1#! /usr/local/bin/perl
2##
3## Read BGPd logfile and lookup RR's whois database.
4##
5##   Copyright (c) 1997 Kunihiro Ishiguro
6##
7use Socket;
8
9## Configuration variables
10$whois_host = "whois.jpix.ad.jp";
11
12#$mail_address = "toshio\@iri.co.jp";
13$mail_address = "kunihiro\@zebra.org";
14$mailer = "/usr/sbin/sendmail -oi";
15
16#$logfile = "/usr/local/sbin/logfile"
17$logfile = "logfile";
18$lookuplog = "lookuplog";
19
20## mail routine
21{
22    local ($prefix, $origin);
23
24    open (LOG, $logfile) || die "can't open $logfile";
25    open (LOOKUP, ">$lookuplog") || die "can't open $lookuplog";
26
27    for (;;) {
28    while (<LOG>) {
29        if (/Update\S+ ([\d\.\/]+) .* (\d+) [ie\?]/) {
30            $prefix = $1;
31            $origin = $2;
32            $ret = &whois_check ($prefix, $origin);
33            if ($ret) {
34                print LOOKUP "$prefix AS$origin : Check OK\n";
35            } else {
36                print LOOKUP "$prefix AS$origin : Error\n";
37            }
38#        fflush (LOOKUP);
39        }
40    }
41    sleep (3);
42    }
43}
44
45sub whois_check
46{
47    local ($prefix, $origin) = @_;
48    local ($rr_prefix, $rr_origin) = ();
49    local (@result);
50
51    $origin = "AS" . $origin;
52
53#    print "$prefix $origin\n";
54
55    @result = &whois ($prefix);
56
57    foreach (@result) {
58        if (/^route:.*\s([\d\.\/]+)$/) {
59            $rr_prefix = $1;
60        }
61        if (/^origin:.*\s(AS[\d]+)$/) {
62            $rr_origin = $1;
63
64            if ($prefix eq $rr_prefix and $origin eq $rr_origin) {
65                return 1;
66            }
67        }
68    }
69    alarm_mail ($prefix, $origin, @result);
70    return 0;
71}
72
73## get port of whois
74sub get_whois_port
75{
76    local ($name, $aliases, $port, $proto) = getservbyname ("whois", "tcp");
77    return ($port, $proto);
78}
79
80## whois lookup
81sub whois
82{
83    local ($query) = @_;
84    local ($port, $proto) = &get_whois_port;
85    local (@result);
86
87    if ($whois_host=~ /^\s*\d+\.\d+\.\d+\.\d+\s*$/) {
88       $address = pack ("C4",split(/\./,$host));
89    } else {
90       $address = (gethostbyname ($whois_host))[4];
91    }
92
93    socket (SOCKET, PF_INET, SOCK_STREAM, $proto);
94
95    if (connect (SOCKET, sockaddr_in ($port, $address))) {
96        local ($oldhandle) = select (SOCKET);
97        $| = 1;
98        select($oldhandle);
99
100        print SOCKET "$query\r\n";
101
102        @result = <SOCKET>;
103        return @result;
104    }
105}
106
107##
108sub alarm_mail
109{
110    local ($prefix, $origin, @result) = @_;
111
112    open (MAIL, "|$mailer -t $mail_address") || die "can't open $mailer";
113
114    print MAIL "From: root\@rr1.jpix.ad.jp\n";
115    print MAIL "Subject: RR $origin $prefix\n";
116    print MAIL "MIME-Version: 1.0\n";
117    print MAIL "Content-Type: text/plain; charset=us-ascii \n\n";
118    print MAIL "RR Lookup Error Report\n";
119    print MAIL "======================\n";
120    print MAIL "Announced route : $prefix from $origin\n\n";
121    print MAIL "@result";
122    close MAIL;
123}
124