Provided by: scamper_20181219-1_amd64
sc_ttlexp — dump source addresses from ICMP TTL expired messages in warts files
sc_ttlexp [-O options] [file ...]
The sc_ttlexp utility provides a dump of source IP addresses contained trace and tracelb records in warts(5) files. The options are as follows: -? prints a list of command line options and a synopsis of each. -O option allows the behavior of sc_ttlexp to be further tailored. The current choices for this option are: - nodst: do not dump source address of a TTL expired message if it matches the destination address probed. - noreserved: do not dump source address of a TTL expired message if the address is a reserved address.
Given two warts(5) files named file1.warts and file2.warts, the following dumps all source addresses that sent TTL expired messages: sc_ttlexp file1.warts file2.warts Given a compressed warts file named file3.warts.bz2, the following dumps all source addresses that sent TTL expired messages, skipping those that were only observed in TTL expired messages from the destination probed: bzcat file3.warts.bz2 | sc_ttlexp -O nodst
scamper(1), sc_wartsdump(1), sc_warts2json(1), M. Luckie, Scamper: a Scalable and Extensible Packet Prober for Active Measurement of the Internet, Proc. ACM/SIGCOMM Internet Measurement Conference 2010.
sc_ttlexp was written by Matthew Luckie <email@example.com>.