ASTRACEROUTE man page on Oracle

Man page or keyword search:  
man Server   33470 pages
apropos Keyword Search (all sections)
Output format
Oracle logo
[printable version]

ASTRACEROUTE(8)		      netsniff-ng toolkit	       ASTRACEROUTE(8)

       astraceroute - autonomous system trace route utility

       astraceroute [options]

       astraceroute  is	 a  small  utility  to	retrieve path information in a
       traceroute like way, but with additional geographical location informa‐
       tion. It tracks the route of a packet from the local host to the remote
       host by successively increasing the IP's TTL field, starting from 1, in
       the  hope  that	each intermediate node will send an ICMP TIME_EXCEEDED
       notification back to the local host when the TTL value  is  decremented
       to 0.

       astraceroute  supports  IPv4  and IPv6 queries and will display country
       and city information, if available, the AS number the hop  belongs  to,
       and  its	 ISP  name.  astraceroute also displays timing information and
       reverse DNS data.

       Due to astraceroute's configurability, it is also  possible  to	gather
       some  more  useful information about the hop regarding what it does and
       does not allow to pass through.	This  is  done	by  using  clear  text
       strings	for  probing DPIs or keywords. This tool might be a good start
       for further in-depth analysis of such systems.

   -H <host>, --host <host>
       Hostname or IPv4 or IPv6 address of the remote host where the AS	 route
       should  be  traced  to.	In the case of an IPv6 address or host, option
       ''-6'' must be used. IPv4 is the default.

   -p <port>, --port <port>
       TCP port for the remote host to use. If not specified, the default port
       used is 80.

   -i <device>, -d <device>, --dev <device>
       Networking device to start the trace route from, e.g. eth0, wlan0.

   -f <ttl>, --init-ttl <ttl>
       Initial	TTL  value  to be used. This option might be useful if you are
       not interested in the first n hops, but only the	 following  ones.  The
       default initial TTL value is 1.

   -m <ttl>, --max-ttl <ttl>
       Maximum	TTL  value to be used. If not otherwise specified, the maximum
       TTL value is 30. Thus, after this has been reached astraceroute exits.

   -q <num>, --num-probes <num>
       Specifies the number of queries to be done on  a	 particular  hop.  The
       default is 2 query requests.

   -x <sec>, --timeout <sec>
       Tells  astraceroute  the	 probe	response  timeout in seconds, in other
       words the maximum time astraceroute must wait for an ICMP response from
       the current hop. The default is 3 seconds.

   -X <string>, --payload <string>
       Places  an  ASCII  cleartext  string into the packet payload. Cleartext
       that contains whitespace must be put into quotes (e.g.: "censor me").

   -l <len>, --totlen <len>
       Specifies the total length of the packet. Payload that does not have  a
       cleartext string in it is padded with random garbage.

   -4, --ipv4
       Use IPv4 only requests. This is the default.

   -6, --ipv6
       Use  IPv6 only requests. This must be used when passing an IPv6 host as
       an argument.

   -n, --numeric
       Tells astraceroute to not perform reverse DNS lookup for	 hop  replies.
       The reverse option is ''-N''.

   -u, --update
       The  built-in geo-database update mechanism will be invoked to get Max‐
       mind's latest version. To configure search locations for databases, the
       file  /etc/netsniff-ng/geoip.conf contains possible addresses. Thus, to
       save bandwidth or for mirroring Maxmind's databases  (to	 bypass	 their
       traffic	limit  policy),	 different hosts or IP addresses can be placed
       into geoip.conf, separated by a newline.

   -L, --latitude
       Also show latitude and longitude of hops.

   -N, --dns
       Tells astraceroute to perform reverse DNS lookup for hop	 replies.  The
       reverse option is ''-n''.

   -S, --syn
       Use TCP's SYN flag for the request.

   -A, --ack
       Use TCP's ACK flag for the request.

   -F, --fin
       Use TCP's FIN flag for the request.

   -P, --psh
       Use TCP's PSH flag for the request.

   -U, --urg
       Use TCP's URG flag for the request.

   -R, --rst
       Use TCP's RST flag for the request.

   -E, --ecn-syn
       Use TCP's ECN flag for the request.

   -t <tos>, --tos <tos>
       Explicitly specify IP's TOS.

   -G, --nofrag
       Set IP's no fragmentation flag.

   -Z, --show-packet
       Show and dissect the returned packet.

   -v, --version
       Show version information and exit.

   -h, --help
       Show user help and exit.

   astraceroute -i eth0 -N -S -H
       This  sends  out	 a TCP SYN probe via the ''eth0'' networking device to
       the remote IPv4 host This request is  most  likely  to
       pass.  Also,  tell astraceroute to perform reverse DNS lookups for each

   astraceroute -6 -i eth0 -S -E -N -H
       In this example, a TCP SYN/ECN probe for the IPv6 host is
       being  performed.  Also in this case, the ''eth0'' device is being used
       as well as a reverse DNS lookup for each hop.

   astraceroute -i eth0 -N -F -H
       Here, we send out a TCP FIN probe to the remote	host
       Again,  on  each hop a reverse DNS lookup is being done and the queries
       are transmitted from ''eth0''. IPv4 is used.

   astraceroute -i eth0 -N -FPU -H
       As in most other examples, we perform a trace route to IPv4  host  net‐ and do a TCP Xmas probe this time.

   astraceroute -i eth0 -N -H -X censor-me -Z
       In  this	 example,  we  have  a Null probe to the remote host netsniff-, port 80 (default) and this time, we append the cleartext string
       "censor-me"  into  the packet payload to test if a firewall or DPI will
       let this string pass. Such a trace could be done once without, and once
       with, a blacklisted string to gather possible information about censor‐

       If a TCP-based probe fails after a number of retries, astraceroute will
       automatically  fall back to ICMP-based probes to pass through firewalls
       and routers used in load balancing for example.

       To gather more information about astraceroute's displayed  AS  numbers,
       see e.g.:<number>.

       The  geographical  locations  are  estimated with the help of Maxmind's
       GeoIP database and can differ  from  the	 real  physical	 location.  To
       decrease	 the  possible	errors,	 update	 the  database regularly using
       astraceroute's --update option.

       At some point in time, we need a similar approach to gather more	 reli‐
       able path information such as in the paris-traceroute tool.

       Due  to the generic nature of astraceroute, it currently has a built-in
       mechanism to stop the trace after a fixed number	 of  hops,  since  the
       configurable  TCP  flags	 can have anything included. It is possible to
       decrease this number of course.	In the future, if a SYN probe is  sent
       out,  there  should  be	a listener so that we can stop the trace if we
       detect a handshake in progress.

       astraceroute is licensed under the GNU GPL version 2.0.

       astraceroute was originally written  for	 the  netsniff-ng  toolkit  by
       Daniel	Borkmann.   It	is  currently  maintained  by  Tobias  Klauser
       <> and Daniel Borkmann <>.

       netsniff-ng(8),	trafgen(8),  mausezahn(8),  ifpps(8),  bpfc(8),	 flow‐
       top(8), curvetun(8)

       Manpage was written by Daniel Borkmann.

       This  page is part of the Linux netsniff-ng toolkit project. A descrip‐
       tion of the project, and information about reporting bugs, can be found

Linux				 03 March 2013		       ASTRACEROUTE(8)

List of man pages available for Oracle

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net