEE which can be found at
++.LP
++.RS
++.I http://standards.ieee.org/regauth/oui/oui.txt
++.RE
++.SH BUGS
++Please send bug reports to arpwatch@ee.lbl.gov.
++.SH AUTHORS
++Craig Leres of the
++Lawrence Berkeley National Laboratory Network Research Group,
++University of California, Berkeley, CA.
++.LP
++The current version is available via anonymous ftp:
++.LP
++.RS
++.I ftp://ftp.ee.lbl.gov/arpwatch.tar.gz
++.RE
++.LP
++This manual page was contributed by Hugo Graumann.
diff --git a/network/arpwatch/patches/arpwatch-2.1a15-nolocalpcap.patch b/network/arpwatch/patches/arpwatch-2.1a15-nolocalpcap.patch
new file mode 100644
index 0000000000..13382bc79d
--- /dev/null
+++ b/network/arpwatch/patches/arpwatch-2.1a15-nolocalpcap.patch
@@ -0,0 +1,10 @@
+--- arpwatch-2.1a15/configure.nolocalpcap	2006-06-21 22:32:38.000000000 +0200
++++ arpwatch-2.1a15/configure	2006-11-09 15:04:35.000000000 +0100
+@@ -4956,6 +4956,7 @@
+     places=`ls .. | sed -e 's,/$,,' -e 's,^,../,' | \
+ 	egrep '/libpcap-[0-9]*\.[0-9]*(\.[0-9]*)?([ab][0-9]*)?$'`
+     for dir in $places ../libpcap libpcap ; do
++	    break
+ 	    basedir=`echo $dir | sed -e 's/[ab][0-9]*$//'`
+ 	    if test $lastdir = $basedir ; then
+ 		    		    continue;
diff --git a/network/arpwatch/patches/arpwatch-2.1a4-fhs.patch b/network/arpwatch/patches/arpwatch-2.1a4-fhs.patch
new file mode 100644
index 0000000000..313c794d0c
--- /dev/null
+++ b/network/arpwatch/patches/arpwatch-2.1a4-fhs.patch
@@ -0,0 +1,20 @@
+--- arpwatch-2.1a4/Makefile.in.fhs	Sun Jun 18 08:26:28 2000
++++ arpwatch-2.1a4/Makefile.in	Sun Jun 18 08:27:21 2000
+@@ -109,13 +109,13 @@
+ 	$(CC) $(CFLAGS) -o $@ zap.o intoa.o -lutil
+ 
+ install: force
+-	$(INSTALL) -m 555 -o bin -g bin arpwatch $(DESTDIR)$(BINDEST)
+-	$(INSTALL) -m 555 -o bin -g bin arpsnmp $(DESTDIR)$(BINDEST)
++	$(INSTALL) -m 755 arpwatch $(DESTDIR)$(BINDEST)
++	$(INSTALL) -m 755 arpsnmp $(DESTDIR)$(BINDEST)
+ 
+ install-man: force
+-	$(INSTALL) -m 444 -o bin -g bin $(srcdir)/arpwatch.8 \
++	$(INSTALL) -m 644 $(srcdir)/arpwatch.8 \
+ 	    $(DESTDIR)$(MANDEST)/man8
+-	$(INSTALL) -m 444 -o bin -g bin $(srcdir)/arpsnmp.8 \
++	$(INSTALL) -m 644 $(srcdir)/arpsnmp.8 \
+ 	    $(DESTDIR)$(MANDEST)/man8
+ 
+ lint:	$(GENSRC) force
diff --git a/network/arpwatch/patches/arpwatch-addr.patch b/network/arpwatch/patches/arpwatch-addr.patch
new file mode 100644
index 0000000000..5647ff811f
--- /dev/null
+++ b/network/arpwatch/patches/arpwatch-addr.patch
@@ -0,0 +1,232 @@
+--- arpwatch-2.1a11/addresses.h.in.addr	Wed Jun  5 00:40:29 1996
++++ arpwatch-2.1a11/addresses.h.in	Wed Jul 31 17:39:38 2002
+@@ -1,2 +1,4 @@
+ #define WATCHER "root"
+-#define WATCHEE "arpwatch (Arpwatch)"
++#define WATCHEE "root (Arpwatch)"
++extern char *watcher;
++extern char *watchee;
+--- arpwatch-2.1a11/arpsnmp.8.addr	Sun Sep 17 15:34:48 2000
++++ arpwatch-2.1a11/arpsnmp.8	Fri Aug  2 15:15:31 2002
+@@ -30,6 +30,12 @@
+ ] [
+ .B -f
+ .I datafile
++] [
++.B -e
++.I username
++] [
++.B -s
++.I username
+ ]
+ .I file
+ [
+@@ -59,6 +65,27 @@
+ .I arp.dat
+ file must be created before the first time you run
+ .BR arpsnmp .
