https://www.masarlabs.com/patd/

Masar Labs

PatD - Ping and Traceroute Daemon for IPv4 and IPv6

patd (/patd) is a daemon to ping or traceroute remote hosts.
It is a daemon that runs without root privileges listening on a TCP port for hosts to check.
It receive commands listening on a TCP port and returns the results to the same connection.
patd (/patd) is usefull in situation where you cannot send native ICMP packet, for example from a Java program.

pat (/patd/pat.html) is a client you can use to talk to patd.

Features

  • Does ping and traceroute.
  • Supports both IPv4 and IPv6.
  • Single daemon listening on a TCP local port.
  • Single threaded.
  • Does not run as root but uses capabilities to send ICMP packets.

There is also a client pat (/patd/pat.html) to send commands to patd (/patd).

Downloads

You can download the sources of patd from here (/download).

There are also binary compiled for Debian Linux (http://www.debian.org) in our APT Repository (/debian)

Examples

Here are two examples of pat/patd.

Ping an host

  1. $> pat www.example.com
  2. pat6 2606:2800:0220:006D:2626:1447:1097:0AA7
  3. O 2606:2800:0220:006D:26BF:1447:1097:0AA7 seq=1 time=88.374781 ms
  4. pat4 93.184.216.119
  5. O 93.184.216.119 seq=1 time=129.832764 ms

Tracerout an Host

  1. $> pat -T www.example.com
  2. pat6 2606:2800:0220:006D:2626:1447:1097:0AA7
  3. t 2001:4B78:0002:0000:0000:0000:0000:0162 seq=1 time=0.579375 ms
  4. t 2001:4B78:0002:000C:0000:0000:0000:0002 seq=2 time=0.577010 ms
  5. t 2001:0450:2002:0043:0000:0000:0000:0001 seq=3 time=0.641369 ms
  6. t 2001:0450:2008:0101:0000:0000:0000:0012 seq=4 time=18.460314 ms
  7. t 2001:2000:3018:0039:0000:0000:0000:0001 seq=5 time=99.657094 ms
  8. t 2001:2000:3080:0608:0000:0000:0000:0002 seq=6 time=91.176435 ms
  9. O 2606:2800:0220:006D:26BF:1447:1097:0AA7 seq=7 time=88.250489 ms
  10. pat4 93.184.216.119
  11. t 169.254.1.1 seq=1 time=0.320014 ms
  12. t 95.174.9.65 seq=2 time=0.669792 ms
  13. t 85.94.192.251 seq=3 time=135.209402 ms
  14. t 64.214.148.121 seq=4 time=0.569375 ms
  15. t 67.16.145.242 seq=5 time=9.398323 ms
  16. t 213.248.89.181 seq=6 time=9.287580 ms
  17. t 80.91.251.233 seq=7 time=10.076306 ms
  18. t 80.91.246.64 seq=8 time=113.164281 ms
  19. t 213.155.130.3 seq=9 time=141.216692 ms
  20. t 62.115.12.62 seq=10 time=133.022995 ms
  21. O 93.184.216.119 seq=11 time=119.194537 ms

Synopsis

patd [OPTION]...

Options

--address ADDR
set the address to listen to (default: localhost)
--port PORT
set the port to listen to (default: 7865)
-f, --foreground
run in foreground
-p, --pidfile FILE
write a pidfile
-q, --quiet
log less messages to syslog, can be used multiple times
-v, --verbose
log more messages to syslog, can be used multiple times
-h, --help
display an help message and exit
-V, --version
display version information and exit

Protocol Specification

patd accepts commands listening from a TCP connection, You can implement clients talking to patd following this protocol.

Multibyte values are in Network Byte Order, that means BigEndian or Hi bytes first.

Client query message has this format:

COMMAND 1 byte see below
SEND 1 byte min=1 max=63 default=3
RETURN 1 byte min=1 max=63 default=1
START_TTL 1 byte min=0 max=63 default=63
MAX_TTL 1 byte min=1 max=63 default=63
LENGTH 2 bytes min=0 max=32752 (0x7FF0) default=0
FRAGMENT 1 byte min=0 max=1 default=0
TIMEOUT 2 bytes min=1 max=2000 default=1000
ADDR 4,16 bytes IPv4 or IPv6 address

Where COMMAND is:

'4' (0x34) for an IPv4 query, total size of query 14 bytes
'6' (0x36) for an IPv6 query, total size of query 26 bytes

Server response has this format:

RESULT 1 byte see below
SEQ 1 byte
MSEQ 4 bytes
ADDR 4,16 bytes IPv4 or IPv6 address

Where RESULT is:

'o' (0x6F) OK
'O' (0x4F) OK, Last response
'e' (0x65) Error
'E' (0x45) Error, Last response
't' (0x74) Trace
'T' (0x54) Trace, Last response

Total size of response is 10 bytes for an IPv4 query, 22 bytes for an IPv6 query.

Security

patd requires CAP_NET_RAW capability to be executed.

Warning

There is NO authentication and authorization so if you expose the TCP connection, you need to implement some firewall rules.

See Also

pat (/patd/pat.html)(8)