<div dir="ltr">Hi Guys,<div><br></div><div>So - Firstly a few notes on using the code I'm going to paste below.</div><div><br></div><div>I created the BGP dump file on a juniper router by running a "show route protocol bgp | save bgp.dump.txt" and then copying that dump file to my local system from the Juniper router.  Note - this produces a roughly 400meg file on a full table router and it takes quite a while to run the command.</div><div>Then - I used the delegated-afrinic-extended-latest file downloaded from the stats ftp server.</div><div><br></div><div>In the code below - if you wish to run similar - change the char BGP_DUMP[256] and char AFRINIC_EXT[256] global variables to match the pathing to the relevant files.</div><div><br></div><div>Note that there is some weirdness in this code to deal with endianness - and I will openly admit its not the cleanest (or probably most efficient) code - but it does work and I've verified the results.</div><div><br></div><div>I've pasted the code below the results section.</div><div><br></div><div>So - first the results:</div><div><br></div><div>Found 824064 total available addresses and 4482304 total reserved addresses<br><a href="http://41.57.124.0/22">41.57.124.0/22</a> fell between reserved range 41.57.124.0 -> 41.57.127.255 [Adding 1024 addresses to potential hijack]<br><a href="http://41.57.124.0/23">41.57.124.0/23</a> fell between reserved range 41.57.124.0 -> 41.57.127.255 [Adding 512 addresses to potential hijack]<br><a href="http://41.57.124.0/24">41.57.124.0/24</a> fell between reserved range 41.57.124.0 -> 41.57.127.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.57.125.0/24">41.57.125.0/24</a> fell between reserved range 41.57.124.0 -> 41.57.127.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.57.126.0/24">41.57.126.0/24</a> fell between reserved range 41.57.124.0 -> 41.57.127.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.57.127.0/24">41.57.127.0/24</a> fell between reserved range 41.57.124.0 -> 41.57.127.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.77.64.0/21">41.77.64.0/21</a> fell between reserved range 41.77.64.0 -> 41.77.71.255 [Adding 2048 addresses to potential hijack]<br><a href="http://41.138.192.0/24">41.138.192.0/24</a> fell between reserved range 41.138.192.0 -> 41.138.223.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.224.0/24">41.204.224.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.225.0/24">41.204.225.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.226.0/24">41.204.226.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.227.0/24">41.204.227.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.228.0/24">41.204.228.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.229.0/24">41.204.229.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.230.0/24">41.204.230.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.231.0/24">41.204.231.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.232.0/24">41.204.232.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.233.0/24">41.204.233.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.234.0/24">41.204.234.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.235.0/24">41.204.235.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.236.0/24">41.204.236.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.237.0/24">41.204.237.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.238.0/24">41.204.238.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.239.0/24">41.204.239.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.240.0/24">41.204.240.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.241.0/24">41.204.241.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.242.0/24">41.204.242.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.243.0/24">41.204.243.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.244.0/24">41.204.244.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.245.0/24">41.204.245.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.246.0/24">41.204.246.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.247.0/24">41.204.247.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.248.0/24">41.204.248.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.249.0/24">41.204.249.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.250.0/24">41.204.250.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.251.0/24">41.204.251.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.254.0/24">41.204.254.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.204.255.0/24">41.204.255.0/24</a> fell between reserved range 41.204.224.0 -> 41.204.