GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  TRACEANON (1)

NAME

traceanon - anonymise ip addresses of traces

CONTENTS

Synopsis
Descrption
Examples
Bugs
Links
See Also
Authors

SYNOPSIS

traceanon [ -s | --encrypt-source ] [ -d | --encrypt-dest ] [ -p prefix | --prefix=prefix ] [ -c key | --cryptopan=key ] [ -f key-file | --keyfile=file ] [ -z level | --compress-level=level ] [ -Z method | --compress-type=method ] sourceuri desturi

DESCRPTION

traceanon anonymises a trace by replacing IP addresses found in the IP header, and any embedded packets inside an ICMP packet. It also fixes the checksums inside TCP and UDP headers.

Two anonymisation schemes are supported, the first replaces a prefix with another prefix. This can be used for instance to replace a /16 with the equivilent prefix from RFC1918. The other scheme is cryptopan which is a prefix preserving encryption scheme based on AES.
-s
--encrypt-source
encrypt only source ip addresses.

-d
--encrypt-dest
encrypt only destination ip addresses.

-p
--prefix=prefix
substitute the high bits of the IP addresses with the provided prefix.

-c
--cryptopan=key
encrypt the IP addresses using the prefix-preserving cryptopan method using the key "key". The key can be up to 32 bytes long, and will be padded with NULL characters.

-f
--keyfile=file
encrypt the IP addresses using the prefix-preserving cryptopan method using the key specified in the file "file". The key must be 32 bytes long. A suitable method of generating a key is by using the command dd to read from /dev/urandom.

-z
--compress-level=level
compress the output trace using a compression level of "level". Compression level can range from 0 (no compression) through to 9. Higher compression levels require more CPU to compress data. Defaults to no compression.

-Z
--compress-type=method
compress the output trace using the compression algorithm "method". Possible algorithms are "gzip", "bzip2", "lzo" and "none". Default is "none".

EXAMPLES

traceanon --cryptopan="fish go moo, oh yes they do" \
        --encrypt-source \
        --encrypt-dest \
        --compress-level=1 \
        --compress-type=gzip \
        erf:/traces/unenc.gz \
        erf:/traces/enc.gz \

BUGS

This software should support encrypting based on the direction/interface flag.

IP addresses inside ARP’s are not encrypted.

LINKS

More details about traceanon (and libtrace) can be found at http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation

SEE ALSO

libtrace(3), tracemerge(1), tracefilter(1), traceconvert(1), tracestats(1), tracesummary(1), tracertstats(1), tracesplit(1), tracesplit_dir(1), tracereport(1), tracepktdump(1), tracediff(1), tracereplay(1), traceends(1), tracetopends(1)

AUTHORS

Perry Lorier <perry@cs.waikato.ac.nz>
Search for    or go to Top of page |  Section 1 |  Main Index


traceanon (libtrace) TRACEANON (1) October 2005

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.