sc_ttlexp(1)

The utility provides a dump of source IP addresses contained trace and tracelb records in files.

Section 1 scamper bookworm source

Description

SC_TTLEXP(1) General Commands Manual SC_TTLEXP(1)

NAME

sc_ttlexp — dump source addresses from ICMP TTL expired messages in warts files

SYNOPSIS

sc_ttlexp [-O options] [file ...]

DESCRIPTION

The sc_ttlexp utility provides a dump of source IP addresses contained trace and tracelb records in warts(5) files.

The options are as follows:

-?

prints a list of command line options and a synopsis of each.

-O option

allows the behavior of sc_ttlexp to be further tailored. The current choices for this option are:

-

nodst: do not dump source address of a TTL expired message if it matches the destination address probed.

-

noreserved: do not dump source address of a TTL expired message if the address is a reserved address.

EXAMPLES

Given two warts(5) files named file1.warts and file2.warts, the following dumps all source addresses that sent TTL expired messages:

sc_ttlexp file1.warts file2.warts

Given a compressed warts file named file3.warts.bz2, the following dumps all source addresses that sent TTL expired messages, skipping those that were only observed in TTL expired messages from the destination probed:

bzcat file3.warts.bz2 | sc_ttlexp -O nodst

SEE ALSO

scamper(1), sc_wartsdump(1), sc_warts2json(1),

M. Luckie

,

Scamper: a Scalable and Extensible Packet Prober for Active Measurement of the Internet ,
Proc. ACM/SIGCOMM Internet Measurement Conference 2010 .

AUTHOR

sc_ttlexp was written by Matthew Luckie <mjl@luckie.org.nz>. GNU March 8, 2018 SC_TTLEXP(1)