Bug#862149: arpwatch starts before networking is ready

jmolina at swoncology.net jmolina at swoncology.net
Tue May 9 04:40:06 UTC 2017 

Package: arpwatch
Version: 2.1a15-2+b1
Severity: important

Arpwatch seems to start before the networking is really ready. In this
case, we are listening on a bridge interface, so that might have
something to do with it.

This might be a problem with systemd/networking/bridging/etc. Feel free
to pass the bug along to whoever is really at fault.

Here's a clip from a system journal log:

May 08 15:17:45 myhost kernel: r8169 0000:02:00.0: firmware:
direct-loading firmware rtl_nic/rtl8168g-2.fw
May 08 15:17:45 myhost kernel: r8169 0000:02:00.0 eth0: link down
May 08 15:17:45 myhost kernel: r8169 0000:02:00.0 eth0: link down
May 08 15:17:45 myhost systemd[1]: Reloading.
May 08 15:17:45 myhost cron[585]: (CRON) INFO (Running @reboot jobs)
May 08 15:17:45 myhost arpwatch[705]: bad interface br0: SIOCGIFADDR:
br0: No such device - assuming unconfigured interface
May 08 15:17:45 myhost arpwatch[598]: Starting Ethernet/FDDI station
monitor daemon: (chown arpwatch /var/lib/arpwatch/br0.dat) arpwatch-br0.
May 08 15:17:45 myhost arpwatch[711]: pcap open br0: br0: No such device
exists (SIOCGIFHWADDR: No such device)
May 08 15:17:45 myhost systemd-udevd[720]: Could not generate persistent
MAC address for br0: No such file or directory
May 08 15:17:45 myhost kernel: bridge: filtering via arp/ip/ip6tables is
no longer available by default. Update your scripts to load br_netfilter
if you need this.
May 08 15:17:45 myhost ifup[543]: Waiting for a max of 5 seconds for
eth0 to become available.
May 08 15:17:45 myhost kernel: br0: port 1(eth0) entered blocking state
May 08 15:17:45 myhost kernel: br0: port 1(eth0) entered disabled state
May 08 15:17:45 myhost kernel: device eth0 entered promiscuous mode
May 08 15:17:45 myhost ifup[543]: Waiting for br0 to get ready (MAXWAIT
is 2 seconds).



-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages arpwatch depends on:
ii  adduser     3.115
ii  libc6       2.24-9
ii  libpcap0.8  1.8.1-3

arpwatch recommends no packages.

arpwatch suggests no packages.

-- Configuration Files:
/etc/arpwatch.conf changed [not included]
/etc/default/arpwatch changed [not included]

-- no debconf information

More information about the Pkg-security-team mailing list