Thursday, May 27, 2010

How to delete all ARP entries on SPLAT / Secureplatform?


We stumbled over this one yesterday: some servers behind a gateway had a problem with ARP resolution and we wanted to make sure that ARP worked. To verify this we tried to delete all ARP entries and see if the ARP cache was filled up again (and correctly).
While Windows has arp -d * as a working command to delete all entries at once, under Linux and therefor SPLAT you have to try something different.
This little script will do the job for you:
#!/bin/bash
for arpentries in `awk -F ' ' '
{ if ( $1 ~ /[0-9{1,3}].[0-9{1,3}].[0-9{1,3}].[0-9{1,3}]/ )
print $1 }' /proc/net/arp`
do
arp -d $arpentries
done

No comments: