arpd - Linux
Overview
arpd is a network monitoring tool that displays active network connections and their corresponding MAC addresses using Address Resolution Protocol (ARP). It runs as a daemon and provides real-time information about devices connected to a network.
Syntax
arpd [options] <interface>
Options/Flags
-i
,--interval
: Update interval (seconds); Default: 1-c
,--cache
: Cache ARP entries in seconds; Default: 300-f
,--file
: Write ARP entries to a specified file-w
,--web
: Start a simple web interface on the specified port; Default: 8080-d
,--debug
: Enable debugging output-h
,--help
: Display help and usage information
Examples
Display ARP entries for the eth0
interface:
arpd eth0
Specify an update interval of 5 seconds:
arpd -i 5 eth0
Cache ARP entries for 600 seconds:
arpd -c 600 eth0
Write ARP entries to a file:
arpd -f arpentries.txt eth0
Start a web interface on port 9000:
arpd -w 9000 eth0
Common Issues
- Ensure the specified interface is up and running.
- Check if arpd is running as root or with appropriate permissions.
- If ARP entries are not displayed, try increasing the cache time or interval.
Integration
Integrate with Wireshark: Export ARP entries to a file and import them into Wireshark for further analysis.
arpd -f arpentries.txt eth0
wireshark -r arpentries.txt
Related Commands
- arp: Display or modify ARP cache entries
- ifconfig: Configure and view network interface parameters