Is it possible to do a traceroute in the browser?

Franck picture Franck · Feb 1, 2010 · Viewed 32.9k times · Source

I'm looking for a way to do a traceroute client-side, i.e. in a browser.

As far as I know, it's not possible to send ICMP, UDP or TCP packets with arbitrary TTL values via Javascript or Flash. I know Flash allows TCP connections via the Socket class in Actionscript but it doesn't seem useful for a traceroute implementation.

Is the only solution to develop a browser plug-in ?

EDIT: I just found out that it has been done with a Java applet: http://www.codefromthe70s.org/traceroute.aspx

The bad news is that this applet requires to be signed code because it actually parses the output from the ping executable of the underlying client system. Because of this, the user is asked to allow the Java application to run, which is cumbersome.

More info here: http://www.codefromthe70s.org/traceroute_explained.aspx

I am still looking for a simpler solution if anyone can help.

EDIT 2: Thanks for your answers. I guess I'll have to go with Java then.

I wonder if NaCl ( http://code.google.com/p/nativeclient/ ) would support some kind of traceroute app.

Answer

Marc B picture Marc B · Feb 3, 2010

You can't do this at all from a browser. Javascript can at best open a connection back to its originating server for AJAX requests, but can only do so via HTTP. Flash can talk to arbitrary hosts, but only if they're listed in a crossdomain.xml file on the originating server, and again only via TCP. UDP support in Flash is apparently pending.

Traceroute and ping are both ICMP-based protocols and cannot be created/controlled from Flash or Javascript. They also both require 'raw' access to build custom packets, and this definitely cannot be done browser-side. This is why 'ping' is an 'SUID' program on Unix systems, as raw packet access requires root privileges.

At best you can do a server-side implementation and have the output sent to the browser. And even then, you most likely could not do it from an in-server process on a Unix box, as the web server is unlikely to be running as root. You'd have to execute the system ping and/or traceroute and redirect the output back to the browser.