getarp
A perl script to get the ARP table out of a router.
Requires Net::SNMP, Net::hostent, and Sys::Syslog
getarp [-s IP [-c STRING ]] [TARGETIP]
-s IP query the router at IP
-c STRING use STRING as the SNMP community
TARGETIP only print results for TARGETIP
--HELP print this screen
You can hard-code the router IP and/or community string in the code. I use a shell alias since I only have one router at this site:
alias getarp='/usr/local/bin/getarp -s 10.0.0.1 -c MyComm'
Without a parameter, it dumps all the IP/MAC combinations it knows about.
With a TARGETIP, it only prints the MAC address for the provided IP.
Example usage:
$ getarp
xx.xx.205.254 -> 00:17:54:02:26:3e
xx.xx.205.255 -> 00:17:54:02:26:3e
xx.xx.207.33 -> 00:0e:39:3c:a1:54
$ getarp xx.xx.207.33
xx.xx.207.33 -> 00:0e:39:3c:a1:54
Notes
- It wasn't immediately obvious to me, but the router won't have its own MAC in its ARP table.
- If the IP you are querying has not sent packets to/through the router recently, the IP/MAC entry won't be in the ARP table. You can sometimes get around this by pinging the IP in question (assuming that it is reachable by you across the router).
- I use this script on firewalls as well.