JayDoubleu/check_routes.ps1

## check_routes.ps1
function Load-RoutingTableFromJson {
    param (
        [string]$JsonFilePath
    )

    if (-not (Test-Path $JsonFilePath)) {
        Write-Error "JSON file not found: $JsonFilePath"
        return $null
    }

    $jsonContent = Get-Content $JsonFilePath -Raw | ConvertFrom-Json

    $routingTable = @()
    foreach ($route in $jsonContent.properties.routes) {
        $routingTable += @{
            CIDR = $route.properties.addressPrefix
            Name = $route.name
            PrefixLength = [int]($route.properties.addressPrefix -split "/")[1]
        }
    }

    # Sort the routing table by prefix length in descending order (most specific first)
    return $routingTable | Sort-Object -Property PrefixLength -Descending
}

function Test-IPInSubnet {
    param (
        [string]$IP,
        [string]$CIDR
    )

    $ipAddress = [System.Net.IPAddress]::Parse($IP)
    $networkAddress = [System.Net.IPAddress]::Parse(($CIDR -split "/")[0])
    $prefixLength = [int]($CIDR -split "/")[1]

    $ipBytes = $ipAddress.GetAddressBytes()
    $networkBytes = $networkAddress.GetAddressBytes()

    if ($ipBytes.Length -ne $networkBytes.Length) {
        return $false
    }

    $prefixFullBytes = [math]::Floor($prefixLength / 8)
    $prefixRemainingBits = $prefixLength % 8

    for ($i = 0; $i -lt $prefixFullBytes; $i++) {
        if ($ipBytes[$i] -ne $networkBytes[$i]) {
            return $false
        }
    }

    if ($prefixRemainingBits -gt 0) {
        $mask = [byte]((0xff -shl (8 - $prefixRemainingBits)) -band 0xff)
        if (($ipBytes[$prefixFullBytes] -band $mask) -ne ($networkBytes[$prefixFullBytes] -band $mask)) {
            return $false
        }
    }

    return $true
}

function Test-IPInRoutes {
    [CmdletBinding()]
    param (
        [Parameter(Mandatory=$true)]
        [string]$IPAddress,
        [Parameter(Mandatory=$true)]
        [array]$RoutingTable
    )

    if (-not ($IPAddress -as [System.Net.IPAddress])) {
        Write-Error "Invalid IP address format."
        return $null
    }

    foreach ($route in $RoutingTable) {
        if ($route.CIDR -eq "0.0.0.0/0") {
            continue  # Skip the catch-all route
        }
        if (Test-IPInSubnet -IP $IPAddress -CIDR $route.CIDR) {
            return @{
                IPAddress = $IPAddress
                RouteName = $route.Name
                CIDR = $route.CIDR
                Present = $true
            }
        }
    }

    # If no specific route is found, check if there's a catch-all route
    $catchAllRoute = $RoutingTable | Where-Object { $_.CIDR -eq "0.0.0.0/0" } | Select-Object -First 1
    if ($catchAllRoute) {
        return @{
            IPAddress = $IPAddress
            RouteName = $catchAllRoute.Name
            CIDR = $catchAllRoute.CIDR
            Present = $true
            IsCatchAll = $true
        }
    }

    return @{
        IPAddress = $IPAddress
        RouteName = $null
        CIDR = $null
        Present = $false
    }
}

function Check-IPRoute {
    [CmdletBinding()]
    param (
        [Parameter(Mandatory=$true)]
        [string]$IPAddress,
        [Parameter(Mandatory=$true)]
        [string]$JsonFilePath
    )

    $routingTable = Load-RoutingTableFromJson -JsonFilePath $JsonFilePath
    if ($null -eq $routingTable) {
        return
    }

    $result = Test-IPInRoutes -IPAddress $IPAddress -RoutingTable $routingTable

    if ($null -eq $result) {
        # This handles the case where an invalid IP address was provided
        return
    }

    if ($result.Present) {
        if ($result.IsCatchAll) {
            Write-Host "The IP address $($result.IPAddress) is not present in any specific route, but matches the catch-all route: $($result.RouteName) ($($result.CIDR))"
        } else {
            Write-Host "The IP address $($result.IPAddress) is present in the route: $($result.RouteName) ($($result.CIDR))"
        }
    } else {
        Write-Host "The IP address $($result.IPAddress) is not present in any of the routes."
    }
}

# Example usage:
# $jsonFilePath = "C:\path\to\your\rt-network-prd-h-uks-01-firewall.json"
# Check-IPRoute -IPAddress "10.238.248.4" -JsonFilePath $jsonFilePath

function Check-AllHostnames {
    param (
        [string]$JsonFilePath = ".\rt-network-prd-h-uks-01-firewall.json"
    )

    $hostnames = @{


    }

    foreach ($hostname in $hostnames.Keys) {
        Write-Host "Checking $hostname (${hostnames[$hostname]}):"
        Check-IPRoute -IPAddress $hostnames[$hostname] -JsonFilePath $JsonFilePath
        Write-Host ""
    }
}