++.LP
++If the
++.B -e 
++flag is used, 
++.B arpsnmp
++sends e-mail messages to
++.I username
++rather than the default (root).
++If a single `-' character is given for the username,
++sending of e-mail is suppressed,
++but logging via syslog is still done as usual.
++(This can be useful during initial runs, to collect data
++without being flooded with messages about new stations.)
++.LP
++If the
++.B -s 
++flag is used, 
++.B arpsnmp
++sends e-mail messages with
++.I username
++as the return address, rather than the default (root).
+ .LP
+ .SH "REPORT MESSAGES"
+ (See the
+--- arpwatch-2.1a11/arpsnmp.c.addr	Sun Jan 17 19:47:40 1999
++++ arpwatch-2.1a11/arpsnmp.c	Fri Aug  2 15:17:16 2002
+@@ -59,6 +59,7 @@
+ #include "file.h"
+ #include "machdep.h"
+ #include "util.h"
++#include "addresses.h"
+ 
+ /* Forwards */
+ int	main(int, char **);
+@@ -90,7 +91,7 @@
+ 	}
+ 
+ 	opterr = 0;
+-	while ((op = getopt(argc, argv, "df:")) != EOF)
++	while ((op = getopt(argc, argv, "df:e:s:")) != EOF)
+ 		switch (op) {
+ 
+ 		case 'd':
+@@ -105,6 +106,24 @@
+ 			arpfile = optarg;
+ 			break;
+ 
++		case 'e':
++			if ( optarg ) {
++				watcher = strdup(optarg);
++			} else {
++				(void)fprintf(stderr, "%s: Need recipient username/e-mail address after -e\n", prog);
++				usage();
++			}
++			break;
++
++		case 's':
++			if ( optarg ) {
++				watchee = strdup(optarg);
++			} else {
++				(void)fprintf(stderr, "%s: Need sender username/e-mail address after -s\n", prog);
++				usage();
++			}
++			break;
++
+ 		default:
+ 			usage();
+ 		}
+@@ -184,6 +203,6 @@
+ 
+ 	(void)fprintf(stderr, "Version %s\n", version);
+ 	(void)fprintf(stderr,
+-	    "usage: %s [-d] [-f datafile] file [...]\n", prog);
++	    "usage: %s [-d] [-f datafile] [-e username] [-s username] file [...]\n", prog);
+ 	exit(1);
+ }
+--- arpwatch-2.1a11/arpwatch.8.addr	Thu Aug  1 13:45:36 2002
++++ arpwatch-2.1a11/arpwatch.8	Thu Aug  1 14:08:05 2002
+@@ -46,6 +46,12 @@
+ ] [
+ .B -u
+ .I username
++] [
++.B -e
++.I username
++] [
++.B -s
++.I username
+ ]
+ .ad
+ .SH DESCRIPTION
+@@ -106,6 +112,27 @@
+ and group ID to that of the primary group of 
+ .IR username .
+ This is recommended for security reasons.
++.LP
++If the
++.B -e 
++flag is used, 
++.B arpwatch
++sends e-mail messages to
++.I username
++rather than the default (root).
