ARP Virtual Server

This is a virtual server which reads ARP packets

It allows the administrator to log ARP packets on the local network. The idea is that the ARP packets can be checked against a database (e.g. DHCP), or stored in an ARP-specific database. If something funny is going on, this virtual server can produce syslog messages informing the administrator as to what happened.

server arp { … }

This is the arp virtual server.

server arp {

namespace: In v4, all "server" sections MUST start with a "namespace" parameter. This tells the server which protocol is being used.

All of the "listen" sections in this virtual server will only accept packets for that protocol.

	namespace = arp

The listen section

The listen sections in v4 are very different from the `listen sections in v3. The changes were necessary in order to make FreeRADIUS more flexible, and to make the configuration simpler and more consistent.

	listen {

interface: The name of the interface.

		interface = en0

filter: An optional PCAP filter.

If we want to receive only ARPs for a particular IP address, then we list it here as host foo

You can also filter on ethernet via ether src foo or ether dst foo.

Or to accept only ARP Request packets, and filter out replies, use:

(arp[6] == 0) and (arp[7] == 1)

#		filter = "host 192.0.2.1"

active: Whether or not we response to ARP requests

Generally we want an "arpwatch" style functionality, so the default is active = no

When active = no, the virtual server will NEVER send an ARP reply.

#		active = no
	}

Process an ARP request

recv Request {
	ok
}

Process an ARP reply before sending it

send Reply {
	ok
}
}

ARP Virtual Server

server arp { …​ }

The listen section

Process an ARP request

Process an ARP reply before sending it

Default Configuration

server arp { … }