Hello everyone, I need help with this query: given an ip, there is a way to have the route to reach that ip with osquery? (something like the tracert command)

I believe there's only one way to make osquery initiate an outgoing connection to an arbitrary IP address, and that is the

curl

table, but it doesn't do a trace-route. https://osquery.io/schema/4.6.0/#curl

For now I’m using the round_trip_time in the curl schema but I was looking for something different. The Routes schema has the route table for the host system but i’m looking for the entire route used to reach a remote ip address

I think it’s an interesting feature request, if the code implementation was manageable I think we could support this.

the implementation involves repeatedly sending a packet to the destination with incrementing TTL, right? If you have control over that field from user-mode, it should be easy enough