diff --git a/src/out-binary.c b/src/out-binary.c
index 1054ae49..0eaf4362 100644
--- a/src/out-binary.c
+++ b/src/out-binary.c
@@ -52,7 +52,7 @@ binary_out_close(struct Output *out, FILE *fp)
  ****************************************************************************/
 static void
 binary_out_status(struct Output *out, FILE *fp, time_t timestamp,
-    int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl)
+    int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl, const unsigned char mac[6])
 {
     unsigned char foo[256];
     size_t bytes_written;
diff --git a/src/out-certs.c b/src/out-certs.c
index 81fd290d..2c0f34d3 100644
--- a/src/out-certs.c
+++ b/src/out-certs.c
@@ -28,7 +28,7 @@ cert_out_close(struct Output *out, FILE *fp)
  ******************************************************************************/
 static void
 cert_out_status(struct Output *out, FILE *fp, time_t timestamp, int status,
-                unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl)
+                unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl, const unsigned char mac[6])
 {
     /* certificates only come with banner info, so there is no port info
      * to report */
diff --git a/src/out-grepable.c b/src/out-grepable.c
index 4f9092cc..d1f069b4 100644
--- a/src/out-grepable.c
+++ b/src/out-grepable.c
@@ -128,7 +128,7 @@ grepable_out_close(struct Output *out, FILE *fp)
  ****************************************************************************/
 static void
 grepable_out_status(struct Output *out, FILE *fp, time_t timestamp,
-    int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl)
+    int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl, const unsigned char mac[6])
 {
     UNUSEDPARM(timestamp);
     UNUSEDPARM(out);
diff --git a/src/out-json.c b/src/out-json.c
index 5fc2278f..53727264 100644
--- a/src/out-json.c
+++ b/src/out-json.c
@@ -29,7 +29,7 @@ json_out_close(struct Output *out, FILE *fp)
  ****************************************************************************/
 static void
 json_out_status(struct Output *out, FILE *fp, time_t timestamp, int status,
-               unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl)
+               unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl, const unsigned char mac[6])
 {
     char reason_buffer[128];
     UNUSEDPARM(out);
diff --git a/src/out-null.c b/src/out-null.c
index 515aa9e3..1fdb126c 100644
--- a/src/out-null.c
+++ b/src/out-null.c
@@ -31,7 +31,7 @@ null_out_close(struct Output *out, FILE *fp)
  ****************************************************************************/
 static void
 null_out_status(struct Output *out, FILE *fp, time_t timestamp,
-    int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl)
+    int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl, const unsigned char mac[6])
 {
     UNUSEDPARM(timestamp);
     UNUSEDPARM(out);
diff --git a/src/out-redis.c b/src/out-redis.c
index 71def802..742326ff 100644
--- a/src/out-redis.c
+++ b/src/out-redis.c
@@ -196,7 +196,7 @@ redis_out_close(struct Output *out, FILE *fp)
  ****************************************************************************/
 static void
 redis_out_status(struct Output *out, FILE *fp, time_t timestamp,
-    int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl)
+    int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl, const unsigned char mac[6])
 {
     ptrdiff_t fd = (ptrdiff_t)fp;
     char line[1024];
diff --git a/src/out-text.c b/src/out-text.c
index b13a6e9e..17a23080 100644
--- a/src/out-text.c
+++ b/src/out-text.c
@@ -28,7 +28,7 @@ text_out_close(struct Output *out, FILE *fp)
  ****************************************************************************/
 static void
 text_out_status(struct Output *out, FILE *fp, time_t timestamp,
-    int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl)
+    int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl, const unsigned char mac[6])
 {
     UNUSEDPARM(ttl);
     UNUSEDPARM(reason);
diff --git a/src/out-unicornscan.c b/src/out-unicornscan.c
index 6d97dac7..930f5344 100644
--- a/src/out-unicornscan.c
+++ b/src/out-unicornscan.c
@@ -73,7 +73,7 @@ unicornscan_out_close(struct Output *out, FILE *fp)
 
