views:

1008

answers:

5

I'm looking for a way to do a traceroute client-side, i.e. in a browser.

As far as I know, it's not possible to send ICMP, UDP or TCP packets with arbitraty TTL values via Javascript or Flash. I know Flash allows TCP connections via the Socket class in Actionscript but it doesn't seem useful for a traceroute implementation.

Is the only solution to develop a browser plug-in ?

EDIT: I just found out that it has been done with a Java applet: http://www.codefromthe70s.org/traceroute.aspx

The bad news is that this applet requires to be signed code because it actually parses the output from the ping executable of the underlying client system. Because of this, the user is asked to allow the Java application to run, which is cumbersome.

More info here: http://www.codefromthe70s.org/traceroute_explained.aspx

I am still looking for a simpler solution if anyone can help.

EDIT 2: Thanks for your anwsers. I guess I'll have to go with Java then.

I wonder if NaCl ( http://code.google.com/p/nativeclient/ ) would support some kind of traceroute app.

+1  A: 

Hmm... no, because of the security model.

You might be able to do it in a particular browser with a plug-in, but not an arbitrary browser using anything widely available.

I'd like to be proven wrong here.

Rich
A: 

How about executing traceroute on the server and returning the result with somekind of ajax call

Ilian Iliev
Because the point is to do the traceroute from the client IP, not the server IP.
Franck
+3  A: 

Why don't you just sign the applet? Isn't the problem actually more you don't know how to sign the applet? If so, then start here: jarsigner. Here is a more clear tutorial.

There is actually no simpler/better solution than actually running some piece of code and/or commands at the client machine. The traceroute really have to originate at the client machine.

Javascript and Actionscript cannot do this due to security restrictions. They lives in the webpage context only. Silverlight might be able to do, but don't pin me on that. I don't do NET stuff.

BalusC
It's not that I don't know how to do it but thanks for the tutorial link. I only wanted some confirmation that this was impossible in JS/ActionScript due to the browser security model.
Franck
I expected that a signed java applet would be able to send ICMP packets, but after some googling, it actually looks like java only natively supports TCP/UDP? I suppose it's still possible via JNI.
Frank Farmer
+1  A: 

You can't do this at all from a browser. Javascript can at best open a connection back to its originating server for AJAX requests, but can only do so via HTTP. Flash can talk to arbitrary hosts, but only if they're listed in a crossdomain.xml file on the originating server, and again only via TCP. UDP support in Flash is apparently pending.

Traceroute and ping are both ICMP-based protocols and cannot be created/controlled from Flash or Javascript. They also both require 'raw' access to build custom packets, and this definitely cannot be done browser-side. This is why 'ping' is an 'SUID' program on Unix systems, as raw packet access requires root privileges.

At best you can do a server-side implementation and have the output sent to the browser. And even then, you most likely could not do it from an in-server process on a Unix box, as the web server is unlikely to be running as root. You'd have to execute the system ping and/or traceroute and redirect the output back to the browser.

Marc B
"You can't do this at all from a browser." -- with the exception of a signed applet using JNI. I'm pretty sure a signed applet running JNI can do literally anything.
Frank Farmer
+1  A: 

There is CoNetServ (Complex Network Services) browser extension. It is able to do traceroute from your local machine straight in your browser.

http://wiki.github.com/V-Teq/CoNetServ/

Chrome extension: https://chrome.google.com/extensions/detail/mmkpilpdijdbifpgkpdndpjlkpjkihee

Firefox add-on: https://addons.mozilla.org/en-US/firefox/addon/181909/

V-Teq