NAME¶

sc_ttlexp — dump source addresses from ICMP TTL expired messages in warts files

SYNOPSIS¶

DESCRIPTION¶

The sc_ttlexp utility provides a dump of source IP addresses contained trace and tracelb records in warts(5) files.

The options are as follows:

-?

prints a list of command line options and a synopsis of each.

-O option

allows the behavior of sc_ttlexp to be further tailored. The current choices for this option are:

• nodst: do not dump source address of a TTL expired message if it matches the destination address probed.
• noreserved: do not dump source address of a TTL expired message if the address is a reserved address.

EXAMPLES¶

Given two warts(5) files named file1.warts and file2.warts, the following dumps all source addresses that sent TTL expired messages:

Given a compressed warts file named file3.warts.bz2, the following dumps all source addresses that sent TTL expired messages, skipping those that were only observed in TTL expired messages from the destination probed:

SEE ALSO¶

scamper(1), sc_wartsdump(1), sc_warts2json(1),

M. Luckie, Scamper: a Scalable and Extensible Packet Prober for Active Measurement of the Internet, Proc. ACM/SIGCOMM Internet Measurement Conference 2010.

AUTHOR¶

sc_ttlexp was written by Matthew Luckie <mjl@luckie.org.nz>.