David Ward | 2e14a74 | 2012-04-29 16:47:03 -0400 | [diff] [blame] | 1 | #!/usr/bin/env perl |
paul | 718e374 | 2002-12-13 20:15:29 +0000 | [diff] [blame] | 2 | ## |
| 3 | ## Read BGPd logfile and lookup RR's whois database. |
| 4 | ## |
| 5 | ## Copyright (c) 1997 Kunihiro Ishiguro |
| 6 | ## |
| 7 | use Socket; |
| 8 | |
| 9 | ## Configuration variables |
| 10 | $whois_host = "whois.jpix.ad.jp"; |
| 11 | |
| 12 | #$logfile = "/usr/local/sbin/logfile" |
| 13 | $logfile = shift || die "Please specify filename"; |
| 14 | |
| 15 | ## mail routine |
| 16 | { |
| 17 | local ($prefix, $origin); |
| 18 | |
| 19 | open (LOG, $logfile) || die "can't open $logfile"; |
| 20 | |
| 21 | $index = ''; |
| 22 | while ($index) { |
| 23 | $index = <LOG>; |
| 24 | if ($index =~ /[bgpd]/) { |
| 25 | break; |
| 26 | } |
| 27 | } |
| 28 | |
| 29 | while (<LOG>) { |
| 30 | if (/([\d\.\/]+)\s+([\d\.]+)\s+(\d+)\s+(\d+)\s+([\d ]+)\s+[ie\?]/) { |
| 31 | $prefix = $1; |
| 32 | $nexthop = $2; |
| 33 | $med = $3; |
| 34 | $dummy = $4; |
| 35 | $aspath = $5; |
| 36 | ($origin) = ($aspath =~ /([\d]+)$/); |
| 37 | |
| 38 | print "$nexthop [$origin] $prefix $aspath "; |
| 39 | |
| 40 | $ret = &whois_check ($prefix, $origin); |
| 41 | if ($ret == 0) { |
| 42 | print "Check OK\n"; |
| 43 | } elsif ($ret == 1){ |
| 44 | print "AS orgin mismatch\n"; |
| 45 | } else { |
| 46 | print "prefix doesn't exist \n"; |
| 47 | } |
| 48 | } |
| 49 | } |
| 50 | } |
| 51 | |
| 52 | sub whois_check |
| 53 | { |
| 54 | local ($prefix, $origin) = @_; |
| 55 | local ($rr_prefix, $rr_origin) = (); |
| 56 | local (@result); |
| 57 | |
| 58 | $origin = "AS" . $origin; |
| 59 | |
| 60 | @result = &whois ($prefix); |
| 61 | |
| 62 | $prefix_match = 0; |
| 63 | foreach (@result) { |
| 64 | if (/^route:.*\s([\d\.\/]+)$/) { |
| 65 | $rr_prefix = $1; |
| 66 | } |
| 67 | if (/^origin:.*\s(AS[\d]+)$/) { |
| 68 | $rr_origin = $1; |
| 69 | |
| 70 | if ($prefix eq $rr_prefix and $origin eq $rr_origin) { |
| 71 | return 0; |
| 72 | } elsif ($prefix eq $rr_prefix) { |
| 73 | $prefix_match = 1; |
| 74 | } |
| 75 | } |
| 76 | } |
| 77 | # alarm_mail ($prefix, $origin, @result); |
| 78 | if ($prefix_match) { |
| 79 | return 1; |
| 80 | } else { |
| 81 | return 2; |
| 82 | } |
| 83 | } |
| 84 | |
| 85 | ## get port of whois |
| 86 | sub get_whois_port |
| 87 | { |
| 88 | local ($name, $aliases, $port, $proto) = getservbyname ("whois", "tcp"); |
| 89 | return ($port, $proto); |
| 90 | } |
| 91 | |
| 92 | ## whois lookup |
| 93 | sub whois |
| 94 | { |
| 95 | local ($query) = @_; |
| 96 | local ($port, $proto) = &get_whois_port; |
| 97 | local (@result); |
| 98 | |
| 99 | if ($whois_host=~ /^\s*\d+\.\d+\.\d+\.\d+\s*$/) { |
| 100 | $address = pack ("C4",split(/\./,$host)); |
| 101 | } else { |
| 102 | $address = (gethostbyname ($whois_host))[4]; |
| 103 | } |
| 104 | |
| 105 | socket (SOCKET, PF_INET, SOCK_STREAM, $proto); |
| 106 | |
| 107 | if (connect (SOCKET, sockaddr_in ($port, $address))) { |
| 108 | local ($oldhandle) = select (SOCKET); |
| 109 | $| = 1; |
| 110 | select($oldhandle); |
| 111 | |
| 112 | print SOCKET "$query\r\n"; |
| 113 | |
| 114 | @result = <SOCKET>; |
| 115 | return @result; |
| 116 | } |
| 117 | } |
| 118 | |
| 119 | ## |
| 120 | sub alarm_mail |
| 121 | { |
| 122 | local ($prefix, $origin, @result) = @_; |
| 123 | |
| 124 | open (MAIL, "|$mailer -t $mail_address") || die "can't open $mailer"; |
| 125 | |
| 126 | print MAIL "From: root\@rr1.jpix.ad.jp\n"; |
| 127 | print MAIL "Subject: RR $origin $prefix\n"; |
| 128 | print MAIL "MIME-Version: 1.0\n"; |
| 129 | print MAIL "Content-Type: text/plain; charset=us-ascii \n\n"; |
| 130 | print MAIL "RR Lookup Error Report\n"; |
| 131 | print MAIL "======================\n"; |
| 132 | print MAIL "Announced route : $prefix from $origin\n\n"; |
| 133 | print MAIL "@result"; |
| 134 | close MAIL; |
| 135 | } |