For When You Can't Have The Real Thing
[ start | index | login ]
start > getarp

getarp

Created by dave. Last edited by dave, 3 years and 280 days ago. Viewed 1,098 times. #4
[diff] [history] [edit] [rdf]
labels
attachments
A perl script to get the ARP table out of a router.

Requires Net::SNMP, Net::hostent, and Sys::Syslog

getarp [-s IP [-c STRING ]] [TARGETIP]
    -s IP          query the router at IP
    -c STRING      use STRING as the SNMP community
    TARGETIP       only print results for TARGETIP
    --HELP         print this screen

You can hard-code the router IP and/or community string in the code. I use a shell alias since I only have one router at this site:

alias getarp='/usr/local/bin/getarp -s 10.0.0.1 -c MyComm'
Without a parameter, it dumps all the IP/MAC combinations it knows about.

With a TARGETIP, it only prints the MAC address for the provided IP.

Example usage:

$ getarp
xx.xx.205.254 -> 00:17:54:02:26:3e
xx.xx.205.255 -> 00:17:54:02:26:3e
xx.xx.207.33 -> 00:0e:39:3c:a1:54

$ getarp xx.xx.207.33 xx.xx.207.33 -> 00:0e:39:3c:a1:54

Notes

  • It wasn't immediately obvious to me, but the router won't have its own MAC in its ARP table.
  • If the IP you are querying has not sent packets to/through the router recently, the IP/MAC entry won't be in the ARP table. You can sometimes get around this by pinging the IP in question (assuming that it is reachable by you across the router).
  • I use this script on firewalls as well.
no comments | post comment
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.

Useful:


snipsnap.org | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt