source: tools/traceanon/traceanon.1 @ 4a5678c

4.0.1-hotfixescachetimestampsdevelopdpdk-ndagetsilivelibtrace4ndag_formatpfringrc-4.0.1rc-4.0.2rc-4.0.3rc-4.0.4ringdecrementfixringperformanceringtimestampfixes
Last change on this file since 4a5678c was 4a5678c, checked in by Shane Alcock <salcock@…>, 6 years ago

Fixed a couple of annoying things about traceanon

Added a -f option to filter packets received from the input source.
Unfortunately, we already had an option using '-f' so I have changed that
option to use -F so that all of our tools can be consistent. Apologies in
advance to anyone whose scripts break because of this change.

traceanon will now handle keyboard interrupts nicely when reading from a live
source -- any buffered output will now be written nicely to disk rather than
being lost forever.

Updated manpage for traceanon to match new options.

  • Property mode set to 100644
File size: 3.1 KB
Line 
1.TH TRACEANON "1" "October 2005" "traceanon (libtrace)" "User Commands"
2.SH NAME
3traceanon \- anonymise ip addresses of traces
4.SH SYNOPSIS
5.B traceanon
6[ \-s | \-\^\-encrypt-source ]
7[ \-d | \-\^\-encrypt-dest ]
8[ \-p prefix | \-\^\-prefix=prefix ]
9[ \-c key | \-\^\-cryptopan=key ]
10[ \-F key-file | \-\^\-keyfile=file ]
11[ \-f expr | \-\^\-filter=expr ]
12[ \-z level | \-\^\-compress-level=level ]
13[ \-Z method | \-\^\-compress-type=method ]
14sourceuri
15desturi
16.SH DESCRPTION
17traceanon anonymises a trace by replacing IP addresses found in the IP header,
18and any embedded packets inside an ICMP packet.  It also fixes the checksums
19inside TCP and UDP headers.
20
21Two anonymisation schemes are supported, the first replaces a prefix with
22another prefix.  This can be used for instance to replace a /16 with the
23equivilent prefix from RFC1918.  The other scheme is cryptopan which is a
24prefix preserving encryption scheme based on AES.
25.TP
26.PD 0
27.BI \-s
28.TP
29.PD
30.BI \-\^\-encrypt-source
31encrypt only source ip addresses.
32
33.TP
34.PD 0
35.BI \-d
36.TP
37.PD
38.BI \-\^\-encrypt-dest
39encrypt only destination ip addresses.
40
41.TP
42.PD 0
43.BI \-p
44.TP
45.PD
46.BI \-\^\-prefix=prefix
47substitute the high bits of the IP addresses with the provided prefix.
48
49.TP
50.PD 0
51.BI \-c
52.TP
53.PD
54.BI \-\^\-cryptopan=key
55encrypt the IP addresses using the prefix-preserving cryptopan method using
56the key "key".  The key can be up to 32 bytes long, and will be padded with
57NULL characters.
58
59
60.TP
61.PD 0
62.BI \-F
63.TP
64.PD
65.BI \-\^\-keyfile=file
66encrypt the IP addresses using the prefix-preserving cryptopan method using
67the key specified in the file "file".  The key must be 32 bytes
68long. A suitable method of generating a key is by using the command dd to read
69from /dev/urandom.
70
71.TP
72.PD 0
73.BI \-f
74.TP
75.PD
76.BI \-\^\-filter=expr
77Discard all packets that do not match the BPF expression specified in 'expr'.
78
79
80.TP
81.PD 0
82.BI \-z
83.TP
84.PD
85.BI \-\^\-compress-level=level
86compress the output trace using a compression level of "level". Compression
87level can range from 0 (no compression) through to 9. Higher compression levels
88require more CPU to compress data. Defaults to no compression.
89
90.TP
91.PD 0
92.BI \-Z
93.TP
94.PD
95.BI \-\^\-compress-type=method
96compress the output trace using the compression algorithm "method". Possible
97algorithms are "gzip", "bzip2", "lzo", "xz" and "none". Default is "none".
98
99.SH EXAMPLES
100.nf
101traceanon \-\^\-cryptopan="fish go moo, oh yes they do" \\
102        \-\^\-encrypt-source \\
103        \-\^\-encrypt-dest \\
104        \-\^\-compress-level=1 \\
105        \-\^\-compress-type=gzip \\
106        erf:/traces/unenc.gz \\
107        erf:/traces/enc.gz \\
108.fi
109
110.SH BUGS
111This software should support encrypting based on the direction/interface flag.
112
113IP addresses inside ARP's are not encrypted.
114
115.SH LINKS
116More details about traceanon (and libtrace) can be found at
117http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation
118
119.SH SEE ALSO
120libtrace(3), tracemerge(1), tracefilter(1), traceconvert(1), tracestats(1),
121tracesummary(1), tracertstats(1), tracesplit(1), tracesplit_dir(1),
122tracereport(1), tracepktdump(1), tracediff(1), tracereplay(1),
123traceends(1), tracetopends(1)
124
125.SH AUTHORS
126Perry Lorier <perry@cs.waikato.ac.nz>
Note: See TracBrowser for help on using the repository browser.