Context Navigation

traceanon.1 @ d6dc0f6

4.0.1-hotfixescachetimestampsdevelopdpdk-ndagetsilivegetfragoffhelplibtrace4ndag_formatpfringrc-4.0.1rc-4.0.2rc-4.0.3rc-4.0.4ringdecrementfixringperformanceringtimestampfixes

Last change on this file since d6dc0f6 was d6dc0f6, checked in by Shane Alcock <salcock@…>, 10 years ago
Updated traceends and tracetopends manpages to be about them instead of tracesplit Updated all other manpages to include new tools in their "See also" lists Changed -a argument for traceends to -A to be consistent with tracetopends
Property mode set to `100644`
File size: 2.9 KB

Line
1	.TH TRACEANON "1" "October 2005" "traceanon (libtrace)" "User Commands"
2	.SH NAME
3	traceanon \- anonymise ip addresses of traces
4	.SH SYNOPSIS
5	.B traceanon
6	[ \-s \| \-\^\-encrypt-source ]
7	[ \-d \| \-\^\-encrypt-dest ]
8	[ \-p prefix \| \-\^\-prefix=prefix ]
9	[ \-c key \| \-\^\-cryptopan=key ]
10	[ \-f key-file \| \-\^\-keyfile=file ]
11	[ \-z level \| \-\^\-compress-level=level ]
12	[ \-Z method \| \-\^\-compress-type=method ]
13	sourceuri
14	desturi
15	.SH DESCRPTION
16	traceanon anonymises a trace by replacing IP addresses found in the IP header,
17	and any embedded packets inside an ICMP packet. It also fixes the checksums
18	inside TCP and UDP headers.
19
20	Two anonymisation schemes are supported, the first replaces a prefix with
21	another prefix. This can be used for instance to replace a /16 with the
22	equivilent prefix from RFC1918. The other scheme is cryptopan which is a
23	prefix preserving encryption scheme based on AES.
24	.TP
25	.PD 0
26	.BI \-s
27	.TP
28	.PD
29	.BI \-\^\-encrypt-source
30	encrypt only source ip addresses.
31
32	.TP
33	.PD 0
34	.BI \-d
35	.TP
36	.PD
37	.BI \-\^\-encrypt-dest
38	encrypt only destination ip addresses.
39
40	.TP
41	.PD 0
42	.BI \-p
43	.TP
44	.PD
45	.BI \-\^\-prefix=prefix
46	substitute the high bits of the IP addresses with the provided prefix.
47
48	.TP
49	.PD 0
50	.BI \-c
51	.TP
52	.PD
53	.BI \-\^\-cryptopan=key
54	encrypt the IP addresses using the prefix-preserving cryptopan method using
55	the key "key". The key can be up to 32 bytes long, and will be padded with
56	NULL characters.
57
58
59	.TP
60	.PD 0
61	.BI \-f
62	.TP
63	.PD
64	.BI \-\^\-keyfile=file
65	encrypt the IP addresses using the prefix-preserving cryptopan method using
66	the key specified in the file "file". The key must be 32 bytes
67	long. A suitable method of generating a key is by using the command dd to read
68	from /dev/urandom.
69
70
71	.TP
72	.PD 0
73	.BI \-z
74	.TP
75	.PD
76	.BI \-\^\-compress-level=level
77	compress the output trace using a compression level of "level". Compression
78	level can range from 0 (no compression) through to 9. Higher compression levels
79	require more CPU to compress data. Defaults to no compression.
80
81	.TP
82	.PD 0
83	.BI \-Z
84	.TP
85	.PD
86	.BI \-\^\-compress-type=method
87	compress the output trace using the compression algorithm "method". Possible
88	algorithms are "gzip", "bzip2", "lzo" and "none". Default is "none".
89
90	.SH EXAMPLES
91	.nf
92	traceanon \-\^\-cryptopan="fish go moo, oh yes they do" \\
93	\-\^\-encrypt-source \\
94	\-\^\-encrypt-dest \\
95	\-\^\-compress-level=1 \\
96	\-\^\-compress-type=gzip \\
97	erf:/traces/unenc.gz \\
98	erf:/traces/enc.gz \\
99	.fi
100
101	.SH BUGS
102	This software should support encrypting based on the direction/interface flag.
103
104	IP addresses inside ARP's are not encrypted.
105
106	.SH LINKS
107	More details about traceanon (and libtrace) can be found at
108	http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation
109
110	.SH SEE ALSO
111	libtrace(3), tracemerge(1), tracefilter(1), traceconvert(1), tracestats(1),
112	tracesummary(1), tracertstats(1), tracesplit(1), tracesplit_dir(1),
113	tracereport(1), tracepktdump(1), tracediff(1), tracereplay(1),
114	traceends(1), tracetopends(1)
115
116	.SH AUTHORS
117	Perry Lorier <perry@cs.waikato.ac.nz>

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format