doesn't report / do anything

[arch-user-france1]

192.168.0.1 (192.168.0.1) -- kein Eintrag
............................................................................................................................................
..............................................................................................................................................
^C

--- why?

[Enixes]

Are you sure that the attack was triggered and it was an ARP spoof?
Although, this script is old and not actively maintained but it should still detect an ARP spoof attempt on the node where its running

[arch-user-france1]

1. Yes it was running you can see the output
2. It was an $(arpspoof) on a rasperry pi that worked very well
3. Isn't it possible to set a fake mac-address and do a man-in-the-middle? Is this also detected by the script

[Enixes]

Well, this script essentially tracks the gateway to which your node is connected to and if it detects any changes then it reports the new gateway name and its MAC address. So the attack wasn't successful which can be due to many things, most common being Packet forwarding disabled on your attack node.
You can turn it on using this:

sysctl -w net.ipv4.ip_forward=1

In case if this also doesn't work then that just means the gateway on your victim node is not changing which can be due to numerous reasons like packet filtering, firewall etc

Spoofing is a type of Man in the middle so yes this script detects that and you can change the mac address using MacChanger command

[arch-user-france1]

I think this is trash because it didn't report anything but As I said I checked that is works using the arp -a command
The arp -a command reported a mac twice so I assume the attack was successful

[arch-user-france1]

I checked the script shortly
Do you use arp _gateway to get the mac?

[Enixes]

Yes