NAME

       sc_ttlexp — dump source addresses from ICMP TTL expired messages in warts files

SYNOPSIS

       sc_ttlexp [-O options] [file ...]

DESCRIPTION

       The  sc_ttlexp  utility  provides  a  dump  of source IP addresses contained trace and tracelb records in
       warts(5) files.

       The options are as follows:

       -?      prints a list of command line options and a synopsis of each.

       -O option
               allows the behavior of sc_ttlexp to be further tailored.  The current  choices  for  this  option
               are:
                 -  nodst:  do  not  dump  source address of a TTL expired message if it matches the destination
                    address probed.
                 -  noreserved: do not dump source address of a TTL expired message if the address is a reserved
                    address.

EXAMPLES

       Given two warts(5) files named file1.warts and file2.warts, the following dumps all source addresses that
       sent TTL expired messages:

             sc_ttlexp file1.warts file2.warts

       Given a compressed warts file named file3.warts.bz2, the following dumps all source addresses  that  sent
       TTL expired messages, skipping those that were only observed in TTL expired messages from the destination
       probed:

             bzcat file3.warts.bz2 | sc_ttlexp -O nodst

SEE ALSO

       scamper(1), sc_wartsdump(1), sc_warts2json(1),

       M. Luckie, Scamper: a Scalable and Extensible Packet Prober for Active Measurement of the Internet, Proc.
       ACM/SIGCOMM Internet Measurement Conference 2010.

AUTHOR

       sc_ttlexp was written by Matthew Luckie <mjl@luckie.org.nz>.

Debian                                            March 8, 2018                                     SC_TTLEXP(1)