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.205.224.0/19">41.205.224.0/19</a> fell between reserved range 41.205.224.0 -> 41.205.255.255 [Adding 8192 addresses to potential hijack]<br><a href="http://41.205.225.0/24">41.205.225.0/24</a> fell between reserved range 41.205.224.0 -> 41.205.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.205.232.0/24">41.205.232.0/24</a> fell between reserved range 41.205.224.0 -> 41.205.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.205.234.0/24">41.205.234.0/24</a> fell between reserved range 41.205.224.0 -> 41.205.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.205.235.0/24">41.205.235.0/24</a> fell between reserved range 41.205.224.0 -> 41.205.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.205.237.0/24">41.205.237.0/24</a> fell between reserved range 41.205.224.0 -> 41.205.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.205.238.0/24">41.205.238.0/24</a> fell between reserved range 41.205.224.0 -> 41.205.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.205.239.0/24">41.205.239.0/24</a> fell between reserved range 41.205.224.0 -> 41.205.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://41.220.48.0/20">41.220.48.0/20</a> fell between reserved range 41.220.48.0 -> 41.220.63.255 [Adding 4096 addresses to potential hijack]<br><a href="http://80.88.6.0/24">80.88.6.0/24</a> fell between reserved range 80.88.6.0 -> 80.88.6.255 [Adding 256 addresses to potential hijack]<br><a href="http://102.128.74.0/24">102.128.74.0/24</a> fell between reserved range 102.128.72.0 -> 102.128.75.255 [Adding 256 addresses to potential hijack]<br><a href="http://102.135.164.0/24">102.135.164.0/24</a> fell between reserved range 102.135.164.0 -> 102.135.167.255 [Adding 256 addresses to potential hijack]<br><a href="http://102.135.165.0/24">102.135.165.0/24</a> fell between reserved range 102.135.164.0 -> 102.135.167.255 [Adding 256 addresses to potential hijack]<br><a href="http://102.135.166.0/24">102.135.166.0/24</a> fell between reserved range 102.135.164.0 -> 102.135.167.255 [Adding 256 addresses to potential hijack]<br><a href="http://102.219.128.0/24">102.219.128.0/24</a> fell between reserved range 102.219.128.0 -> 102.219.131.255 [Adding 256 addresses to potential hijack]<br><a href="http://102.219.129.0/24">102.219.129.0/24</a> fell between reserved range 102.219.128.0 -> 102.219.131.255 [Adding 256 addresses to potential hijack]<br><a href="http://102.219.130.0/24">102.219.130.0/24</a> fell between reserved range 102.219.128.0 -> 102.219.131.255 [Adding 256 addresses to potential hijack]<br><a href="http://102.221.148.0/22">102.221.148.0/22</a> fell between reserved range 102.221.144.0 -> 102.221.151.255 [Adding 1024 addresses to potential hijack]<br><a href="http://156.0.254.0/24">156.0.254.0/24</a> fell between reserved range 156.0.254.0 -> 156.0.254.255 [Adding 256 addresses to potential hijack]<br><a href="http://160.119.208.0/24">160.119.208.0/24</a> fell between reserved range 160.119.208.0 -> 160.119.211.255 [Adding 256 addresses to potential hijack]<br><a href="http://160.119.209.0/24">160.119.209.0/24</a> fell between reserved range 160.119.208.0 -> 160.119.211.255 [Adding 256 addresses to potential hijack]<br><a href="http://164.160.192.0/21">164.160.192.0/21</a> fell between reserved range 164.160.192.0 -> 164.160.223.255 [Adding 2048 addresses to potential hijack]<br><a href="http://169.255.164.0/22">169.255.164.0/22</a> fell between reserved range 169.255.164.0 -> 169.255.167.255 [Adding 1024 addresses to potential hijack]<br><a href="http://193.188.7.0/24">193.188.7.0/24</a> fell between reserved range 193.188.7.0 -> 193.188.7.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.13.203.0/24">196.13.203.0/24</a> fell between reserved range 196.13.203.0 -> 196.13.203.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.20.60.0/24">196.20.60.0/24</a> fell between reserved range 196.20.32.0 -> 196.20.63.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.20.61.0/24">196.20.61.0/24</a> fell between reserved range 196.20.32.0 -> 196.20.63.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.20.62.0/24">196.20.62.0/24</a> fell between reserved range 196.20.32.0 -> 196.20.63.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.41.74.0/24">196.41.74.0/24</a> fell between reserved range 196.41.74.0 -> 196.41.74.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.43.252.0/24">196.43.252.0/24</a> fell between reserved range 196.43.252.0 -> 196.43.252.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.46.18.0/24">196.46.18.0/24</a> fell between reserved range 196.46.18.0 -> 196.46.19.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.46.19.0/24">196.46.19.0/24</a> fell between reserved range 196.46.18.0 -> 196.46.19.