Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Arpwatch not starting after upgrading from v2.2.1 to v2.2.3

    Scheduled Pinned Locked Moved pfSense Packages
    6 Posts 3 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • kesawiK Offline
      kesawi
      last edited by

      I've just upgraded from v2.2.1 to v2.2.3 of pfSense and arpwatch is not starting from the GUI. The package manager is showing arpwatch 2.1.a15_8 pkg v1.1.2 as installed. I've tried removing the package and then installing it again, but with no success. No error messages are present in the log files.

      1 Reply Last reply Reply Quote 0
      • P Offline
        phil.davis
        last edited by

        It installs and runs for me on both 32 and 64 bit.
        Did you go to Services->arpwatch and pick an interface and press Save?
        Is there a process running:

         ps aux | grep arp
root    76657   0.0  1.5 11688 3444  -  S     6:58AM    0:00.31 /usr/local/sbin/arpwatch -d -f /var/log/arp.dat -i vr0

        Are there any files in /var/log?

        ls -l /var/log/arp*
-rw-r--r--  1 root  wheel      0 Jul  8 06:58 /var/log/arp.dat
-rw-r--r--  1 root  wheel  10240 Jul  8 06:58 /var/log/arpwatch.log
-rw-r--r--  1 root  wheel    874 Jul  8 06:59 /var/log/arpwatch.reports

        What do you get from:

        clog /var/log/arpwatch.log

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • kesawiK Offline
          kesawi
          last edited by

          Thanks for your reply.

          I ended up uninstalling it, and then reinstalling it several days later and it now works. Not really sure what happened.

          I had previously gone to services->arpwatch, picked an interface and pressed save and it had no impact.

          Status->Services shows arpwatch is running, but ps aux |grep arp only brings up the grep aux command.

           ps aux | grep arp
root   20250   0.0  0.1   18876   2296  0  S+    3:22PM     0:00.01 grep arp

          There are associated arp log files in /var/log but the permissions for arpwatch.log differ slightly  compared to yours.

          ls -l /var/log/arp*
-rw-r--r--  1 root  wheel   1545 Jul  9 15:13 /var/log/arp.dat
-rw-r--r--  1 root  wheel   1545 Jul  9 14:58 /var/log/arp.dat-
-rw-------  1 root  wheel  10240 Jul  5 17:13 /var/log/arpwatch.log
-rw-r--r--  1 root  wheel  22434 Jul  9 14:58 /var/log/arpwatch.reports

          The log file contains a repeated error but doesn't have an instance since it started working again. I assumed the reason it couldn't find the arp.dat file, is due to arpwatch not running and therefore not generating the file.

          clog /var/log/arpwatch.log
or directory
Jun 29 15:07:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 15:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 15:28:15 hostname arpwatch: listening on igb1_vlan100
Jun 29 15:37:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 15:52:43 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 29 16:07:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 16:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 16:37:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 16:52:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 17:07:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 17:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 17:37:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 17:52:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 18:07:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 18:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 18:37:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 18:52:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 19:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 19:37:43 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 29 19:52:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 20:07:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 20:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 20:37:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 21:07:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 21:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 21:37:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 21:52:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 22:07:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 22:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 22:37:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 22:52:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 23:07:43 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 29 23:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 23:37:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 29 23:52:43 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 00:07:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 00:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 00:37:43 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 00:52:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 01:07:43 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 01:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 01:37:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 01:52:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 02:07:43 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 02:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 02:37:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 02:52:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 03:07:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 03:22:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 03:37:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 03:52:43 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 04:07:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 04:37:44 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 04:52:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 05:07:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 05:22:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 05:37:44 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 05:52:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 06:07:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 06:37:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 06:52:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 07:22:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 07:37:44 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 07:52:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 08:07:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 08:22:44 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 08:37:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 08:52:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 09:07:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 09:22:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 09:37:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 09:52:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 10:07:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 12:07:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 12:22:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 12:37:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 12:52:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 13:07:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 13:22:44 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 13:37:44 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 13:52:44 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 14:07:44 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 14:22:44 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 14:37:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 14:52:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 15:07:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 15:22:44 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 15:37:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 15:52:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 16:07:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 16:22:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 17:22:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 17:37:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 17:52:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 18:01:02 hostname arpwatch: listening on igb1_vlan100
Jun 30 18:07:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jun 30 18:22:44 hostname arpwatch: rename /var/log/arp.dat.new -> /var/log/arp.dat: No such file or directory
Jun 30 18:37:44 hostname arpwatch: rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory
Jul  5 17:13:28 hostname arpwatch: listening on igb1_vlan100

          As it's now working again I'm not too concerned.

          1 Reply Last reply Reply Quote 0
          • kesawiK Offline
            kesawi
            last edited by

            Same issue again going from 2.2.3 to 2.2.4. Fixed it by uninstalling the arpwatch package, rebooting the server and then reinstalling the package.

            1 Reply Last reply Reply Quote 0
            • G Offline
              guitarpicker
              last edited by

              I just encountered a similar issue with arpwatch.  The arpwatch report was empty in the web interface.  It was working yesterday.
              pfSense started logging this late last night, twice every 15 minutes:```
              rename /var/log/arp.dat -> /var/log/arp.dat-: No such file or directory

              Unlike yours, I did not have any that mentioned "arp.dat.new" .

Strangely enough, pressing the "Clear Log" button on the arpwatch:Reports page made the missing entries show up immediately (now _that's_ counterintuitive).  Also, it's been over 15 minutes and I haven't gotten the error yet.  This might be an alternative to rebooting to clear up the messages.
              1 Reply Last reply Reply Quote 0
              • kesawiK Offline
                kesawi
                last edited by

                I've found that pressing clear log also restores the list for me as well.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.