From: Matthieu Herrb <matthieu@openbsd.org>
Subject: Re: [new] net/neighbot 0.3.0
To: Renaud Allard <renaud@allard.it>
Cc: ports <ports@openbsd.org>
Date: Tue, 24 Feb 2026 10:54:53 +0100

On Tue, Feb 24, 2026 at 09:00:27AM +0100, Renaud Allard wrote:
> Hello,
> 
> Here is a new port for neighbot.
> 
> This is a network neighbor monitoring daemon.
> 
> It acts about the same as arpwatch but has some key differences:
> - Support for IPv6 via NDP
> - Active probing — distinguishes "device moved" from "device has multiple
> IPs" by probing old addresses
> - Multi-interface in one process
> - Bogon detection which can flag IPs outside local subnets
> - Uses pledge and unveil after dropping privileges
> 
> It needs its own user in /usr/ports/infrastructure/db/user.list:
> 904 _neighbot            _neighbot       net/neighbot
> 
> The OUI file is deliberately fetched at make time because it could change
> and build would break because of a change with older distinfo. But if you
> have another idea, I am open.

Hi,

I've been looking for something able to handle IPv6 in a clever way.
neighbot may not be the one. It reports 'bogon's for all link-local
addresses, including the one of the host running neighbot...

          hostname: <unknown> 
        ip address: fe80::7490:5ff:fexx:xxxx (redacted) 
  ethernet address: 76:90:05:xx:xx:xx (redacted)
   ethernet vendor: <unknown> 
         interface: vlan4 
         timestamp: Tuesday, February 24, 2026 10:45:44 +0100 

Otherwise, it looks ok to me port wise. 
-- 
Matthieu Herrb