 static void
 unicornscan_out_status(struct Output *out, FILE *fp, time_t timestamp,
-    int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl)
+    int status, unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl, const unsigned char mac[6])
 {
     UNUSEDPARM(reason);
     UNUSEDPARM(out);
diff --git a/src/out-xml.c b/src/out-xml.c
index d5477758..ca05a599 100644
--- a/src/out-xml.c
+++ b/src/out-xml.c
@@ -64,30 +64,58 @@ xml_out_close(struct Output *out, FILE *fp)
  ****************************************************************************/
 static void
 xml_out_status(struct Output *out, FILE *fp, time_t timestamp, int status,
-               unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl)
+               unsigned ip, unsigned ip_proto, unsigned port, unsigned reason, unsigned ttl, const unsigned char mac[6])
 {
     char reason_buffer[128];
     UNUSEDPARM(out);
-    fprintf(fp, "<host endtime=\"%u\">"
-                    "<address addr=\"%u.%u.%u.%u\" addrtype=\"ipv4\"/>"
-                    "<ports>"
-                    "<port protocol=\"%s\" portid=\"%u\">"
-                    "<state state=\"%s\" reason=\"%s\" reason_ttl=\"%u\"/>"
-                    "</port>"
-                    "</ports>"
-                "</host>"
-                "\r\n",
-        (unsigned)timestamp,
-        (ip>>24)&0xFF,
-        (ip>>16)&0xFF,
-        (ip>> 8)&0xFF,
-        (ip>> 0)&0xFF,
-        name_from_ip_proto(ip_proto),
-        port,
-        status_string(status),
-        reason_string(reason, reason_buffer, sizeof(reason_buffer)),
-        ttl
-        );
+
+    switch (ip_proto) {
+    case 0:  /* ARP */
+        fprintf(fp, "<host endtime=\"%u\">"
+                        "<address addr=\"%u.%u.%u.%u\" addrtype=\"ipv4\"/>"
+                        "<ports>"
+                        "<port protocol=\"%s\" portid=\"%u\">"
+                        "<state state=\"%s\" reason=\"%s\" reason_ttl=\"%u\"/>"
+                        "</port>"
+                        "</ports>"
+                        "<mac addr=\"%02x:%02x:%02x:%02x:%02x:%02x\">"
+                    "</host>"
+                    "\r\n",
+            (unsigned)timestamp,
+            (ip>>24)&0xFF,
+            (ip>>16)&0xFF,
+            (ip>> 8)&0xFF,
+            (ip>> 0)&0xFF,
+            name_from_ip_proto(ip_proto),
+            port,
+            status_string(status),
+            reason_string(reason, reason_buffer, sizeof(reason_buffer)),
+            ttl,
+            mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]
+            );
+        break;
+    default:
+        fprintf(fp, "<host endtime=\"%u\">"
+                        "<address addr=\"%u.%u.%u.%u\" addrtype=\"ipv4\"/>"
+                        "<ports>"
+                        "<port protocol=\"%s\" portid=\"%u\">"
+                        "<state state=\"%s\" reason=\"%s\" reason_ttl=\"%u\"/>"
+                        "</port>"
+                        "</ports>"
+                    "</host>"
+                    "\r\n",
+            (unsigned)timestamp,
+            (ip>>24)&0xFF,
+            (ip>>16)&0xFF,
+            (ip>> 8)&0xFF,
+            (ip>> 0)&0xFF,
+            name_from_ip_proto(ip_proto),
+            port,
+            status_string(status),
+            reason_string(reason, reason_buffer, sizeof(reason_buffer)),
+            ttl
+            );
+    }
 }
 
 /****************************************************************************
diff --git a/src/output.c b/src/output.c
index fd4772b4..5cc8ed65 100644
--- a/src/output.c
+++ b/src/output.c
@@ -822,7 +822,7 @@ output_report_status(struct Output *out, time_t timestamp, int status,
      * Now do the actual output, whether it be XML, binary, JSON, Redis,
      * and so on.
      */
-    out->funcs->status(out, fp, timestamp, status, ip, ip_proto, port, reason, ttl);
+    out->funcs->status(out, fp, timestamp, status, ip, ip_proto, port, reason, ttl, mac);
 }
 
 
diff --git a/src/output.h b/src/output.h
index 1777c7a4..6dc3954c 100644
--- a/src/output.h
+++ b/src/output.h
@@ -29,7 +29,7 @@ struct OutputType {
     void (*status)(struct Output *out, FILE *fp,
                    time_t timestamp, int status,
                    unsigned ip, unsigned ip_proto, unsigned port, 
-                   unsigned reason, unsigned ttl);
+                   unsigned reason, unsigned ttl, const unsigned char mac[6]);
     void (*banner)(struct Output *out, FILE *fp,
                    time_t timestamp, unsigned ip, unsigned ip_proto,
                    unsigned port, enum ApplicationProtocol proto,