start > getarp

getarp

Created by dave. Last edited by dave, 9 years and 45 days ago. Viewed 2,370 times. #4

[diff] [history] [edit] [rdf]

labels

attachments

A perl script to get the ARP table out of a router.

Requires Net::SNMP, Net::hostent, and Sys::Syslog

getarp [-s IP [-c STRING ]] [TARGETIP]
    -s IP          query the router at IP
    -c STRING      use STRING as the SNMP community
    TARGETIP       only print results for TARGETIP
    --HELP         print this screen

You can hard-code the router IP and/or community string in the code. I use a shell alias since I only have one router at this site:

alias getarp='/usr/local/bin/getarp -s 10.0.0.1 -c MyComm'

Without a parameter, it dumps all the IP/MAC combinations it knows about.

With a TARGETIP, it only prints the MAC address for the provided IP.

Example usage:

$ getarp xx.xx.205.254 -> 00:17:54:02:26:3e xx.xx.205.255 -> 00:17:54:02:26:3e xx.xx.207.33 -> 00:0e:39:3c:a1:54

$ getarp xx.xx.207.33 xx.xx.207.33 -> 00:0e:39:3c:a1:54

Notes

It wasn't immediately obvious to me, but the router won't have its own MAC in its ARP table.
If the IP you are querying has not sent packets to/through the router recently, the IP/MAC entry won't be in the ARP table. You can sometimes get around this by pinging the IP in question (assuming that it is reachable by you across the router).
I use this script on firewalls as well.

no comments | post comment

see also:
snipsnap-index	snipsnap-search	Ethernet+Vendor+Codes	Switching Tables
snipsnap-index	running eve...	Arp	MrRogers
switchwalk	Useful+...	Juniper	Backup+ISP...
Ethernet Vendor Codes	sftp umask	Network Jokes	Installing nfsen
mrrogers	Disable IPv6

getarp

Notes

Virtual Dave Megaplex:

Useful: