arpoon 0.0.1

data/README.md

@@ -0,0 +1,104 @@
+arpoon - man the harpoons, kill that ARP whale
+==============================================
+arpoon is a simple daemon that notifies about ARP packets, it can be used to implement
+anti ARP spoofing stuff or whatever.
+
+
+Examples
+--------
+
+Anti ARP spoofing:
+
+```ruby
+gateways = {}
+danger   = []
+
+# command that gets the interface name that got connected,
+# it's gonna be used as hook for network managers and the like
+# to tell arpoon about new interfaces or reconnected interfaces
+command :connected do |name|
+	interface(name) # create the interface if it's not present yet
+
+	reload_table! # reload the ARP table
+
+	# get the ARP table entry for the gateway and cleanup danger notifications
+	gateways[interface] = table[gateway_for(name)]
+
+  command :disconnected, name
+end
+
+command :disconnected do |name|
+	danger.reject! { |a| a[0] == name }
+end
+
+# this command can be used by scripts to check for danger notifications and show
+# them to the user
+command :danger? do
+	send_response danger.map { |a, b| { interface: a, attacker: b } }
+end
+
+# for any interface, already present or newly created
+any do
+	# when we receive an ARP reply
+	on :reply do |packet, interface|
+		# return unless we have a gateway for the interface
+		next unless gateway = gateways[interface.name]
+
+		# if the packet saying the IP for the gateway has a different MAC
+		# address someone is doing something fishy, so notify the danger
+		if packet.sender.ip == gateway.ip && packet.sender.mac != gateway.mac
+			unless danger.include?(current = [interface.name, packet.sender.mac])
+				danger << current
+			end
+		end
+	end
+end
+
+# setup the already present devices and gateways
+route.each {|entry|
+	next unless entry.gateway?
+
+	interface(entry.device)
+	gateways[entry.device] = table[entry.gateway]
+}
+```
+
+Init scripts
+------------
+
+Arch Linux:
+
+```sh
+#! /bin/bash
+
+. /etc/rc.conf
+. /etc/rc.d/functions
+
+case "$1" in
+  start)
+    stat_busy "Starting arpoon"
+    pkill -f "ruby.*arpoon" &> /dev/null
+    arpoon &> /dev/null &
+    add_daemon arpoon
+    stat_done
+    ;;
+
+  stop)
+    stat_busy "Stopping arpoon"
+    pkill -f "ruby.*arpoon" &> /dev/nunll
+    rm_daemon arpoon
+    stat_done
+    ;;
+
+  restart)
+    $0 stop
+    sleep 1
+    $0 start
+    ;;
+
+  *)
+    echo "usage: $0 {start|stop|restart}"
+esac
+
+exit 0
+```

data/arpoon.gemspec

@@ -0,0 +1,20 @@
+Kernel.load 'lib/arpoon/version.rb'
+
+Gem::Specification.new {|s|
+	s.name         = 'arpoon'
+	s.version      = Arpoon.version
+	s.author       = 'meh.'
+	s.email        = 'meh@paranoici.org'
+	s.homepage     = 'http://github.com/meh/arpoon'
+	s.platform     = Gem::Platform::RUBY
+	s.summary      = 'ARP changes reporting daemon, can be used to protect against spoofing.'
+
+	s.files         = `git ls-files`.split("\n")
+	s.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
+	s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+	s.require_paths = ['lib']
+
+	s.add_dependency 'bitmap'
+	s.add_dependency 'hwaddr'
+	s.add_dependency 'ffi-pcap', '>=0.2.1'
+}

data/bin/arpoon

@@ -0,0 +1,57 @@
+#! /usr/bin/env ruby
+require 'eventmachine'
+require 'arpoon'
+require 'optparse'
+
+options = {}
+
+OptionParser.new do |o|
+	options[:socket] = '/var/run/arpoon.ctl'
+
+	o.on '-e', '--execute', 'enable execute mode' do
+		options[:execute] = true
+	end
+
+	o.on '-s', '--socket PATH', 'path to the UNIX socket' do |value|
+		options[:socket] = File.expand_path(value)
+	end
+
+	o.on '-r', '--raw', 'send a raw JSON string' do |value|
+		options[:raw] = true
+	end
+end.parse!
+
+if options[:execute]
+	require 'arpoon/client'
+
+	Arpoon::Client.new(options[:socket]).tap {|c|
+		if options[:raw]
+			c.puts ARGV.join ' '
+		else
+			c.send_request *ARGV
+		end
+	}
+
+	UNIXSocket.new(options[:socket]).tap {|s|
+		s.puts options[:raw] ? ARGV.join(' ') : ARGV.to_json
+	}
+
+	exit!
+end
+
+EM.run {
+	a = Arpoon.load(ARGV.first || '/etc/arpoon.rc')
+	a.start
+
+	EM.error_handler {|e|
+		a.log e
+	}
+
+	%w[INT KILL].each {|sig|
+		trap sig do
+			a.stop
+			
+			EM.stop_event_loop
+		end
+	}
+}

data/lib/arpoon.rb

@@ -0,0 +1,194 @@
+#--
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#                    Version 2, December 2004
+#
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+#
+#  0. You just DO WHAT THE FUCK YOU WANT TO.
+#++
+
+require 'singleton'
+require 'eventmachine'
+require 'stringio'
+
+require 'arpoon/table'
+require 'arpoon/route'
+require 'arpoon/interface'
+require 'arpoon/packet'
+require 'arpoon/controller'
+
+class Arpoon
+	include Singleton
+
+	def self.method_missing (*args, &block)
+		instance.__send__ *args, &block
+	end
+
+	attr_reader :interfaces
+
+	def initialize
+		@commands    = {}
+		@connections = []
+		@interfaces  = {}
+		@any         = []
+
+		reload_table!
+
+		any {
+			on :packet do |packet|
+				if packet.request?
+					packet.interface.fire :request, packet, packet.interface
+				else
+					packet.interface.fire :reply, packet, packet.interface
+				end
+
+				if packet.destination.broadcast?
+					packet.interface.fire :broadcast, packet, packet.interface
+				end
+			end
+		}
+
+		controller_at '/var/run/arpoon.ctl'
+		logs_at       '/var/log/arpoon.log'
+	end
+
+	def controller_at (path)
+		@controller_at = File.expand_path(path)
+	end
+
+	def logs_at (path)
+		@logs_at = File.expand_path(path)
+	end
+	def started?; @started; end
+
+	def log (what, group = nil)
+		io = StringIO.new
+
+		io.print "[#{Time.now}#{", #{group}" if group}] "
+
+		if what.is_a? Exception
+			io.puts "#{what.class.name}: #{what.message}"
+			io.puts what.backtrace
+		else
+			io.puts what
+		end
+
+		io.puts ''
+		io.seek 0
+
+		io.read.tap {|text|
+			$stderr.puts text
+
+			File.open(@logs_at, 'a') { |f| f.print text }
+		}
+	end
+
+	def start
+		return if started?
+
+		@started = true
+
+		@interfaces.each_value {|interface|
+			interface.start
+		}
+
+		File.umask(0).tap {|old|
+			begin
+				@signature = EM.start_server(@controller_at, Controller)
+			ensure
+				File.umask(old)
+			end
+		}
+	end
+
+	def stop
+		return unless started?
+
+		@interfaces.each_value {|interface|
+			interface.stop
+		}
+
+		if @signature
+			EM.stop_server @signature
+		end
+
+		@started = false
+	end
+
+	def table
+		@table || reload_table!
+	end
+
+	def reload_table!
+		@table = Table.new
+	end
+
+	def route
+		Route.new
+	end
+
+	def load (path = nil, &block)
+		if path
+			instance_eval File.read(File.expand_path(path)), path, 1
+		else
+			instance_exec &block
+		end
+
+		self
+	end
+
+	def connected (controller)
+		@connections << controller
+	end
+
+	def disconnected (controller)
+		@connections.delete(controller)
+	end
+
+	def broadcast (*args)
+		@connections.each {|conn|
+			conn.send_response(*args)
+		}
+	end
+
+	def command (*args, &block)
+		if block
+			command = args.first.to_sym
+
+			@commands[command] = block
+		else
+			controller = args.shift
+			command    = args.shift
+
+			controller.instance_exec *args, &@commands[command.to_sym]
+		end
+	rescue Exception => e
+		log e, "command: #{command}"
+	end
+
+	def interface (name, &block)
+		unless @interfaces.member? name
+			@interfaces[name] = Interface.new(name)
+
+			@any.each {|block|
+				@interfaces[name].load(&block)
+			}
+
+			EM.schedule {
+				@interfaces[name].start if started?
+			}
+		end
+
+		@interfaces[name].load(&block) if block
+		@interfaces[name]
+	end
+
+	def any (&block)
+		@interfaces.each_value {|interface|
+			interface.load(&block)
+		}
+
+		@any << block
+	end
+end

data/lib/arpoon/client.rb

@@ -0,0 +1,38 @@
+#--
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#                    Version 2, December 2004
+#
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+#
+#  0. You just DO WHAT THE FUCK YOU WANT TO.
+#++
+
+require 'socket'
+require 'json'
+
+class Arpoon
+
+class Client
+	def initialize (path = '/var/run/arpoon.ctl')
+		@socket = UNIXSocket.new(File.expand_path(path))
+	end
+
+	def respond_to_missing? (*args)
+		@socket.respond_to? *args
+	end
+
+	def method_missing (*args, &block)
+		@socket.__send__ *args, &block
+	end
+
+	def send_request (name, *args)
+		self.puts [name, args].to_json
+	end
+
+	def read_response
+		JSON.parse(?[ + self.readline + ?]).first
+	end
+end
+
+end

data/lib/arpoon/controller.rb

@@ -0,0 +1,44 @@
+#--
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#                    Version 2, December 2004
+#
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+#
+#  0. You just DO WHAT THE FUCK YOU WANT TO.
+#++
+
+require 'eventmachine'
+require 'json'
+
+class Arpoon
+
+class Controller < EventMachine::Protocols::LineAndTextProtocol
+	def post_init
+		connected self
+	end
+
+	def receive_line (line)
+		command(self, *JSON.parse(line))
+	end
+
+	def method_missing (*args, &block)
+		Arpoon.__send__(*args, &block)
+	end
+
+	def send_line (line)
+		raise ArgumentError, 'the line already has a newline character' if line.include? "\n"
+
+		send_data line.dup.force_encoding('BINARY') << "\r\n"
+	end
+
+	def send_response (*arguments)
+		send_line (arguments.length == 1 ? arguments.first : arguments).to_json
+	end
+
+	def unbind
+		disconnected self
+	end
+end
+
+end

data/lib/arpoon/interface.rb

@@ -0,0 +1,108 @@
+#--
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#                    Version 2, December 2004
+#
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+#
+#  0. You just DO WHAT THE FUCK YOU WANT TO.
+#++
+
+require 'ffi/pcap'
+
+require 'arpoon/packet'
+
+class Arpoon
+
+class Interface
+	class Handler < EM::Connection
+		def initialize (interface)
+			@interface = interface
+		end
+
+		def notify_readable (*)
+			@interface.capture.dispatch {|_, packet|
+				begin
+					next unless packet = Packet.unpack(packet.body, @interface) rescue nil
+
+					@interface.fire :packet, packet
+				rescue Exception => e
+					Arpoon.log e, "interface: #{@interface.name}"
+				end
+			}
+		end
+	end
+
+	attr_reader :name, :capture
+
+	def initialize (name, &block)
+		@name   = name.to_s
+		@events = Hash.new { |h, k| h[k] = [] }
+
+		load &block if block
+	end
+
+	def method_missing (*args, &block)
+		Arpoon.__send__ *args, &block
+	end
+
+	def start
+		@capture = FFI::PCap::Live.new(device: @name.to_s, promisc: true, handler: FFI::PCap::Handler)
+		@capture.nonblocking = true
+		@capture.setfilter('arp')
+
+		@handler = EM.watch @capture.selectable_fd, Handler, self
+		@handler.notify_readable = true
+
+		self
+	end
+
+	def stop
+		@handler.detach
+
+		self
+	end
+
+	def load (path = nil, &block)
+		if path
+			instance_eval File.read(File.expand_path(path)), path, 1
+		else
+			instance_exec &block
+		end
+
+		self
+	end
+
+	def on (name = :anything, &block)
+		@events[name] << block
+	end
+
+	def fire (name, *args)
+		delete = []
+
+		@events[name].each {|block|
+			case block.call(*args)
+			when :delete then delete << block
+			when :stop   then break
+			end
+		}
+
+		@events[name] -= delete
+
+		self
+	end
+
+	def to_s
+		name
+	end
+
+	def to_sym
+		name.to_sym
+	end
+
+	def inspect
+		"#<#{self.class.name}: #{name}>"
+	end
+end
+
+end

data/lib/arpoon/packet.rb

@@ -0,0 +1,88 @@
+#--
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#                    Version 2, December 2004
+#
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+#
+#  0. You just DO WHAT THE FUCK YOU WANT TO.
+#++
+
+require 'hwaddr'
+require 'ipaddr'
+
+class Arpoon
+
+class Packet
+	Operations = {
+		1 => :request,
+		2 => :reply
+	}
+
+	def self.unpack (data, interface = nil)
+		source      = HWAddr.new(data[0, 6].unpack('C6'))
+		destination = HWAddr.new(data[6, 6].unpack('C6'))
+
+		unless data[12, 2].unpack('n').first == 0x0806
+			raise ArgumentError, 'the passed data is not an ARP packet'
+		end
+
+		unless data[16, 2].unpack('n').first == 0x0800
+			raise ArgumentError, 'the passed data is not using the IP protocol'
+		end
+
+		hw_size = data[18, 1].unpack('C').first
+		pr_size = data[19, 1].unpack('C').first
+
+		if hw_size != 6
+			raise ArgumentError, "#{hw_size} is an unsupported size"
+		end
+
+		opcode = data[20, 2].unpack('n').first
+
+		if pr_size == 4
+			sender_hw = HWAddr.new(data[22, 6].unpack('C6'))
+			sender_ip = IPAddr.new_ntoh(data[28, 4])
+
+			target_hw = HWAddr.new(data[32, 6].unpack('C6'))
+			target_ip = IPAddr.new_ntoh(data[38, 4])
+		elsif pr_size == 16
+			sender_hw = HWAddr.new(data[22, 6].unpack('C6'))
+			sender_ip = IPAddr.new_ntoh(data[28, 16])
+
+			target_hw = HWAddr.new(data[44, 6].unpack('C6'))
+			target_ip = IPAddr.new_ntoh(data[50, 16])
+		else
+			raise ArgumentError, "#{pr_size} is an unsupported protocol size"
+		end
+
+		new(interface, source, destination, Operations[opcode], sender_hw, sender_ip, target_hw, target_ip)
+	end
+
+	attr_reader :interface, :source, :destination, :sender, :target
+
+	def initialize (interface = nil, source, destination, operation, sender_hw, sender_ip, target_hw, target_ip)
+		@interface   = interface
+		@source      = source
+		@destination = destination
+
+		@operation = operation.downcase
+
+		@sender = Struct.new(:mac, :ip).new(sender_hw, sender_ip)
+		@target = Struct.new(:mac, :ip).new(target_hw, target_ip)
+	end
+
+	def request?
+		@operation == :request
+	end
+
+	def reply?
+		@operation == :reply
+	end
+
+	def to_sym
+		@operation
+	end
+end
+
+end

data/lib/arpoon/route.rb

@@ -0,0 +1,125 @@
+#--
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#                    Version 2, December 2004
+#
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+#
+#  0. You just DO WHAT THE FUCK YOU WANT TO.
+#++
+
+require 'ipaddr'
+require 'bitmap'
+
+class Arpoon
+
+class Route
+	Flags = Bitmap.new(
+		up:      0x0001,
+		gateway: 0x0002,
+
+		host:         0x0004,
+		reinstate:    0x0008,
+		dynamic:      0x0010,
+		modified:     0x0020,
+		mtu:          0x0040,
+		window:       0x0080,
+		irtt:         0x0100,
+		reject:       0x0200,
+		static:       0x0400,
+		xresolve:     0x0800,
+		no_forward:   0x1000,
+		throw:        0x2000,
+		no_pmt_udisc: 0x4000,
+
+		default:     0x00010000,
+		all_on_link: 0x00020000,
+		addrconf:    0x00040000,
+
+		linkrt:      0x00100000,
+		no_next_hop: 0x00200000,
+
+		cache:  0x01000000,
+		flow:   0x02000000,
+		policy: 0x0400000
+	)
+
+	class Entry < Struct.new(:device, :destination, :gateway, :flags, :ref_count, :use, :metric, :mask, :mtu, :window, :irrt)
+		def destination
+			IPAddr.new_ntoh([super.to_i(16)].pack('N').reverse)
+		end
+
+		def gateway
+			IPAddr.new_ntoh([super.to_i(16)].pack('N').reverse)
+		end
+
+		def flags
+			Flags[super.to_i(16)]
+		end
+
+		Flags.fields.each {|name|
+			define_method "#{name}?" do
+				flags.has? name
+			end
+		}
+
+		def ref_count
+			super.to_i
+		end
+
+		def use?
+			super != '0'
+		end
+
+		def metric?
+			super != '0'
+		end
+
+		def mtu
+			super.to_i
+		end
+
+		def window
+			super.to_i
+		end
+
+		def irrt
+			super.to_i
+		end
+
+		def default_gateway?
+		end
+	end
+
+	include Enumerable
+
+	def initialize
+		@entries = []
+
+		File.open('/proc/net/route', 'r').each_line {|line|
+			next if line.start_with? 'Iface'
+
+			@entries << Entry.new(*line.split(/\s+/))
+		}
+	end
+
+	def each (device = nil)
+		return enum_for :each, device unless block_given?
+
+		@entries.each {|entry|
+			yield entry if !device || device.to_s == entry.device
+		}
+
+		self
+	end
+
+	def gateway_for (device)
+		each(device) {|entry|
+			return entry.gateway if entry.gateway?
+		}
+
+		nil
+	end
+end
+
+end

