Your parens are a bit off in the if. Try ...

if ( $param_cmd and $param_cmd =~ /^([-.0-9a-zA-Z]+)$/ ) {

Note the addition of parens in the regexp so that you save it in $1, as the way you had it would have set $param_cmd to be undefined.

Also, there's no need for qw() which would've passed a different argument than you expected ...

system( "/usr/sbin/traceroute", $param_cmd );

  --k.

( Ain't life^H^H^H^Hsecurity a biiyatch? :)