diff --git a/CHANGELOG b/CHANGELOG
index 3bf300085..ecd5e429a 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -17,6 +17,11 @@ o Fixed a bunch of code to avoid compilation warning messages (at
 o Added a new --min-rate option that allows specifying a minimum rate
   at which to send packets.
 
+o Fixed the NmapArpCache so that it actually works. Previously, Nmap
+  was always falling back to the system ARP cache. Of course this
+  raises the question of whether NmapArpCache is needed in the first
+  place. [Daniel Roethlisberger]
+
 o Reformat Nmap COPYING file (e.g. remove C comment markers, reduce
   line length) during Nmap windows build so that it looks much better
   when presented by the Windows executable (NSIS) installer.  Thanks
diff --git a/tcpip.cc b/tcpip.cc
index 10fe6fabe..a6779ee10 100644
--- a/tcpip.cc
+++ b/tcpip.cc
@@ -2153,9 +2153,9 @@ static bool NmapArpCache(int command, struct sockaddr_storage *ss, u8 *mac) {
   if (ArpCacheSz == ArpCapacity) {
     if (ArpCapacity == 0) ArpCapacity = 32;
     else ArpCapacity <<= 2;
+    Cache = (struct ArpCache *) safe_realloc(Cache,
+				ArpCapacity * sizeof(struct ArpCache));
   }
-  Cache = (struct ArpCache *) safe_realloc(Cache, 
-					   ArpCapacity * sizeof(struct ArpCache));
 
   /* Ensure that it isn't already there ... */
   for(i=0; i < ArpCacheSz; i++) {
@@ -2168,6 +2168,7 @@ static bool NmapArpCache(int command, struct sockaddr_storage *ss, u8 *mac) {
   /* Add it to the end of the list */
   Cache[i].ip = sin->sin_addr.s_addr;
   memcpy(Cache[i].mac, mac, 6);
+  ArpCacheSz++;
   return true;
 }