source: tools/traceanon/traceanon.1

cachetimestampsdeveloprc-4.0.4ringdecrementfixringperformance
Last change on this file was 264f286c, checked in by Shane Alcock <salcock@…>, 3 years ago

Fix compression method option errors in other tool manpages

  • Property mode set to 100644
File size: 3.7 KB
Line 
1.TH TRACEANON "1" "October 2005" "traceanon (libtrace)" "User Commands"
2.SH NAME
3traceanon \- anonymise ip addresses of traces
4.SH SYNOPSIS
5.B traceanon
6[ \-s | \-\^\-encrypt-source ]
7[ \-d | \-\^\-encrypt-dest ]
8[ \-p prefix | \-\^\-prefix=prefix ]
9[ \-c key | \-\^\-cryptopan=key ]
10[ \-F key-file | \-\^\-keyfile=file ]
11[ \-f expr | \-\^\-filter=expr ]
12[ \-z level | \-\^\-compress-level=level ]
13[ \-Z method | \-\^\-compress-type=method ]
14[ \-t threadcount | \-\^\-threads=threadcount ]
15
16sourceuri
17desturi
18.SH DESCRPTION
19traceanon anonymises a trace by replacing IP addresses found in the IP header,
20and any embedded packets inside an ICMP packet.  It also replaces the checksums
21inside TCP, UDP and ICMPv6 headers with zeroes.
22
23Two anonymisation schemes are supported, the first replaces a prefix with
24another prefix.  This can be used for instance to replace a /16 with the
25equivilent prefix from RFC1918.  The other scheme is cryptopan which is a
26prefix preserving encryption scheme based on AES (traceanon must be built
27with libcrypto support to be able to use the cryptopan scheme).
28.TP
29.PD 0
30.BI \-s
31.TP
32.PD
33.BI \-\^\-encrypt-source
34encrypt only source ip addresses.
35
36.TP
37.PD 0
38.BI \-d
39.TP
40.PD
41.BI \-\^\-encrypt-dest
42encrypt only destination ip addresses.
43
44.TP
45.PD 0
46.BI \-p
47.TP
48.PD
49.BI \-\^\-prefix=prefix
50substitute the high bits of the IP addresses with the provided IPv4 prefix.
51This method will only anonymise IPv4 addresses; IPv6 packets will be untouched.
52
53.TP
54.PD 0
55.BI \-c
56.TP
57.PD
58.BI \-\^\-cryptopan=key
59encrypt the IP addresses using the prefix-preserving cryptopan method using
60the key "key".  The key can be up to 32 bytes long, and will be padded with
61NULL characters.
62
63
64.TP
65.PD 0
66.BI \-F
67.TP
68.PD
69.BI \-\^\-keyfile=file
70encrypt the IP addresses using the prefix-preserving cryptopan method using
71the key specified in the file "file".  The key must be 32 bytes
72long. A suitable method of generating a key is by using the command dd to read
73from /dev/urandom.
74
75.TP
76.PD 0
77.BI \-f
78.TP
79.PD
80.BI \-\^\-filter=expr
81Discard all packets that do not match the BPF expression specified in 'expr'.
82Filtering is applied *before* any anonymisation occurs, so IP address filters
83will attempt to match against the original unencrypted addresses.
84
85
86.TP
87.PD 0
88.BI \-z
89.TP
90.PD
91.BI \-\^\-compress-level=level
92compress the output trace using a compression level of "level". Compression
93level can range from 0 (no compression) through to 9. Higher compression levels
94require more CPU to compress data. Defaults to no compression.
95
96.TP
97.PD 0
98.BI \-Z
99.TP
100.PD
101.BI \-\^\-compress-type=method
102compress the output trace using the compression algorithm "method". Possible
103algorithms are "gz", "bz", "lzo", "xz" and "no". Default is "no".
104
105.TP
106.PD 0
107.BI \-t
108.TP
109.PD
110.BI \-\^\-threads=threadcount
111use the specified number of threads to anonymise packets. The default number
112of threads is 4.
113
114.SH EXAMPLES
115.nf
116traceanon \-\^\-cryptopan="fish go moo, oh yes they do" \\
117        \-\^\-encrypt-source \\
118        \-\^\-encrypt-dest \\
119        \-\^\-compress-level=1 \\
120        \-\^\-compress-type=gzip \\
121        erf:/traces/unenc.gz \\
122        erf:/traces/enc.gz \\
123.fi
124
125.SH BUGS
126This software should support encrypting based on the direction/interface flag.
127
128IP addresses inside ARP's are not encrypted.
129
130.SH LINKS
131More details about traceanon (and libtrace) can be found at
132http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation
133
134.SH SEE ALSO
135libtrace(3), tracemerge(1), tracefilter(1), traceconvert(1), tracestats(1),
136tracesummary(1), tracertstats(1), tracesplit(1), tracesplit_dir(1),
137tracereport(1), tracepktdump(1), tracediff(1), tracereplay(1),
138traceends(1), tracetopends(1)
139
140.SH AUTHORS
141Perry Lorier <perry@cs.waikato.ac.nz>
142Shane Alcock <salcock@waikato.ac.nz>
143Richard Sanger <rjs51@students.waikato.ac.nz>
Note: See TracBrowser for help on using the repository browser.