DOKK / manpages / debian 10 / scamper / sc_ttlexp.1.en
SC_TTLEXP(1) General Commands Manual SC_TTLEXP(1)

sc_ttlexpdump source addresses from ICMP TTL expired messages in warts files

sc_ttlexp [-O options] [file ...]

The sc_ttlexp utility provides a dump of source IP addresses contained trace and tracelb records in warts(5) files.

The options are as follows:

-?
prints a list of command line options and a synopsis of each.
option
allows the behavior of sc_ttlexp to be further tailored. The current choices for this option are:
  • do not dump source address of a TTL expired message if it matches the destination address probed.
  • do not dump source address of a TTL expired message if the address is a reserved address.

Given two warts(5) files named file1.warts and file2.warts, the following dumps all source addresses that sent TTL expired messages:

sc_ttlexp file1.warts file2.warts

Given a compressed warts file named file3.warts.bz2, the following dumps all source addresses that sent TTL expired messages, skipping those that were only observed in TTL expired messages from the destination probed:

bzcat file3.warts.bz2 | sc_ttlexp -O nodst

scamper(1), sc_wartsdump(1), sc_warts2json(1),

M. Luckie, Scamper: a Scalable and Extensible Packet Prober for Active Measurement of the Internet, Proc. ACM/SIGCOMM Internet Measurement Conference 2010.

sc_ttlexp was written by Matthew Luckie <mjl@luckie.org.nz>.

March 8, 2018 Debian