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.46.152.0/24">196.46.152.0/24</a> fell between reserved range 196.46.152.0 -> 196.46.159.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.46.153.0/24">196.46.153.0/24</a> fell between reserved range 196.46.152.0 -> 196.46.159.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.46.154.0/23">196.46.154.0/23</a> fell between reserved range 196.46.152.0 -> 196.46.159.255 [Adding 512 addresses to potential hijack]<br><a href="http://196.50.21.0/24">196.50.21.0/24</a> fell between reserved range 196.50.21.0 -> 196.50.21.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.53.113.0/24">196.53.113.0/24</a> fell between reserved range 196.52.0.0 -> 196.55.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.54.72.0/23">196.54.72.0/23</a> fell between reserved range 196.52.0.0 -> 196.55.255.255 [Adding 512 addresses to potential hijack]<br><a href="http://196.55.102.0/23">196.55.102.0/23</a> fell between reserved range 196.52.0.0 -> 196.55.255.255 [Adding 512 addresses to potential hijack]<br><a href="http://196.63.243.0/24">196.63.243.0/24</a> fell between reserved range 196.62.0.0 -> 196.63.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.195.4.0/24">196.195.4.0/24</a> fell between reserved range 196.194.0.0 -> 196.195.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.195.15.0/24">196.195.15.0/24</a> fell between reserved range 196.194.0.0 -> 196.195.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://196.195.253.0/24">196.195.253.0/24</a> fell between reserved range 196.194.0.0 -> 196.195.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://197.157.200.0/22">197.157.200.0/22</a> fell between reserved range 197.157.200.0 -> 197.157.203.255 [Adding 1024 addresses to potential hijack]<br><a href="http://197.231.248.0/22">197.231.248.0/22</a> fell between reserved range 197.231.248.0 -> 197.231.251.255 [Adding 1024 addresses to potential hijack]<br><a href="http://197.231.248.0/24">197.231.248.0/24</a> fell between reserved range 197.231.248.0 -> 197.231.251.255 [Adding 256 addresses to potential hijack]<br><a href="http://197.231.249.0/24">197.231.249.0/24</a> fell between reserved range 197.231.248.0 -> 197.231.251.255 [Adding 256 addresses to potential hijack]<br><a href="http://197.231.250.0/24">197.231.250.0/24</a> fell between reserved range 197.231.248.0 -> 197.231.251.255 [Adding 256 addresses to potential hijack]<br><a href="http://197.231.251.0/24">197.231.251.0/24</a> fell between reserved range 197.231.248.0 -> 197.231.251.255 [Adding 256 addresses to potential hijack]<br><a href="http://197.234.208.0/24">197.234.208.0/24</a> fell between reserved range 197.234.208.0 -> 197.234.215.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.224.0/24">212.12.224.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.225.0/24">212.12.225.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.226.0/24">212.12.226.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.227.0/24">212.12.227.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.229.0/24">212.12.229.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.231.0/24">212.12.231.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.232.0/24">212.12.232.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.233.0/24">212.12.233.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.234.0/24">212.12.234.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.235.0/24">212.12.235.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.236.0/24">212.12.236.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.237.0/24">212.12.237.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.238.0/24">212.12.238.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.239.0/24">212.12.239.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.240.0/24">212.12.240.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.241.0/24">212.12.241.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.242.0/24">212.12.242.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.243.0/24">212.12.243.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.244.0/24">212.12.244.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.245.0/24">212.12.245.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.246.0/24">212.12.246.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.247.0/24">212.12.247.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.248.0/24">212.12.248.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.249.0/24">212.12.249.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.250.0/24">212.12.250.