source: tools/traceanon/traceanon.1 @ aafdc55

4.0.1-hotfixescachetimestampsdevelopdpdk-ndagetsilivelibtrace4ndag_formatpfringrc-4.0.1rc-4.0.2rc-4.0.3rc-4.0.4ringdecrementfixringperformanceringtimestampfixes
Last change on this file since aafdc55 was 8b12caf, checked in by Shane Alcock <salcock@…>, 6 years ago

Clarify that filtering happens before anonymisation

Thanks to Perry for suggesting this.

  • Property mode set to 100644
File size: 3.2 KB
Line 
1.TH TRACEANON "1" "October 2005" "traceanon (libtrace)" "User Commands"
2.SH NAME
3traceanon \- anonymise ip addresses of traces
4.SH SYNOPSIS
5.B traceanon
6[ \-s | \-\^\-encrypt-source ]
7[ \-d | \-\^\-encrypt-dest ]
8[ \-p prefix | \-\^\-prefix=prefix ]
9[ \-c key | \-\^\-cryptopan=key ]
10[ \-F key-file | \-\^\-keyfile=file ]
11[ \-f expr | \-\^\-filter=expr ]
12[ \-z level | \-\^\-compress-level=level ]
13[ \-Z method | \-\^\-compress-type=method ]
14sourceuri
15desturi
16.SH DESCRPTION
17traceanon anonymises a trace by replacing IP addresses found in the IP header,
18and any embedded packets inside an ICMP packet.  It also fixes the checksums
19inside TCP and UDP headers.
20
21Two anonymisation schemes are supported, the first replaces a prefix with
22another prefix.  This can be used for instance to replace a /16 with the
23equivilent prefix from RFC1918.  The other scheme is cryptopan which is a
24prefix preserving encryption scheme based on AES.
25.TP
26.PD 0
27.BI \-s
28.TP
29.PD
30.BI \-\^\-encrypt-source
31encrypt only source ip addresses.
32
33.TP
34.PD 0
35.BI \-d
36.TP
37.PD
38.BI \-\^\-encrypt-dest
39encrypt only destination ip addresses.
40
41.TP
42.PD 0
43.BI \-p
44.TP
45.PD
46.BI \-\^\-prefix=prefix
47substitute the high bits of the IP addresses with the provided prefix.
48
49.TP
50.PD 0
51.BI \-c
52.TP
53.PD
54.BI \-\^\-cryptopan=key
55encrypt the IP addresses using the prefix-preserving cryptopan method using
56the key "key".  The key can be up to 32 bytes long, and will be padded with
57NULL characters.
58
59
60.TP
61.PD 0
62.BI \-F
63.TP
64.PD
65.BI \-\^\-keyfile=file
66encrypt the IP addresses using the prefix-preserving cryptopan method using
67the key specified in the file "file".  The key must be 32 bytes
68long. A suitable method of generating a key is by using the command dd to read
69from /dev/urandom.
70
71.TP
72.PD 0
73.BI \-f
74.TP
75.PD
76.BI \-\^\-filter=expr
77Discard all packets that do not match the BPF expression specified in 'expr'.
78Filtering is applied *before* any anonymisation occurs, so IP address filters
79will attempt to match against the original unencrypted addresses.
80
81
82.TP
83.PD 0
84.BI \-z
85.TP
86.PD
87.BI \-\^\-compress-level=level
88compress the output trace using a compression level of "level". Compression
89level can range from 0 (no compression) through to 9. Higher compression levels
90require more CPU to compress data. Defaults to no compression.
91
92.TP
93.PD 0
94.BI \-Z
95.TP
96.PD
97.BI \-\^\-compress-type=method
98compress the output trace using the compression algorithm "method". Possible
99algorithms are "gzip", "bzip2", "lzo", "xz" and "none". Default is "none".
100
101.SH EXAMPLES
102.nf
103traceanon \-\^\-cryptopan="fish go moo, oh yes they do" \\
104        \-\^\-encrypt-source \\
105        \-\^\-encrypt-dest \\
106        \-\^\-compress-level=1 \\
107        \-\^\-compress-type=gzip \\
108        erf:/traces/unenc.gz \\
109        erf:/traces/enc.gz \\
110.fi
111
112.SH BUGS
113This software should support encrypting based on the direction/interface flag.
114
115IP addresses inside ARP's are not encrypted.
116
117.SH LINKS
118More details about traceanon (and libtrace) can be found at
119http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation
120
121.SH SEE ALSO
122libtrace(3), tracemerge(1), tracefilter(1), traceconvert(1), tracestats(1),
123tracesummary(1), tracertstats(1), tracesplit(1), tracesplit_dir(1),
124tracereport(1), tracepktdump(1), tracediff(1), tracereplay(1),
125traceends(1), tracetopends(1)
126
127.SH AUTHORS
128Perry Lorier <perry@cs.waikato.ac.nz>
Note: See TracBrowser for help on using the repository browser.