xenial (1) traceanon.1.gz

Provided by: libtrace-tools_3.0.21-1ubuntu2_amd64 bug

NAME
       traceanon - anonymise ip addresses of traces


SYNOPSIS
       traceanon  [  -s  | --encrypt-source ] [ -d | --encrypt-dest ] [ -p prefix | --prefix=prefix ] [ -c key |
       --cryptopan=key ] [ -f key-file | --keyfile=file ] [ -z level | --compress-level=level ] [  -Z  method  |
       --compress-type=method ] sourceuri desturi


DESCRPTION
       traceanon  anonymises  a trace by replacing IP addresses found in the IP header, and any embedded packets
       inside an ICMP packet.  It also fixes the checksums inside TCP and UDP headers.

       Two anonymisation schemes are supported, the first replaces a prefix with another prefix.   This  can  be
       used  for  instance  to  replace  a  /16  with  the  equivilent prefix from RFC1918.  The other scheme is
       cryptopan which is a prefix preserving encryption scheme based on AES.

       -s
       --encrypt-source
              encrypt only source ip addresses.

       -d
       --encrypt-dest
              encrypt only destination ip addresses.

       -p
       --prefix=prefix
              substitute the high bits of the IP addresses with the provided prefix.

       -c
       --cryptopan=key
              encrypt the IP addresses using the prefix-preserving cryptopan method using the  key  "key".   The
              key can be up to 32 bytes long, and will be padded with NULL characters.

       -f
       --keyfile=file
              encrypt  the  IP addresses using the prefix-preserving cryptopan method using the key specified in
              the file "file".  The key must be 32 bytes long. A suitable method of generating a key is by using
              the command dd to read from /dev/urandom.

       -z
       --compress-level=level
              compress the output trace using a compression level of "level". Compression level can range from 0
              (no compression) through to 9. Higher compression  levels  require  more  CPU  to  compress  data.
              Defaults to no compression.

       -Z
       --compress-type=method
              compress  the  output  trace  using  the  compression  algorithm "method". Possible algorithms are
              "gzip", "bzip2", "lzo", "xz" and "none". Default is "none".


EXAMPLES
       traceanon --cryptopan="fish go moo, oh yes they do" \
            --encrypt-source \
            --encrypt-dest \
            --compress-level=1 \
            --compress-type=gzip \
            erf:/traces/unenc.gz \
            erf:/traces/enc.gz \


BUGS
       This software should support encrypting based on the direction/interface flag.

       IP addresses inside ARP's are not encrypted.


       More      details      about      traceanon      (and      libtrace)      can      be      found       at
       http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation


SEE ALSO
       libtrace(3),    tracemerge(1),    tracefilter(1),    traceconvert(1),   tracestats(1),   tracesummary(1),
       tracertstats(1),  tracesplit(1),  tracesplit_dir(1),   tracereport(1),   tracepktdump(1),   tracediff(1),
       tracereplay(1), traceends(1), tracetopends(1)


AUTHORS
       Perry Lorier <perry@cs.waikato.ac.nz>