source: trunk/tools/traceanon/traceanon.1 @ 1659

Last change on this file since 1659 was 1659, checked in by andreasl, 3 years ago

added a command line argument to read cryptopam keys from a file and also updated the man page to describe the feature. Still untested though, need to run the code on spectre for that
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 2.9 KB
RevLine 
[399]1.TH TRACEANON "1" "October 2005" "traceanon (libtrace)" "User Commands"
2.SH NAME
3traceanon \- anonymise ip addresses of traces
4.SH SYNOPSIS
5.B traceanon
6[ \-s | \-\^\-encrypt-source ]
7[ \-d | \-\^\-encrypt-dest ]
8[ \-p prefix | \-\^\-prefix=prefix ]
9[ \-c key | \-\^\-cryptopan=key ]
[1659]10[ \-f key-file | \-\^\-keyfile=file ]
[1572]11[ \-z level | \-\^\-compress-level=level ]
12[ \-Z method | \-\^\-compress-type=method ]
[648]13sourceuri
14desturi
[399]15.SH DESCRPTION
16traceanon anonymises a trace by replacing IP addresses found in the IP header,
17and any embedded packets inside an ICMP packet.  It also fixes the checksums
18inside TCP and UDP headers.
19
20Two anonymisation schemes are supported, the first replaces a prefix with
21another prefix.  This can be used for instance to replace a /16 with the
22equivilent prefix from RFC1918.  The other scheme is cryptopan which is a
23prefix preserving encryption scheme based on AES.
24.TP
25.PD 0
26.BI \-s
27.TP
28.PD
29.BI \-\^\-encrypt-source
30encrypt only source ip addresses.
31
32.TP
33.PD 0
34.BI \-d
35.TP
36.PD
37.BI \-\^\-encrypt-dest
38encrypt only destination ip addresses.
39
40.TP
41.PD 0
42.BI \-p
43.TP
44.PD
45.BI \-\^\-prefix=prefix
46substitute the high bits of the IP addresses with the provided prefix.
47
48.TP
49.PD 0
50.BI \-c
51.TP
52.PD
53.BI \-\^\-cryptopan=key
54encrypt the IP addresses using the prefix-preserving cryptopan method using
55the key "key".  The key can be up to 32 bytes long, and will be padded with
[1572]56NULL characters.
[399]57
[1659]58
[1572]59.TP
60.PD 0
[1659]61.BI \-f
62.TP
63.PD
64.BI \-\^\-keyfile=file
65encrypt the IP addresses using the prefix-preserving cryptopan method using
66the key specified in the file "file".  The key must be 32 bytes
67long. A suitable method of generating a key is by using the command dd to read
68from /dev/urandom.
69
70
71.TP
72.PD 0
[1572]73.BI \-z
74.TP
75.PD
76.BI \-\^\-compress-level=level
77compress the output trace using a compression level of "level". Compression
78level can range from 0 (no compression) through to 9. Higher compression levels
79require more CPU to compress data. Defaults to no compression.
[399]80
[1572]81.TP
82.PD 0
83.BI \-Z
84.TP
85.PD
86.BI \-\^\-compress-type=method
87compress the output trace using the compression algorithm "method". Possible
88algorithms are "gzip", "bzip2", "lzo" and "none". Default is "none".
89
[399]90.SH EXAMPLES
91.nf
92traceanon \-\^\-cryptopan="fish go moo, oh yes they do" \\
93        \-\^\-encrypt-source \\
[400]94        \-\^\-encrypt-dest \\
[1572]95        \-\^\-compress-level=1 \\
96        \-\^\-compress-type=gzip \\
[399]97        erf:/traces/unenc.gz \\
98        erf:/traces/enc.gz \\
99.fi
100
101.SH BUGS
102This software should support encrypting based on the direction/interface flag.
103
[400]104IP addresses inside ARP's are not encrypted.
105
[1153]106.SH LINKS
107More details about traceanon (and libtrace) can be found at
108http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation
109
[399]110.SH SEE ALSO
111libtrace(3), tracemerge(1), tracefilter(1), traceconvert(1), tracestats(1),
[1082]112tracesummary(1), tracertstats(1), tracesplit(1), tracesplit_dir(1),
[1492]113tracereport(1), tracepktdump(1), tracediff(1), tracereplay(1)
[399]114
115.SH AUTHORS
116Perry Lorier <perry@cs.waikato.ac.nz>
Note: See TracBrowser for help on using the repository browser.