#! /bin/bash
### DOCUMENTATION AND LICENSE START
# (c) 2003,2004 William K. Cole.
#
# This documentation and license apply to bladd version 3.0
#
# This is an interactive script which takes 2 lines of input OR 2
# loosely-formatted command line arguments. The first line or arg
# is a CIDR address block or a range of addresses using a dash
# delimiter. The second one is a comment regarding that address
# range.
#
# As of version 3.0, this script is merely a front-end to the
# queue of changes, and the 'blupd' script is used to actually get
# changes into the blacklist text file and the DNSBL zone.
#
# Solid Clues Consulting Sample Code License
#
#
# THIS SOFTWARE IS NOT LICENSED FOR USE AS-IS!!!
# THIS SOFTWARE IS MADE PUBLICLY AVAILABLE SOLELY FOR
# DEMONSTRATION AND INSTRUCTIONAL USE. IT IS NOT DEEMED SUITABLE
# FOR GENERAL USE BY ITS AUTHOR AND HAS NOT BEEN AUDITED FOR
# SECURITY OR CORRECTNESS. USE AT YOUR OWN RISK.
#
# This software is not suitable for use anywhere other than
# internally at Solid Clues Consulting, where it may or may
# not be in use at any given time and may or may not be dependant
# upon or combined with other software which may or may not be
# available to the public.
#
# Access to this software is provided without any representation
# or warranty of suitability for any specific purpose. This software
# may not be licensed under any circumstance which would subject the
# author to any form of liability for its use.
#
# Any use except by the author MUST involve changes to the
# software. Software thus derived from this software may be
# used without restriction by the person or business creating
# the derived software. Such derived software may be redistributed
# under the following conditions:
#
# 1. All derivative source code and any documentation describing
#    the function of derivative software must reproduce this
#    "DOCUMENTATION AND LICENSE" block in full and unmodified.
#
# 2. No fees of any sort may be charged for distribution or
#    licensing of derivative works. No conditions involving
#    payment for other goods may be applied to restrict
#    distribution of derivative works.
#
# 3. Any distribution of derivative works must include
#    full source code of the entire derivative work.
#
#
# This license SHOULD NOT be construed as intending to make the
# licensed work "Open Source" or "Free" software as those terms
# are commonly used or under the definitions of the OSI or FSF.
# This license is INTENTIONALLY VIRAL and is intended to severely
# restrict the spread  of covered software
#
# Alternative license terms may (or may not) be available from
# Solid Clues Consulting.
#
### DOCUMENTATION AND LICENSE END

PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
BINDDIR='/var/named'
ZONEFILE='blackholes.zone'
ZNAME='blackholes.scconsult.com'
BLTEXT="/Library/WebServer/Building Blocks/blacklist.txt"
TSTAMP=`date +%Y%m%d%H%M%S`
BINDLOG='/var/log/system.log'
shopt -s extglob

#############
# The parseiparg function takes the args and echos out a dash-delimited
# IP address range without spaces and the remaining args
#
parseiparg() {
   shopt -s extglob
   # handle CIDR first, it's easy.
   if [[ "$1" == +([[:digit:]]).+([[:digit:]]).+([[:digit:]]).+([[:digit:]])/+([[:digit:]]) ]]
   then
     BLOCK=`echo $1|perl -pe 'use Net::CIDR; $_=join(\n,Net::CIDR::cidr2range ($_));'`
     shift
   # if $1 looks like a bare IP...
   elif [[ $1 == +([[:digit:]]).+([[:digit:]]).+([[:digit:]]).+([[:digit:]]) ]]
   then # maybe it has a partner and is really a range
      if [[ $# -gt 3 ]] &&
   	     [[ $2 = '-' ]] &&
         [[ $3 == +([[:digit:]]).+([[:digit:]]).+([[:digit:]]).+([[:digit:]]) ]]
      then
   	     BLOCK="$1$2$3"
   	     shift 3
      else # or not
         BLOCK=$1
         shift
      fi
   # last option: it is a range. This pattern is a little lazy
   elif [[ $1  == +(+([[:digit:]]).)+([[:digit:]])-+(+([[:digit:]]).)+([[:digit:]]) ]]
   then
     BLOCK=$1
     shift
   else
     echo "The arguments do not look like a parsable range or CIDR block" >&2
     exit 1
   fi
   shopt -u extglob
   echo $BLOCK $@
   return 0
}
#############

##############
# The getargsinteractive function asks the user for the args.
#
getargsinteractive() {
   read -p "Enter address range or CIDR block to be listed:" BLOCK
   read -p "Enter comment:" COMM
   echo "$BLOCK $COMM"
   return 0
}
#############



################
#
# Main code
#
# Validate and normalize arguments
# If we have none, get them interactively
[ -z "$1" ] && set -- `getargsinteractive`
# Parse the loosely formatted args so that $1 is a no-whitespace range
NARGS=`parseiparg $@`
set -- $NARGS
BLOCK=$1
shift
if [ -z "$*" ]
then
   read -p "Enter comment:" COMM
else
   COMM="$*"
fi

[ -t 1 ] && echo "$BLOCK    ; $COMM $TSTAMP "

getqueuelock
echo "$BLOCK	; $COMM $TSTAMP" >> "${BLTEXT}.queue"
rm  "${BLTEXT}.queue.lock"

# blupd pulls in the queue. The 10 minute delay means that we can 
# run bladd repeatedly without thrashing CVS or BIND. 
echo "blupd" |at now+10m