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.251.0/24">212.12.251.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.252.0/24">212.12.252.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.254.0/24">212.12.254.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br><a href="http://212.12.255.0/24">212.12.255.0/24</a> fell between reserved range 212.12.224.0 -> 212.12.255.255 [Adding 256 addresses to potential hijack]<br>Found 50176 potentially hijacked addresses</div><div><br></div><div>--- Below here is the code (I didn't know if I could send attachments to the RPD list so I just pasted the code straight) ---</div><div><br></div><div>//<br>//  main.c<br>//  AfrinicAudit<br>//<br>//  Created by Andrew Alston on 15/10/2025.<br>//  Code is considered open use with no restrictions.<br>//<br><br>#include <stdlib.h><br>#include <stdio.h><br>#include <string.h><br>#include <arpa/inet.h><br><br>char BGP_DUMP[256] = "/Users/aalston/audit/bgp.dump.txt";<br>char AFRINIC_EXT[256] = "/Users/aalston/audit/delegated-afrinic-extended-latest";<br><br>struct routes {<br>    unsigned int network;<br>    unsigned int broadcast;<br>    unsigned int mask;<br>    unsigned short cidr;<br>};<br><br>struct audit {<br>    struct routes *dfz;<br>    int dfz_count;<br>    struct routes *reserved;<br>    int total_resv;<br>    int rc;<br>    struct routes *available;<br>    int total_avail;<br>    int ac;<br>};<br><br>int parse_afrinic_extended(char *afext, struct audit *output) {<br>    FILE *dump = fopen(afext, "r");<br>    if(!dump)<br>        return -1;<br>    char buffer[1024] = {0};<br>    char *delim;<br>    output->rc = 0;<br>    while(fgets(buffer, 1024, dump)) {<br>        if(strstr(buffer, "ZZ") && strstr(buffer, "reserved") && strstr(buffer, "ipv4")) {<br>            output->rc++;<br>        }<br>    }<br>    output->reserved = calloc(output->rc, sizeof(struct routes));<br>    if(!output->reserved)<br>        return -1;<br>    output->rc = 0;<br>    struct routes *resv = output->reserved;<br>    rewind(dump);<br>    while(fgets(buffer, 1024, dump)) {<br>        if(strstr(buffer, "ZZ") && strstr(buffer, "reserved") && strstr(buffer, "ipv4")) {<br>            delim = strtok(buffer, "|");<br>            for(int i = 0; i < 3; i++)<br>                delim = strtok(NULL, "|");<br>            inet_pton(AF_INET, delim, &resv[output->rc].network);<br>            resv[output->rc].network = __builtin_bswap32(resv[output->rc].network);<br>            delim = strtok(NULL, "|");<br>            unsigned int addr_count = atoi(delim);<br>            output->total_resv += addr_count;<br>            resv[output->rc].broadcast = resv[output->rc].network+(addr_count-1);<br>            resv[output->rc].network = __builtin_bswap32(resv[output->rc].network);<br>            resv[output->rc].broadcast = __builtin_bswap32(resv[output->rc].broadcast);<br>            resv[output->rc].mask = ~__builtin_bswap32((unsigned int)addr_count-1);<br>            output->rc++;<br>        }<br>    }<br>    rewind(dump);<br>    while(fgets(buffer, 1024, dump)) {<br>        if(strstr(buffer, "ZZ") && strstr(buffer, "available") && strstr(buffer, "ipv4")) {<br>            output->ac++;<br>        }<br>    }<br>    output->available = calloc(output->ac, sizeof(struct routes));<br>    if(!output->available)<br>        return -1;<br>    struct routes *avail = output->available;<br>    rewind(dump);<br>    while(fgets(buffer, 1024, dump)) {<br>        if(strstr(buffer, "ZZ") && strstr(buffer, "available") && strstr(buffer, "ipv4")) {<br>            delim = strtok(buffer, "|");<br>            for(int i = 0; i < 3; i++)<br>                delim = strtok(NULL, "|");<br>            inet_pton(AF_INET, delim, &avail[output->ac].network);<br>            avail[output->ac].network = __builtin_bswap32(avail[output->ac].network);<br>            delim = strtok(NULL, "|");<br>            unsigned int addr_count = atoi(delim);<br>            output->total_avail += addr_count;<br>            avail[output->ac].broadcast = avail[output->ac].network+(addr_count-1);<br>            avail[output->ac].mask = ~__builtin_bswap32((unsigned int)addr_count-1);<br>            output->ac++;<br>        }<br>    }<br>    fclose(dump);<br>    return 0;<br>}<br><br>int parse_dfz(char *dfz_dump, struct audit *output) {<br>    FILE *dump = fopen(dfz_dump, "r");<br>    char buffer[1024] = {0};<br>    int rc = 0, mult = 0, cidr = 0;<br>    char *delim;<br>    if(!dump) {<br>        return -1;<br>    }<br>    while(fgets(buffer, 1024, dump)) {<br>        if(buffer[0] >= '1' && buffer[0] <= '9' && strtok(buffer, "/") && strchr(buffer, '.')) {<br>            rc++;<br>        }<br>    }<br>    output->dfz = calloc(rc, sizeof(struct routes));<br>    output->dfz_count = rc;<br>    if(!output->dfz) {<br>        return -1;<br>    }<br>    rewind(dump);<br>    rc = 0;<br>    while(fgets(buffer, 1024, dump)) {<br>        if(buffer[0] >= '1' && buffer[0] <= '9') {<br>            cidr = 0;<br>            delim = strtok(buffer, "/");<br>            delim = strtok(NULL, "/");<br>            if(!delim) {<br>                memset(buffer, 0, 1024);<br>                continue;<br>            }<br>            mult = 1;<br>            for(int i = 0; i < 3; i++) {<br>                if(delim[i] >= '0' && delim[i] <= '9') {<br>                    cidr = cidr * mult+(9-('9'-delim[i]));<br>                    mult*=10;<br>                }<br>            }<br>            delim = strchr(buffer, '.');<br>            if(!delim) {<br>                memset(buffer, 0, 1024);<br>                continue;<br>            }<br>            output->dfz[rc].cidr = cidr;<br>            inet_pton(AF_INET, buffer, &output->dfz[rc].network);<br>            output->dfz[rc].cidr = cidr;<br>            output->dfz[rc].network = __builtin_bswap32((unsigned int)output->dfz[rc].network);<br>            output->dfz[rc].mask = (~(unsigned int)0) << (32-cidr);<br>            output->dfz[rc].broadcast = output->dfz[rc].network + ((~(unsigned int)0) >> cidr);<br>            output->dfz[rc].network = __builtin_bswap32((unsigned int)output->dfz[rc].network);<br>            output->dfz[rc].broadcast = __builtin_bswap32((unsigned int)output->dfz[rc].broadcast);<br>            rc++;<br>            memset(buffer, 0, 1024);<br>        }<br>    }<br>    fclose(dump);<br>    return 0;<br>}<br><br>int audit_reserved(struct audit *data) {<br>    int hijack_count = 0;<br>    for(int i = 0; i < data->dfz_count; i++) {<br>        unsigned int dfz_net = __builtin_bswap32((unsigned int)data->dfz[i].network);<br>        unsigned int dfz_bcast = __builtin_bswap32((unsigned int)data->dfz[i].broadcast);<br>        for(int r = 0; r < data->rc; r++) {<br>            unsigned int resv_net = __builtin_bswap32((unsigned int)data->reserved[r].network);<br>            unsigned int resv_bcast = __builtin_bswap32((unsigned int)data->reserved[r].broadcast);<br>            if(dfz_net >= resv_net && dfz_net <= resv_bcast) {<br>                hijack_count += ((dfz_bcast-dfz_net)+1);<br>                char dfz_route[INET_ADDRSTRLEN] = {0};<br>                char resv_network[INET_ADDRSTRLEN] = {0};<br>                char resv_broadcast[INET_ADDRSTRLEN] = {0};<br>                inet_ntop(AF_INET, &data->dfz[i].network, dfz_route, INET_ADDRSTRLEN);<br>                inet_ntop(AF_INET, &data->reserved[r].network, resv_network, INET_ADDRSTRLEN);<br>                inet_ntop(AF_INET, &data->reserved[r].broadcast, resv_broadcast, INET_ADDRSTRLEN);<br>                printf("%s/%d fell between reserved range %s -> %s [Adding %d addresses to potential hijack]\n",<br>                       dfz_route, data->dfz[i].cidr, resv_network, resv_broadcast, (dfz_bcast-dfz_net)+1);<br>            }<br>        }<br>        for(int a = 0; a < data->ac; a++) {<br>            unsigned int avail_net = __builtin_bswap32((unsigned int)data->available[a].network);<br>            unsigned int avail_bcast = __builtin_bswap32((unsigned int)data->available[a].broadcast);<br>            if(dfz_net >= data->available[a].network && dfz_net <= data->available[a].broadcast) {<br>                hijack_count += ((data->available[a].broadcast-data->available[a].network)+1);<br>                char dfz_route[INET_ADDRSTRLEN] = {0};<br>                char avail_network[INET_ADDRSTRLEN] = {0};<br>                char avail_broadcast[INET_ADDRSTRLEN] = {0};<br>                inet_ntop(AF_INET, &data->dfz[i].network, dfz_route, INET_ADDRSTRLEN);<br>                inet_ntop(AF_INET, &avail_net, avail_network, INET_ADDRSTRLEN);<br>                inet_ntop(AF_INET, &avail_bcast, avail_broadcast, INET_ADDRSTRLEN);<br>                printf("%s/%d fell between available range %s -> %s\n", dfz_route, data->dfz[i].cidr, avail_network, avail_broadcast);<br>            }<br>        }<br>    }<br>    printf("Found %d potentially hijacked addresses\n", hijack_count);<br>    return 0;<br>}<br><br>int main(int argc, const char * argv[]) {<br>    struct audit data = {0};<br>    if(parse_dfz(BGP_DUMP, &data))<br>        return EXIT_FAILURE;<br>    if(parse_afrinic_extended(AFRINIC_EXT, &data))<br>        return EXIT_FAILURE;<br>    printf("Found %d total available addresses and %d total reserved addresses\n", data.total_avail, data.total_resv);<br>    audit_reserved(&data);<br>    return EXIT_SUCCESS;<br>}<br></div></div>