++If a single `-' character is given for the username,
++sending of e-mail is suppressed,
++but logging via syslog is still done as usual.
++(This can be useful during initial runs, to collect data
++without being flooded with messages about new stations.)
++.LP
++If the
++.B -s 
++flag is used, 
++.B arpwatch
++sends e-mail messages with
++.I username
++as the return address, rather than the default (root).
+ .LP
+ Note that an empty
+ .I arp.dat
+--- arpwatch-2.1a11/arpwatch.c.addr	Thu Aug  1 13:45:36 2002
++++ arpwatch-2.1a11/arpwatch.c	Thu Aug  1 13:47:35 2002
+@@ -78,6 +78,7 @@
+ #include "machdep.h"
+ #include "setsignal.h"
+ #include "util.h"
++#include "addresses.h"
+ 
+ /* Some systems don't define these */
+ #ifndef ETHERTYPE_REVARP
+@@ -190,7 +191,7 @@
+ 	interface = NULL;
+ 	rfilename = NULL;
+ 	pd = NULL;
+-	while ((op = getopt(argc, argv, "df:i:n:Nr:u:")) != EOF)
++	while ((op = getopt(argc, argv, "df:i:n:Nr:u:e:s:")) != EOF)
+ 		switch (op) {
+ 
+ 		case 'd':
+@@ -232,6 +233,26 @@
+ 			}
+ 			break;
+ 
++		case 'e':
++			if ( optarg ) {
++				watcher = strdup(optarg);
++			}
++			else {
++				fprintf(stderr, "%s: Need recipient username/e-mail address after -e\n", prog);
++				usage();
++			}
++			break;
++
++		case 's':
++			if ( optarg ) {
++				watchee = strdup(optarg);
++			}
++			else {
++				fprintf(stderr, "%s: Need sender username/e-mail address after -s\n", prog);
++				usage();
++			}
++			break;
++
+ 		default:
+ 			usage();
+ 		}
+@@ -784,6 +805,7 @@
+ 
+ 	(void)fprintf(stderr, "Version %s\n", version);
+ 	(void)fprintf(stderr, "usage: %s [-dN] [-f datafile] [-i interface]"
+-	    " [-n net[/width]] [-r file] [-u username]\n", prog);
++	    " [-n net[/width]] [-r file] [-u username]"
++	    " [-e username] [-s username]\n", prog);
+ 	exit(1);
+ }
+--- arpwatch-2.1a11/report.c.addr	Sat Sep 30 18:41:10 2000
++++ arpwatch-2.1a11/report.c	Thu Aug  1 14:16:43 2002
+@@ -70,6 +70,9 @@
+ 
+ #define PLURAL(n) ((n) == 1 || (n) == -1 ? "" : "s")
+ 
++char *watcher = WATCHER;
++char *watchee = WATCHEE;
++
+ static int cdepth;	/* number of outstanding children */
+ 
+ static char *fmtdate(time_t);
+@@ -240,8 +243,6 @@
+ 	register FILE *f;
+ 	char tempfile[64], cpu[64], os[64];
+ 	char *fmt = "%20s: %s\n";
+-	char *watcher = WATCHER;
+-	char *watchee = WATCHEE;
+ 	char *sendmail = PATH_SENDMAIL;
+ 	char *unknown = "<unknown>";
+ 	char buf[132];
+@@ -258,6 +259,9 @@
+ 		}
+ 		f = stdout;
+ 		(void)putc('\n', f);
++	} else if (watcher == NULL || *watcher == NULL || *watcher == '-') {
++		dosyslog(LOG_NOTICE, title, a, e1, e2);
++		return;
+ 	} else {
+ 		/* Setup child reaper if we haven't already */
+ 		if (!init) {
diff --git a/network/arpwatch/patches/arpwatch-dir-man.patch b/network/arpwatch/patches/arpwatch-dir-man.patch
