Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Contact Us
Online Help
Domain Status
Man Pages

Virtual Servers

Topology Map

Server Agreement
Year 2038

USA Flag



Man Pages

Manual Reference Pages  -  SRATOOL (1)


sratool - SIE Remote Access (SRA) tool


Environment Variables
See Also


[-VdN] [-F fields] [-E ciphers] [-S certs] [-c cfile] [commands]


Sratool connects and sends Advanced Exchange Access (AXA) protocol messages to SIE Remote Access (SRA) servers and displays the responses. It can also tunnel SIE data like sratunnel(1).

Sratool is a programming example for the Advanced Exchange Access (AXA) applications programming interface to SRA servers, the AXA protocol. It also demonstrates the use of the AXA helper library, libaxa.a.

Start using sratool with the connect command described below. Use one or more watch commands to specify interesting patterns of SIE messages or IP packets. Limit the number of packets or messages transmitted from the SRA server or displayed with the rate limit and count commands. Turn on one or more channels of messages or packets with the channel command.

Unless more output is enabled with the verbose command, most messages or packets are displayed in two lines. The first line includes the channel number on which it was received, the SIE message vendor of the message, the name of the field that caused the message to be selected, and the contents of the field. The second line is a summary of the message or packet.

When more verbose output is enabled or when sratool does not understand the message, IP packets are printed in ASCII and SIE messages are printed in the standard nmsg presentation format also seen from nmsgtool(1).


The following arguments are available:
-V displays the version of sratool and its preferred version of the AXA protocol.
-d turns on tracing and debugging reports. Additional -d turn on more messages.
-F fields
  overrides the default location of the fields file that defines relationships among and semantics among SIE message fields. The default is $AXACONF/fields, ~/.axa/fields, or /usr/local/etc/axa/fields.
-E ciphers
  specifies the TLS encryption ciphers to use with TLS connections.
-S certs
  specifies the directory containing SSL certificates and keys. If -S is not used, sratool uses the first directory among $AXACONF/certs, ~/.axa/certs, and /usr/local/etc/axa/certs.
-c cfile
  reads commands from cfile as if the first command string on the command line were "source cfile".
  are optional commands strings that are executed before sratool starts accepting commands from the use. There can be more than one string of commands Multiple commands within a string are separated by semicolons.


sratool executes commands read from the standard input. Command history is available if the standard input is a terminal. Multiple commands can be specified at once by separating them with semicolons. The following commands are available:
help [command]
  lists all commands or describes a single command.
exit ends sratool.
error mode [disconnect | off]
  disconnects from the SRA server and exits when the server reports an error or the connection breaks. In the default mode error mode off, errors are only reported.
debug [on | off | quiet | N]
  increases, decreases or shows the level of debugging and tracing messages that is also controlled by -d . Debug quiet turns off reports of successful AXA commands.
verbose [on | off | N]
  controls the length of SIE message and IP packet descriptions. The default, verbose off, generally displays one line summaries.
  displays the version of sratool and its version of the AXA protocol.
mode [SRA | RAD]
  Show the current command mode or expect to connect to an SRA or RAD server. The default command mode is set by the name of the program.
source filename
  reads and executes commands from a file.
connect [
.Sm off Ar tcp: Oo Ar user@ Oc Ar host,port Sm on |
.Sm off Ar unix: Oo Ar user@ Oc Ar /ud/socket Sm on |
.Sm off Ar ssh: Oo Ar user@ Oc Ar host Sm on |
.Sm off Ar tls:cert,key@host,port Sm on ]
  By itself connect shows the current connection. Otherwise connect to the specified SRA server.

Ssh: connections use ssh(1) configuration files including ssh_config(5) to specify the required public keys and optionally the fully qualified host names and user names associated with the public key. Use the "debug 4" command to diagnose ssh connection problems.

Tls: connections use the SSL certificate in the cert file and the private key in the key file. If not absolute, the files are in the -S certs directory.

  disconnects from the SRA server.
count [N | off]
  sets terminal output to stop displaying packets after a number of packets (including immediately with a number of 0), show the currently remaining count, or turn off the packet count limit.
ciphers [cipher-list]
  set the list of ciphers for the next TLS connection or show the current contents of the list.
  Start, stop or show the state of forwarding packets received from the server. Received msg messages and IP packets can be forwarded as nmsg messages to a TCP or UDP port. Received IP packets can be forwarded as a pcap stream to a file, to a fifo created with separately ‘mkfio‘, or in Ethernet frames on a named network interface to a 48-bit address.

