I'm looking for a way to do a traceroute client-side, i.e. in a browser.
As far as I know, it's not possible to send ICMP, UDP or TCP packets with arbitrary TTL values via Javascript or Flash. I know Flash allows TCP connections via the Socket class in Actionscript but it doesn't seem useful for a traceroute implementation.
Is the only solution to develop a browser plug-in ?
EDIT: I just found out that it has been done with a Java applet: http://www.codefromthe70s.org/traceroute.aspx
The bad news is that this applet requires to be signed code because it actually parses the output from the ping executable of the underlying client system. Because of this, the user is asked to allow the Java application to run, which is cumbersome.
More info here: http://www.codefromthe70s.org/traceroute_explained.aspx
I am still looking for a simpler solution if anyone can help.
EDIT 2: Thanks for your answers. I guess I'll have to go with Java then.
I wonder if NaCl ( http://code.google.com/p/nativeclient/ ) would support some kind of traceroute app.
You can't do this at all from a browser. Javascript can at best open a connection back to its originating server for AJAX requests, but can only do so via HTTP. Flash can talk to arbitrary hosts, but only if they're listed in a crossdomain.xml file on the originating server, and again only via TCP. UDP support in Flash is apparently pending.
Traceroute and ping are both ICMP-based protocols and cannot be created/controlled from Flash or Javascript. They also both require 'raw' access to build custom packets, and this definitely cannot be done browser-side. This is why 'ping' is an 'SUID' program on Unix systems, as raw packet access requires root privileges.
At best you can do a server-side implementation and have the output sent to the browser. And even then, you most likely could not do it from an in-server process on a Unix box, as the web server is unlikely to be running as root. You'd have to execute the system ping and/or traceroute and redirect the output back to the browser.
Hmm... no, because of the security model.
You might be able to do it in a particular browser with a plug-in, but not an arbitrary browser using anything widely available.
I'd like to be proven wrong here.
Why don't you just sign the applet? Isn't the problem actually more you don't know how to sign the applet? If so, then start here: jarsigner. Here is a more clear tutorial.
There is actually no simpler/better solution than actually running some piece of code and/or commands at the client machine. The traceroute really have to originate at the client machine.
Javascript and Actionscript cannot do this due to security restrictions. They lives in the webpage context only. Silverlight might be able to do, but don't pin me on that. I don't do NET stuff.
How about executing traceroute on the server and returning the result with somekind of ajax call
You don't need to create an applet and sign it! It's possible to use java from javascript. I made a script for doing a traceroute with ActiveX or Java.
I don't see any security warnings on OS X. Try it on Windows and Linux and tell me what happens :-)
UPD: seems like it only works in Firefox
There is CoNetServ (Complex Network Services) browser extension. It is able to do traceroute from your local machine straight in your browser. http://wiki.github.com/VojtechVitek/CoNetServ/
Chrome extension: https://chrome.google.com/extensions/detail/mmkpilpdijdbifpgkpdndpjlkpjkihee Firefox add-on: https://addons.mozilla.org/en-US/firefox/addon/181909/
EDIT: Both Chrome and Firefox revoked bundling NPAPI libraries into the extensions/add-ons. Unfortunately, the above won't work anymore.