new file mode 100644
index 0000000000..673a600df7
--- /dev/null
+++ b/network/arpwatch/patches/arpwatch-dir-man.patch
@@ -0,0 +1,22 @@
+--- arpwatch-2.1a15/arpsnmp.8.dirman	2006-11-02 17:00:58.000000000 +0100
++++ arpwatch-2.1a15/arpsnmp.8	2006-11-02 17:23:58.000000000 +0100
+@@ -96,7 +96,7 @@
+ .na
+ .nh
+ .nf
+-/usr/operator/arpwatch - default directory
++/var/lib/arpwatch - default directory
+ arp.dat - ethernet/ip address database
+ ethercodes.dat - vendor ethernet block list
+ .ad
+--- arpwatch-2.1a15/arpwatch.8.dirman	2006-11-02 17:00:58.000000000 +0100
++++ arpwatch-2.1a15/arpwatch.8	2006-11-02 17:24:07.000000000 +0100
+@@ -198,7 +198,7 @@
+ .na
+ .nh
+ .nf
+-/usr/operator/arpwatch - default directory
++/var/lib/arpwatch - default directory
+ arp.dat - ethernet/ip address database
+ ethercodes.dat - vendor ethernet block list
+ .ad
diff --git a/network/arpwatch/patches/arpwatch-drop-man.patch b/network/arpwatch/patches/arpwatch-drop-man.patch
new file mode 100644
index 0000000000..f183b2164e
--- /dev/null
+++ b/network/arpwatch/patches/arpwatch-drop-man.patch
@@ -0,0 +1,48 @@
+--- arpwatch.8.orig	Sun Oct  8 23:31:28 2000
++++ arpwatch.8	Mon Oct 16 16:46:19 2000
+@@ -36,13 +36,16 @@
+ .I interface
+ ]
+ .br
+-.ti +8
++.ti +9
+ [
+ .B -n
+ .IR net [/ width
+ ]] [
+ .B -r
+ .I file
++] [
++.B -u
++.I username
+ ]
+ .ad
+ .SH DESCRIPTION
+@@ -94,10 +97,26 @@
+ .B arpwatch
+ does not fork.
+ .LP
++If 
++.B -u 
++flag is used, 
++.B arpwatch
++drops root privileges and changes user ID to
++.I username
++and group ID to that of the primary group of 
++.IR username .
++This is recommended for security reasons.
++.LP
+ Note that an empty
+ .I arp.dat
+ file must be created before the first time you run
+-.BR arpwatch .
++.BR arpwatch . 
++Also, the default directory (where arp.dat is stored) must be owned
++by 
++.I username
++if 
++.BR -u
++flag is used.
+ .LP
+ .SH "REPORT MESSAGES"
+ Here's a quick list of the report messages generated by
diff --git a/network/arpwatch/patches/arpwatch-drop.patch b/network/arpwatch/patches/arpwatch-drop.patch
new file mode 100644
index 0000000000..916a4b1142
--- /dev/null
+++ b/network/arpwatch/patches/arpwatch-drop.patch
@@ -0,0 +1,93 @@
+--- arpwatch-2.1a10/arpwatch.c	Sat Oct 14 05:07:35 2000
++++ arpwatch-2.1a10/arpwatch.c	Sun Jun 10 16:22:57 2001
+@@ -62,7 +62,7 @@
+ #include <string.h>
+ #include <syslog.h>
+ #include <unistd.h>
+-
++#include <pwd.h>
+ #include <pcap.h>
+ 
+ #include "gnuc.h"
+@@ -141,6 +141,25 @@
+ int	sanity_fddi(struct fddi_header *, struct ether_arp *, int);
+ __dead	void usage(void) __attribute__((volatile));
+ 
++void dropprivileges(const char* user)
++{
++	struct passwd* pw;
++	pw = getpwnam( user );
