This is automatically generated documentation. Edit after the "COMMENTS" heading; changes to the main body will be lost.
AnonymizeIPAddr -- Click element; anonymizes top-level IP addresses in passing packets
Ports: 1 input, 1-2 outputs
Package: analysis (core)
AnonymizeIPAddr anonymizes the source and destination IP addresses in passing IPv4 packets. (Packets must have IP header annotations.) The anonymization transformation is prefix-preserving: If two input addresses shared the same p-bit prefix, then the corresponding output addresses also share the same p-bit prefix. AnonymizeIPAddr was based on Greg Minshall's tcpdpriv; see http://ita.ee.lbl.gov/html/contrib/tcpdpriv.html. The special IP addresses 0.0.0.0 and 255.255.255.255 are always mapped to themselves, independent of any other mapping. AnonymizeIPAddr also incrementally updates the IP header checksum, so the new header is correct iff the old header was correct. AnonymizeIPAddr only manipulates the IP header pointed to by the IP header annotation. This differs from tcpdpriv, which also anonymizes addresses on encapsulated IP headers for protocol 4 (ipip). Keyword arguments are:
AnonymizeIPAddr's anonymization corresponds to tcpdpriv's -A50 option. Prefix-preserving anonymization is not foolproof. The http://ita.ee.lbl.gov/html/contrib/tcpdpriv.html contains a paper describing the possible attack. Tatu Ylonen closes that document by saying: "If you are very concerned about leaking your network topology, I would not recommend giving out trace information privatized with the -A50 option. I wouldn't expect this to be the case for most organizations."
Generated by 'click-elem2man' from '../elements/analysis/anonipaddr.hh:7' on 12/Jul/2011.