.Sm off nmsg: [tcp:|udp:] host,port
.Sm on Op Ar count
  sends nmsg messages to the tcp or udp host name and port number host,port. UDP is the default. IP packets are converted to nmsg messages.

.Sm off nmsg:file: path
.Sm on Op Ar count
  sends nmsg messages to the file. IP packets are converted to nmsg messages.

.Sm off pcap [-fifo]: file
.Sm on Op Ar count
  sends IP packets to a file or FIFO for examination with tcpdump(1) or another packet tracing tool. An ordinary file is the default. Only IP packets but not nmsg messages are sent.

.Sm off pcap-if: [dst /] ifname
.Sm on Op Ar count
  transmits IP packets on the network interface named ifname for examination with tcpdump(1) or another packet tracing tool. dst optionally specifies a destination 48-bit Ethernet address other than all 0:0:0:0:0:0 default. This output usually requires that sratool be run by root. Only IP packets but not nmsg messages are sent.

If count is present, forwarding stops after that many packets.
nop sends a command to the server that does nothing but test the connection.
user name
  sends a AXA_P_OP_USER command to the server.
rate limit[
  [-|MAX|per-sec op] [-|NEVER|report-secs] ] Tell the SRA server to report its rate limits or set rate limits and the interval between rate limit reports. Hits in excess of the rate limit are discarded by the server.
sample [X%]
  Get and optionally set the percentage of hits that the SRA servers sends.
window [bufsize]
  Get and optionally set the TCP output buffer size or maximum send window used by the server.
pause Tell the SRA server to stop sending data.
go Tell the SRA server to resume sending data.
sleep x.y
  Do nothing for x.y seconds.
  Tell the server to report counts of packets seen, missed, sent, and lost.
  Show information about the current connection state including time connected.
tag watch Brq ip=IP[/n] | dns=[*.]dom | ch=chN | errors
  Tell the SRA server to send NMSG messages or IP packets that are to, from, or contain the specified IP addresses, that contain the specified domain name, that arrived at the server on the specified SIE channel, or are SIE messages or IP packets that could not be decoded. Tag is a number labeling the watch.

.Sm off ip= IP [/ n]
.Sm on
  The IPv4 or IPv6 address IP specifies a host address unless a prefix length is specified.

.Sm off dns= [*.] dom
.Sm on
  watches for the domain anywhere in the IP packets or SIE messages on the channels selected with -c . A wild card watches for occurrences of the domain and all sub-domains.

Sm off ch=ch N Sm on
  selects SIE messages or IP packets on the specified channel number or all channels.

  selects SIE messages or IP packets that could not be decoded.
[taglist watches]
  With a tag (numeric label), list the specified watch. Without a tag, list all watches.
channel Bro list | Bro on|off Brc Bro all|chN Brc Brc
  List available SRA channels or enable or disable one or all SIE channels.


The following captures and displays one SIE newdomain message. The "dns=*." watch or pattern was matched by the "" domain in DNS NS rdata.
$ sratool
sra> connect
* HELLO srad version 1.1.0 sb6 AXA protocol 1
sra> count 1
sra> channel 211 on
* OK CHANNEL ON/OFF channel ch211 on
sra> 1 watch dns=*.
1 OK WATCH started
1 ch211  SIE newdomain rdata=NS

packet count limit exceeded sra> exit


  defines relationships among and meanings of SIE message fields. Its contents should rarely if ever need to be changed.
certs is the directory set with -S that contains TLS certificate and key files.
  is the ssh_config(5) configuration file used with connect ssh:... connections. "Host" stanzas in the file can simplify connections to SRA servers.
  contains the command history from previous sratool and/or radtool invocations


If set, AXACONF specifies the AXA configuration directory instead of the default, ~/.axa or /usr/local/etc/axa.


sratool(1), sratunnel(1), radtunnel(1), mkfifo(1), and nmsgtool(1).
Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.