diff options
-rw-r--r-- | astraceroute.8 | 67 |
1 files changed, 65 insertions, 2 deletions
diff --git a/astraceroute.8 b/astraceroute.8 index 9907bba..28d1948 100644 --- a/astraceroute.8 +++ b/astraceroute.8 @@ -30,52 +30,96 @@ tool might be a good start for further in-depth analysis of such systems. .SH OPTIONS .SS -H <host>, --host <host> +Hostname, IPv4 or IPv6 address of the remote host where the AS route should +be traced to. In case of an IPv6 address or host, also option ``-6'' must be +used. IPv4 is the default. .SS -p <port>, --port <port> +TCP port for the remote host to use. If not otherwise specified, the default +port to be used is 80. .SS -i <device>, -d <device>, --dev <device> +Networking device to start the trace route from, e.g. eth0, wlan0. .SS -f <ttl>, --init-ttl <ttl> +Initial TTL value to be used. This option might be useful if you are not +interested in the first n hops, but only follow-up ones. The default +initial TTL value is 1. .SS -m <ttl>, --max-ttl <ttl> +Maximum TTL value to be used. If not otherwise specified, the maximum +TTL value is 30. Thus, after this has been reached astraceroute exits +itself. .SS -q <num>, --num-probes <num> +Specifies the number of queries to be done on a particular hop. The +default is 2 query requests. .SS -x <sec>, --timeout <sec> +Tells astraceroute the probe response timeout in seconds, in other words +the maximum time astraceroute must wait for an ICMP response from the current +hop. The default is 3 seconds. .SS -X <string>, --payload <string> +Places an ASCII cleartext into the packet payload. In case the cleartext +contains whitespaces, it must be put into quotes, f.e. "censer me". .SS -l <len>, --totlen <len> +Specifies the total length of the packet. Payload that does not have a +cleartext string in it is padded with random garbage. .SS -4, --ipv4 +Use IPv4 only requests. This is the default. .SS -6, --ipv6 +Use IPv6 only requests. This must be used when passing an IPv6 host as an +argument. .SS -n, --numeric +Tells astraceroute to not perform reverse DNS lookup for hop replies. The +reverse option is ``-N''. .SS -u, --update +The built-in geo-database update mechanism will be invoked to get Maxmind's +latest version. To configure search locations for databases, the file +/etc/netsniff-ng/geoip.conf contains possible addresses. Thus, to save bandwidth +or for mirroring Maxmind's databases (to bypass their traffic limit policy), +different hosts or IP addresses can be placed into geoip.conf, separated by +a newline. .SS -L, --latitude +Also show latitude and longtitude of hops. .SS -N, --dns +Tells astraceroute to perform reverse DNS lookup for hop replies. The +reverse option is ``-n''. .SS -S, --syn +Use TCP's SYN flag for the request. .SS -A, --ack +Use TCP's ACK flag for the request. .SS -F, --fin +Use TCP's FIN flag for the request. .SS -P, --psh +Use TCP's PSH flag for the request. .SS -U, --urg +Use TCP's URG flag for the request. .SS -R, --rst +Use TCP's RST flag for the request. .SS -E, --ecn-syn +Use TCP's ECN flag for the request. .SS -t <tos>, --tos <tos> +Explicitly specify IP's TOS. .SS -G, --nofrag +Set the IP's no fragmentation flag. .SS -Z, --show-packet Show and dissect the returned packet. @@ -89,11 +133,30 @@ Show user help. .SH USAGE EXAMPLE .SS astraceroute -i eth0 -N -S -H netsniff-ng.org -.SS astraceroute -i eth0 -N -E -H netsniff-ng.org +This sends out a TCP SYN probe via the ``eth0'' networking device to the +remote IPv4 host netsniff-ng.org. This request is most likely to pass. Also, +tell astraceroute to perform reverse DNS lookups for each hop. + +.SS astraceroute -6 -i eth0 -S -E -N -H www.6bone.net +In this example, a TCP SYN/ECN probe for the IPv6 host www.6bone.net is being +performed. Also in this case, the ``eth0'' device is being used and hops are +being reserve DNS'ed. + .SS astraceroute -i eth0 -N -F -H netsniff-ng.org +Here, we send out a TCP FIN probe to the remote host netsniff-ng.org. Again, +on each hop a reverse DNS lookup is being done and the queries are transmitted +from ``eth0''. IPv4 is used. + .SS astraceroute -i eth0 -N -FPU -H netsniff-ng.org +As in most other examples, we perform a trace route to IPv4 host netsniff-ng.org +and do a TCP Xmas probe this time. + .SS astraceroute -i eth0 -N -H netsniff-ng.org -X "censor-me" -Z -.SS astraceroute -6 -i eth0 -S -E -N -H www.6bone.net +In this example, we have a Null probe to the remote host netsniff-ng.org, port +80 (default) and this time, we append the cleartext string "censor-me" into the +packet payload to test if a firewall/DPI will let this string pass. Such a trace +could be done once without and once with a blacklisted string to gather possible +information about censorhsip. .SH NOTE If a TCP-based probe will fail after a number of retries, astraceroute will |