data/lib/arpoon/table.rb

@@ -0,0 +1,100 @@
+#--
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#                    Version 2, December 2004
+#
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+#
+#  0. You just DO WHAT THE FUCK YOU WANT TO.
+#++
+
+require 'ipaddr'
+require 'hwaddr'
+require 'bitmap'
+
+class Arpoon
+
+class Table
+	Types = {
+		0  => :netrom,
+		1  => :ether,
+		2  => :eether,
+		3  => :ax25,
+		4  => :pronet,
+		5  => :chaos,
+		6  => :ieee802,
+		7  => :arcnet,
+		8  => :appletlk,
+		15 => :dlci,
+		19 => :atm,
+		23 => :metricom,
+		24 => :ieee1394,
+		27 => :eui64,
+		32 => :infiniband
+	}
+
+	Flags = Bitmap.new(
+		completed: 0x02,
+		permanent: 0x04,
+		publish:   0x08,
+
+		has_requested_trailers: 0x10,
+		wants_netmask:          0x20,
+
+		dont_publish: 0x40
+	)
+
+	class Entry < Struct.new(:ip, :type, :flags, :mac, :mask, :device)
+		def ip
+			IPAddr.new(super)
+		end
+
+		def mac
+			HWAddr.new(super)
+		end
+
+		def type
+			Types[super.to_i(16)]
+		end
+
+		def flags
+			Flags[super.to_i(16)]
+		end
+
+		Flags.fields.each {|name|
+			define_method "#{name}?" do
+				flags.has? name
+			end
+		}
+	end
+
+	include Enumerable
+
+	def initialize
+		@entries = []
+
+		File.open('/proc/net/arp', 'r').each_line {|line|
+			next if line.start_with? 'IP address'
+
+			@entries << Entry.new(*line.split(/\s+/))
+		}
+	end
+
+	def each (device = nil)
+		return enum_for :each, device unless block_given?
+
+		@entries.each {|entry|
+			yield entry if !device || device.to_s == entry.device
+		}
+
+		self
+	end
+
+	def [] (what)
+		find {|entry|
+			what == entry.ip || what == entry.mac
+		}
+	end
+end
+
+end

data/lib/arpoon/version.rb

@@ -0,0 +1,15 @@
+#--
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#                    Version 2, December 2004
+#
+#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+#   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+#
+#  0. You just DO WHAT THE FUCK YOU WANT TO.
+#++
+
+class Arpoon
+	def self.version
+		'0.0.1'
+	end
+end

metadata

@@ -0,0 +1,104 @@
+--- !ruby/object:Gem::Specification
+name: arpoon
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- meh.
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-07-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bitmap
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: hwaddr
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: ffi-pcap
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.2.1
+description: 
+email: meh@paranoici.org
+executables:
+- arpoon
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- arpoon.gemspec
+- bin/arpoon
+- lib/arpoon.rb
+- lib/arpoon/client.rb
+- lib/arpoon/controller.rb
+- lib/arpoon/interface.rb
+- lib/arpoon/packet.rb
+- lib/arpoon/route.rb
+- lib/arpoon/table.rb
+- lib/arpoon/version.rb
+homepage: http://github.com/meh/arpoon
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: ARP changes reporting daemon, can be used to protect against spoofing.
+test_files: []