NAME
traceanon - anonymise ip addresses of traces
SYNOPSIS
traceanon [ -s | --encrypt-source ] [ -d | --encrypt-dest ] [ -p prefix
| --prefix=prefix ] [ -c key | --cryptopan=key ] sourceuri desturi
DESCRPTION
traceanon anonymises a trace by replacing IP addresses found in the IP
header, and any embedded packets inside an ICMP packet. It also fixes
the checksums inside TCP and UDP headers.
Two anonymisation schemes are supported, the first replaces a prefix
with another prefix. This can be used for instance to replace a /16
with the equivilent prefix from RFC1918. The other scheme is cryptopan
which is a prefix preserving encryption scheme based on AES.
-s
--encrypt-source
encrypt only source ip addresses.
-d
--encrypt-dest
encrypt only destination ip addresses.
-p
--prefix=prefix
substitute the high bits of the IP addresses with the provided
prefix.
-c
--cryptopan=key
encrypt the IP addresses using the prefix-preserving cryptopan
method using the key "key". The key can be up to 32 bytes long,
and will be padded with NUL charactors.
EXAMPLES
traceanon --cryptopan="fish go moo, oh yes they do" \
--encrypt-source \
--encrypt-dest \
erf:/traces/unenc.gz \
erf:/traces/enc.gz \
BUGS
This software should support encrypting based on the
direction/interface flag.
IP addresses inside ARP’s are not encrypted.
LINKS
More details about traceanon (and libtrace) can be found at
http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation
SEE ALSO
libtrace(3), tracemerge(1), tracefilter(1), traceconvert(1),
tracestats(1), tracesummary(1), tracertstats(1), tracesplit(1),
tracesplit_dir(1), tracereport(1), tracedump(1)
AUTHORS
Perry Lorier <perry@cs.waikato.ac.nz>