traceroute 路由追踪

一个数据包从你的电脑出发，然后达到目的地，比如google。中间到底经历了什么？我能不能看到它路过的路由器？traceroute可以做到。

traceroute原理简单说来，就是利用TTL（time to live，设置数据包最大生存时间，用来防止数据包在路由器间循环）。主机先给数据包设置一个TTL，然后这个数据包每经过一个路由器，路由器就把TTL减一。直到递减到零，这时，路由器会发送回来一个ICMP Time Exceeded，这个时候主机接收到之后，就知道相应的路由器IP了。

traceroute是linux自带的。详细用法见man。下面是最实用的命令。类似的工具还有tracepath，但是感觉traceroute更好。

$ traceroute www.baidu.com
$ traceroute google.com -U        // Use UDP 
$ traceroute google.com -T        // Use TCP SYN for probes
# traceroute google.com -I  -p53      // Use ICMP ECHO for probes，53端口提高通过率

$ traceroute www.baidu.com

$ traceroute google.com -U // Use UDP

$ traceroute google.com -T // Use TCP SYN for probes

# traceroute google.com -I -p53 // Use ICMP ECHO for probes，53端口提高通过率

只有这个功能，感觉不太好用，如果能知道ip的真实世界的地址就好了。比如中国上海这样的。正好网上出了个开源的GeoIP（IP与地理地址转换）。非常感谢作者。

然后胶水语言python就上台了。我就直接贴代码了，很好理解。注意这是不能直接运行的，需要下载相应的GeoIP，然后写个geoip来解析IP与地理地址。

#!/usr/bin/python
import socket
import geoip

def sendPacket(icmp,udp,ttl,dest_name):
    port = 33434
    recv_socket = socket.socket(socket.AF_INET, socket.SOCK_RAW, icmp)             #接收icmp
    send_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, udp)            #udp发送数据包
    send_socket.setsockopt(socket.SOL_IP, socket.IP_TTL, ttl)
    send_socket.settimeout(3.0)
    recv_socket.settimeout(4.0)
    recv_socket.bind(("", port))
    send_socket.sendto("", (dest_name, port))
    curr_addr = None
    curr_name = None
    try:
        _, curr_addr = recv_socket.recvfrom(512)
        curr_addr = curr_addr[0]
        try:
            curr_name = socket.gethostbyaddr(curr_addr)[0]
        except socket.error:
            curr_name = curr_addr
    except socket.error:                                                          #有些路由器可能不会回复
        print "%d\t%s\t%s" % (ttl,'*','*')
        return "unavaible"
    finally:
        send_socket.close()
        recv_socket.close()

    if curr_addr is not None:
        curr_host = "%s (%s)" % (curr_name, curr_addr)
    else:
        curr_host = "*"
    print "{:d}\t{:70s}".format(ttl, curr_host),
    print "%s"%(geoip.geoip(curr_addr))                                           #转换地址
    return curr_addr

def traceroute(dest_name):
    dest_addr = socket.gethostbyname(dest_name)
    max_hops = 50
    icmp = socket.getprotobyname('icmp')
    udp = socket.getprotobyname('udp')
    ttl = 1
    while True:
        curr_addr = sendPacket(icmp,udp,ttl,dest_name)
        ttl += 1
        if curr_addr == dest_addr or ttl > max_hops:
            break

if __name__ == "__main__":
    traceroute('blog.slinuxer.com')

#!/usr/bin/python

import socket

import geoip

def sendPacket(icmp,udp,ttl,dest_name):

port = 33434

recv_socket = socket.socket(socket.AF_INET, socket.SOCK_RAW, icmp) #接收icmp

send_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, udp) #udp发送数据包

send_socket.setsockopt(socket.SOL_IP, socket.IP_TTL, ttl)

send_socket.settimeout(3.0)

recv_socket.settimeout(4.0)

recv_socket.bind(("", port))

send_socket.sendto("", (dest_name, port))

curr_addr = None

curr_name = None

try:

_, curr_addr = recv_socket.recvfrom(512)

curr_addr = curr_addr[0]

try:

curr_name = socket.gethostbyaddr(curr_addr)[0]

except socket.error:

curr_name = curr_addr

except socket.error: #有些路由器可能不会回复

print "%d\t%s\t%s" % (ttl,'*','*')

return "unavaible"

finally:

send_socket.close()

recv_socket.close()

if curr_addr is not None:

curr_host = "%s (%s)" % (curr_name, curr_addr)

else:

curr_host = "*"

print "{:d}\t{:70s}".format(ttl, curr_host),

print "%s"%(geoip.geoip(curr_addr)) #转换地址

return curr_addr

def traceroute(dest_name):

dest_addr = socket.gethostbyname(dest_name)

max_hops = 50

icmp = socket.getprotobyname('icmp')

udp = socket.getprotobyname('udp')

ttl = 1

while True:

curr_addr = sendPacket(icmp,udp,ttl,dest_name)

ttl += 1

if curr_addr == dest_addr or ttl > max_hops:

break

if __name__ == "__main__":

traceroute('blog.slinuxer.com')

效果图:

链接:

traceroute 路由追踪

近期文章

近期评论

分类目录