The personal website of Philip Mather

Traceroute Monitor

#!/bin/bash
cd /tmp/
 
if [ $# -ne 1 ]
then
    echo "use $0 <space delimited file containing targets>"
    exit 1
fi
 
if [ -f "${1}" ]
then
   . ${1}
else
   echo "Target file not found: ${1}"
   exit 1
fi
 
mailProgram="/usr/sbin/sendmail.postfix"
traceProgram="/usr/bin/tcptraceroute"
diffProgram="/usr/bin/diff"
ifconfigProgram="/sbin/ifconfig"
 
#tcptraceroute is a little unusual most people only have traceroute
 
if [ ! -f "${traceProgram}" ]
then
   echo "Traceroute program not found: ${traceProgram}"
   echo -en "Would you like to try and install the missing traceroute program automatically (usually requires privileges)? [y/*]: "
   read continue
 
   [[ ${continue} != "y" ]] && "No selected, please edit this script to use a different traceroute program or manually install ${traceProgram}, thanks!" && exit 2
 
   sudo yum install -y "${traceProgram}"
 
   if [ $? -ne 0 ]
   then
      echo "Automatic install failed,  please edit this script to use a different traceroute program or manually install ${traceProgram}, thanks!"
      exit 2
   else
      echo "Automatic install successful! Continuing..."
   fi
fi
 
 
traceDateTime="`date +%Y-%m-%d_%H-%M-%S`"
tracesDir="traces"
firstSelfIP="`${ifconfigProgram} | grep -m1 'inet addr:' | awk '{ print $2 }' | tr -d 'addr:'`"
 
mkdir -p ./${tracesDir}/${traceDateTime}
 
for i in $targetIPs
do
   ${traceProgram} -n -p80 ${i} 80 2>1 | grep -oE "([1-9]+)(\s+)([1-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])(\.([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}|\[open\]" > ./${tracesDir}/${traceDateTime}/${i}.trace
 
   mostRecentDir="`ls -t1 ./${tracesDir}/ | head -n1`"
   nextMostRecentDir="`ls -t1 ./${tracesDir}/ | tail -n+2 | head -n1`"
 
   diffResult="`${diffProgram} --expand-tabs --suppress-common-lines -L Earlier -L Laster -y ./${tracesDir}/${nextMostRecentDir}/${i}.trace ./${tracesDir}/${mostRecentDir}/${i}.trace`"
 
   if [[ "${diffResult}" != "" ]]
   then
 
outputMessage="
Internet routing from ${firstSelfIP} to ${i} changed between ${nextMostRecentDir} and ${mostRecentDir}
 
   Before                                                            Current
 ----------                                                         ----------
#   Address                                                        #   Address
-------------------------------------------------------------------------------
${diffResult}
"
 
printf "${outputMessage}"
 
      ${mailProgram} -t -oi  <<EOF
From: TracerouteMon
To: some.one@some.where
Subject: [WARNING] routing changed!
${outputMessage}
EOF
 
   fi
done
 
find ./${tracesDir}/ -type f -mtime +7
exit