#!/usr/bin/env perl
use strict;
$|++;

my $MYDOOM = "/home/merlyn/mydoom";
my $MYSOBIGF = "/home/merlyn/sobig.f";
my $HOURS = 4;

sub now {
  my @now = localtime;
  sprintf "%02d-%02d %02d:%02d:%02d", $now[4]+1, @now[3,2,1,0];
}

use POE qw(Wheel::FollowTail Filter::Line);

POE::Session->create
  (inline_states =>
   {_start => sub {
      my($kernel) = @_[KERNEL];
      $kernel->yield("initialize_ip_list");
    },
    initialize_ip_list => sub {
      my ($kernel, $heap) = @_[KERNEL, HEAP];
      @{$heap->{ip_list}} = `pfctl -t spammers -T show` =~ /(\S+)/g;
      $kernel->yield("start_tailing");
      $kernel->yield("unblock_an_address");
    },
    start_tailing => sub {
      my($kernel, $heap) = @_[KERNEL, HEAP];
      $heap->{tailer} = POE::Wheel::FollowTail->new
        (Filename => $MYDOOM,
         Filter => POE::Filter::Line->new
         (InputRegexp => qr/(?<=\n)(?=[^ \t])/),
         InputEvent => 'tailer_got_line',
        );
      $heap->{tailer2} = POE::Wheel::FollowTail->new
        (Filename => $MYSOBIGF,
         Filter => POE::Filter::Line->new
         (InputRegexp => qr/(?<=\n)(?=[^ \t])/),
         InputEvent => 'tailer_got_line',
        );
    },
    tailer_got_line => sub {
      my($heap, $line) = @_[HEAP,ARG0];
      my ($name, $ip) = $line =~ /\((\S+)\s+\[([\d.]+)\]\)\s+by blue\.stonehenge\.com/ or return;
      return if $ip eq "127.0.0.1";
      print now(), ": BLOCKING $ip ($name): ";
      system "pfctl -t spammers -T add $ip";
      push @{$heap->{ip_list}}, $ip;
    },
    unblock_an_address => sub {
      my($kernel, $heap, $state) = @_[KERNEL, HEAP, STATE];
      my $ip_list_ref = $heap->{ip_list};
      if (my $ip = shift @$ip_list_ref) {
        print now(), ": UNBLOCKING $ip: ";
        system "pfctl -t spammers -T delete $ip";
      }
      my $delay = @$ip_list_ref ? 60*60*$HOURS / @$ip_list_ref : 10;
      $delay = 1 if $delay < 1;
      $delay = 60 if $delay > 60;
      $kernel->delay($state, $delay);
    },
   });
   

POE::Kernel->run;