source: tools/traceanon/traceanon.1

cachetimestampsdeveloprc-4.0.4ringdecrementfixringperformance
Last change on this file was 264f286c, checked in by Shane Alcock <salcock@…>, 3 years ago

Fix compression method option errors in other tool manpages

  • Property mode set to 100644
File size: 3.7 KB
RevLine 
[49f147b]1.TH TRACEANON "1" "October 2005" "traceanon (libtrace)" "User Commands"
2.SH NAME
3traceanon \- anonymise ip addresses of traces
4.SH SYNOPSIS
5.B traceanon
6[ \-s | \-\^\-encrypt-source ]
7[ \-d | \-\^\-encrypt-dest ]
8[ \-p prefix | \-\^\-prefix=prefix ]
9[ \-c key | \-\^\-cryptopan=key ]
[4a5678c]10[ \-F key-file | \-\^\-keyfile=file ]
11[ \-f expr | \-\^\-filter=expr ]
[ba91618]12[ \-z level | \-\^\-compress-level=level ]
13[ \-Z method | \-\^\-compress-type=method ]
[5765044]14[ \-t threadcount | \-\^\-threads=threadcount ]
15
[3d4fb8f]16sourceuri
17desturi
[49f147b]18.SH DESCRPTION
19traceanon anonymises a trace by replacing IP addresses found in the IP header,
[5765044]20and any embedded packets inside an ICMP packet.  It also replaces the checksums
21inside TCP, UDP and ICMPv6 headers with zeroes.
[49f147b]22
23Two anonymisation schemes are supported, the first replaces a prefix with
24another prefix.  This can be used for instance to replace a /16 with the
25equivilent prefix from RFC1918.  The other scheme is cryptopan which is a
[5765044]26prefix preserving encryption scheme based on AES (traceanon must be built
27with libcrypto support to be able to use the cryptopan scheme).
[49f147b]28.TP
29.PD 0
30.BI \-s
31.TP
32.PD
33.BI \-\^\-encrypt-source
34encrypt only source ip addresses.
35
36.TP
37.PD 0
38.BI \-d
39.TP
40.PD
41.BI \-\^\-encrypt-dest
42encrypt only destination ip addresses.
43
44.TP
45.PD 0
46.BI \-p
47.TP
48.PD
49.BI \-\^\-prefix=prefix
[5765044]50substitute the high bits of the IP addresses with the provided IPv4 prefix.
51This method will only anonymise IPv4 addresses; IPv6 packets will be untouched.
[49f147b]52
53.TP
54.PD 0
55.BI \-c
56.TP
57.PD
58.BI \-\^\-cryptopan=key
59encrypt the IP addresses using the prefix-preserving cryptopan method using
60the key "key".  The key can be up to 32 bytes long, and will be padded with
[ba91618]61NULL characters.
[49f147b]62
[4c92c49]63
64.TP
65.PD 0
[4a5678c]66.BI \-F
[4c92c49]67.TP
68.PD
69.BI \-\^\-keyfile=file
70encrypt the IP addresses using the prefix-preserving cryptopan method using
71the key specified in the file "file".  The key must be 32 bytes
72long. A suitable method of generating a key is by using the command dd to read
73from /dev/urandom.
74
[4a5678c]75.TP
76.PD 0
77.BI \-f
78.TP
79.PD
80.BI \-\^\-filter=expr
81Discard all packets that do not match the BPF expression specified in 'expr'.
[8b12caf]82Filtering is applied *before* any anonymisation occurs, so IP address filters
83will attempt to match against the original unencrypted addresses.
[4a5678c]84
[4c92c49]85
[ba91618]86.TP
87.PD 0
88.BI \-z
89.TP
90.PD
91.BI \-\^\-compress-level=level
92compress the output trace using a compression level of "level". Compression
93level can range from 0 (no compression) through to 9. Higher compression levels
94require more CPU to compress data. Defaults to no compression.
95
96.TP
97.PD 0
98.BI \-Z
99.TP
100.PD
101.BI \-\^\-compress-type=method
102compress the output trace using the compression algorithm "method". Possible
[264f286c]103algorithms are "gz", "bz", "lzo", "xz" and "no". Default is "no".
[49f147b]104
[5765044]105.TP
106.PD 0
107.BI \-t
108.TP
109.PD
110.BI \-\^\-threads=threadcount
111use the specified number of threads to anonymise packets. The default number
112of threads is 4.
113
[49f147b]114.SH EXAMPLES
115.nf
116traceanon \-\^\-cryptopan="fish go moo, oh yes they do" \\
117        \-\^\-encrypt-source \\
[eb6f2ea]118        \-\^\-encrypt-dest \\
[ba91618]119        \-\^\-compress-level=1 \\
120        \-\^\-compress-type=gzip \\
[49f147b]121        erf:/traces/unenc.gz \\
122        erf:/traces/enc.gz \\
123.fi
124
125.SH BUGS
126This software should support encrypting based on the direction/interface flag.
127
[eb6f2ea]128IP addresses inside ARP's are not encrypted.
129
[634089d]130.SH LINKS
131More details about traceanon (and libtrace) can be found at
132http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation
133
[49f147b]134.SH SEE ALSO
135libtrace(3), tracemerge(1), tracefilter(1), traceconvert(1), tracestats(1),
[67825b2]136tracesummary(1), tracertstats(1), tracesplit(1), tracesplit_dir(1),
[d6dc0f6]137tracereport(1), tracepktdump(1), tracediff(1), tracereplay(1),
138traceends(1), tracetopends(1)
[49f147b]139
140.SH AUTHORS
141Perry Lorier <perry@cs.waikato.ac.nz>
[5765044]142Shane Alcock <salcock@waikato.ac.nz>
143Richard Sanger <rjs51@students.waikato.ac.nz>
Note: See TracBrowser for help on using the repository browser.