#!/usr/local/bin/perl

# log into the specified route server to make sure
# we are the only ones announcing our network
# -r = route server (compat w/ most @ http://www.traceroute.org/#Route%20Servers)
# -a = our asn
# -n = network to check (i.e. 10.0.0.0/21)

use strict;
use Getopt::Std;
use Net::Telnet::Cisco;

my %opt;
getopts('a:r:n:', \%opt);

die "syntax error" unless(exists($opt{r}));
die "invalid ASN" unless($opt{a} =~ /^\d+$/);
die "invalid network" unless($opt{n} =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\/\d{1,2}$/);

my $telnet = Net::Telnet::Cisco->new(Host=>$opt{r},Prompt => '/[\$%#>]\s*$/',Timeout=>10);
die "could not connect to $opt{r}\n" unless($telnet);

$telnet->cmd("term len 0");
my @result = $telnet->cmd("sho ip bgp $opt{n}");
$telnet->print("exit");

unless(@result > 3){
	die "$opt{r} did not respond to our request.\n";
}
foreach(@result){
	if(/^\s{2}((\d+\s?)+)/){
		my @path = split(/\s+/, $1);
		if(grep /^$opt{a}$/, @path){
			print "OK: found $opt{a} announcing $opt{n} on $opt{r}\n";
		}else{
			die "evil aspath found via $opt{r} announcing $opt{n}\n";
		}
	}
}