++	if ( pw ) {
++		if ( initgroups(pw->pw_name, NULL) != 0 || setgid(pw->pw_gid) != 0 ||
++				 setuid(pw->pw_uid) != 0 ) {
++			syslog(LOG_ERR, "Couldn't change to '%.32s' uid=%d gid=%d", user,
++						 pw->pw_uid, pw->pw_gid);
++			exit(1);
++		}
++	}
++	else {
++		syslog(LOG_ERR, "Couldn't find user '%.32s' in /etc/passwd", user);
++		exit(1);
++	}
++	syslog(LOG_DEBUG, "Running as uid=%d gid=%d", getuid(), getgid());
++}
++
+ int
+ main(int argc, char **argv)
+ {
+@@ -153,6 +172,7 @@
+ 	register char *interface, *rfilename;
+ 	struct bpf_program code;
+ 	char errbuf[PCAP_ERRBUF_SIZE];
++	char* serveruser = NULL;
+ 
+ 	if (argv[0] == NULL)
+ 		prog = "arpwatch";
+@@ -170,7 +190,7 @@
+ 	interface = NULL;
+ 	rfilename = NULL;
+ 	pd = NULL;
+-	while ((op = getopt(argc, argv, "df:i:n:Nr:")) != EOF)
++	while ((op = getopt(argc, argv, "df:i:n:Nr:u:")) != EOF)
+ 		switch (op) {
+ 
+ 		case 'd':
+@@ -202,6 +222,16 @@
+ 			rfilename = optarg;
+ 			break;
+ 
++		case 'u':
++			if ( optarg ) {
++				serveruser = strdup(optarg);
++			}
++			else {
++				fprintf(stderr, "%s: Need username after -u\n", prog);
++				usage();
++			}
++			break;
++
+ 		default:
+ 			usage();
+ 		}
+@@ -283,8 +313,11 @@
+ 	 * Revert to non-privileged user after opening sockets
+ 	 * (not needed on most systems).
+ 	 */
+-	setgid(getgid());
+-	setuid(getuid());
++	/*setgid(getgid());*/
++	/*setuid(getuid());*/
++	if ( serveruser ) {
++		dropprivileges( serveruser );
++	}
+ 
+ 	/* Must be ethernet or fddi */
+ 	linktype = pcap_datalink(pd);
+@@ -751,6 +784,6 @@
+ 
+ 	(void)fprintf(stderr, "Version %s\n", version);
+ 	(void)fprintf(stderr, "usage: %s [-dN] [-f datafile] [-i interface]"
+-	    " [-n net[/width]] [-r file]\n", prog);
++	    " [-n net[/width]] [-r file] [-u username]\n", prog);
+ 	exit(1);
+ }
diff --git a/network/arpwatch/patches/arpwatch-scripts.patch b/network/arpwatch/patches/arpwatch-scripts.patch
new file mode 100644
index 0000000000..994dd1bd27
--- /dev/null
+++ b/network/arpwatch/patches/arpwatch-scripts.patch
@@ -0,0 +1,27 @@
+--- arpwatch-2.1a15/arp2ethers.scripts	2002-01-05 20:40:48.000000000 +0100
++++ arpwatch-2.1a15/arp2ethers	2006-11-09 14:34:42.000000000 +0100
+@@ -13,7 +13,7 @@
+ #	- sort
+ #
+ 
+-sort +2rn arp.dat | \
++sort -k 2 -rn arp.dat | \
+     awk 'NF == 4 { print }' | \
+     awk -f p.awk | \
+     egrep -v '\.[0-9][0-9]*$' | \
+--- arpwatch-2.1a15/arpfetch.scripts	2006-07-28 20:10:30.000000000 +0200
++++ arpwatch-2.1a15/arpfetch	2006-11-09 14:37:05.000000000 +0100
+@@ -4,8 +4,6 @@
+ # arpfetch - collect arp data from a cisco using net-snmp
+ #
+ 
+-export PATH="/usr/local/bin:${PATH}"
+-
+ prog=`basename $0`
+ 
+ if [ $# -ne 2 ]; then
+@@ -30,4 +28,3 @@
+ 	    print ea "\t" ip
+     }'
+ 
+-rm -f ${t1}