# Usage:
# Check-AllHostnames
# Or if your JSON file is in a different location:
 Check-AllHostnames -JsonFilePath ".\rt-network-prd-h-uks-01-firewall.json"
	function Load-RoutingTableFromJson {
	param (
	[string]$JsonFilePath
	)

	if (-not (Test-Path $JsonFilePath)) {
	Write-Error "JSON file not found: $JsonFilePath"
	return $null
	}

	$jsonContent = Get-Content $JsonFilePath -Raw \| ConvertFrom-Json

	$routingTable = @()
	foreach ($route in $jsonContent.properties.routes) {
	$routingTable += @{
	CIDR = $route.properties.addressPrefix
	Name = $route.name
	PrefixLength = [int]($route.properties.addressPrefix -split "/")[1]
	}
	}

	# Sort the routing table by prefix length in descending order (most specific first)
	return $routingTable \| Sort-Object -Property PrefixLength -Descending
	}

	function Test-IPInSubnet {
	param (
	[string]$IP,
	[string]$CIDR
	)

	$ipAddress = [System.Net.IPAddress]::Parse($IP)
	$networkAddress = [System.Net.IPAddress]::Parse(($CIDR -split "/")[0])
	$prefixLength = [int]($CIDR -split "/")[1]

	$ipBytes = $ipAddress.GetAddressBytes()
	$networkBytes = $networkAddress.GetAddressBytes()

	if ($ipBytes.Length -ne $networkBytes.Length) {
	return $false
	}

	$prefixFullBytes = [math]::Floor($prefixLength / 8)
	$prefixRemainingBits = $prefixLength % 8

	for ($i = 0; $i -lt $prefixFullBytes; $i++) {
	if ($ipBytes[$i] -ne $networkBytes[$i]) {
	return $false
	}
	}

	if ($prefixRemainingBits -gt 0) {
	$mask = [byte]((0xff -shl (8 - $prefixRemainingBits)) -band 0xff)
	if (($ipBytes[$prefixFullBytes] -band $mask) -ne ($networkBytes[$prefixFullBytes] -band $mask)) {
	return $false
	}
	}

	return $true
	}

	function Test-IPInRoutes {
	[CmdletBinding()]
	param (
	[Parameter(Mandatory=$true)]
	[string]$IPAddress,
	[Parameter(Mandatory=$true)]
	[array]$RoutingTable
	)

	if (-not ($IPAddress -as [System.Net.IPAddress])) {
	Write-Error "Invalid IP address format."
	return $null
	}

	foreach ($route in $RoutingTable) {
	if ($route.CIDR -eq "0.0.0.0/0") {
	continue # Skip the catch-all route
	}
	if (Test-IPInSubnet -IP $IPAddress -CIDR $route.CIDR) {
	return @{
	IPAddress = $IPAddress
	RouteName = $route.Name
	CIDR = $route.CIDR
	Present = $true
	}
	}
	}

	# If no specific route is found, check if there's a catch-all route
	$catchAllRoute = $RoutingTable \| Where-Object { $_.CIDR -eq "0.0.0.0/0" } \| Select-Object -First 1
	if ($catchAllRoute) {
	return @{
	IPAddress = $IPAddress
	RouteName = $catchAllRoute.Name
	CIDR = $catchAllRoute.CIDR
	Present = $true
	IsCatchAll = $true
	}
	}

	return @{
	IPAddress = $IPAddress
	RouteName = $null
	CIDR = $null
	Present = $false
	}
	}

	function Check-IPRoute {
	[CmdletBinding()]
	param (
	[Parameter(Mandatory=$true)]
	[string]$IPAddress,
	[Parameter(Mandatory=$true)]
	[string]$JsonFilePath
	)

	$routingTable = Load-RoutingTableFromJson -JsonFilePath $JsonFilePath
	if ($null -eq $routingTable) {
	return
	}

	$result = Test-IPInRoutes -IPAddress $IPAddress -RoutingTable $routingTable

	if ($null -eq $result) {
	# This handles the case where an invalid IP address was provided
	return
	}

	if ($result.Present) {
	if ($result.IsCatchAll) {
	Write-Host "The IP address $($result.IPAddress) is not present in any specific route, but matches the catch-all route: $($result.RouteName) ($($result.CIDR))"
	} else {
	Write-Host "The IP address $($result.IPAddress) is present in the route: $($result.RouteName) ($($result.CIDR))"
	}
	} else {
	Write-Host "The IP address $($result.IPAddress) is not present in any of the routes."
	}
	}

	# Example usage:
	# $jsonFilePath = "C:\path\to\your\rt-network-prd-h-uks-01-firewall.json"
	# Check-IPRoute -IPAddress "10.238.248.4" -JsonFilePath $jsonFilePath

	function Check-AllHostnames {
	param (
	[string]$JsonFilePath = ".\rt-network-prd-h-uks-01-firewall.json"
	)

	$hostnames = @{


	}

	foreach ($hostname in $hostnames.Keys) {
	Write-Host "Checking $hostname (${hostnames[$hostname]}):"
	Check-IPRoute -IPAddress $hostnames[$hostname] -JsonFilePath $JsonFilePath
	Write-Host ""
	}
	}

	# Usage:
	# Check-AllHostnames
	# Or if your JSON file is in a different location:
	Check-AllHostnames -JsonFilePath ".\rt-network-prd-h-uks-01-firewall.json"