HEX

File: //ibin/iptables-save-build.pl
#!/usr/bin/perl

$old_code = "first-time";

$config_file="/ibin/conf/iptables.source";
$map_file="/ibin/conf/iptables.map";
$cidr_file="/ibin/conf/iptables/CIDR";

open(CONFIG_FILE,$config_file) or die($!);
open(MAP_FILE,">$map_file")    or die($!);
open(CIDR_FILE,">$cidr_file")    or die($!);

#-----[ Top of iptables file ]-----------------------------------------------------------------------------------
print "#################################################################################\n";
print "# iptables.conf  Automatically Generated                                        #\n";
print "#################################################################################\n";
print "*filter\n";
print ":INPUT ACCEPT [0:0]\n";
print ":FORWARD ACCEPT [0:0]\n";
print ":OUTPUT ACCEPT [0:0]\n";
print ":SMTP_TRAFFIC - [0:0]\n";
print "-A INPUT -p tcp --dport 25 -m state --state NEW -j SMTP_TRAFFIC\n";




while($line = <CONFIG_FILE>) {

	chomp($line);
	next if $line =~ /#/;
	next if $type eq "H";
#	next if $line = "^#";

  (
        $type,
        $ip

  ) = split(/:/, $line);


	$x++;



#----------< Block Mail Type: Spammers >----------
if ( $type eq "M" ) {
	$code = "IISG"; 

} elsif ($type eq "J") {
        $code = "JAPAN";

} elsif ($type eq "A") {
        $code = "ASIAN";

} elsif ($type eq "P") {
        $code = "POLAND";

} elsif ($type eq "C") {
        $code = "CZECH";

} elsif ($type eq "T") {
        $code = "TURKEY";

} elsif ($type eq "I") {
        $code = "INDIA-KOREA";

} elsif ($type eq "R") {
        $code = "RUSSIA";

} elsif ($type eq "U") {
        $code = "UK";

} elsif ($type eq "D") {
        $code = "DROP";  

} elsif ($type eq "Z") {
        $code = "TEST";  

} elsif ($type eq "W") {
        $code = "WHITE-LIST";  
}



	if($code eq "WHITE-LIST") {
		if ($code ne $old_code) {
		   print "#################################################################################\n";
		   print "# CIDR-$code WHITE-LIST Entries                                       \n";
		   print "#################################################################################\n";
		   print ":LOG_". $code . " - [0:0]\n";
		   print ":CIDR-". $code . " - [0:0]\n";
		   print "-A SMTP_TRAFFIC -j CIDR-" . $code . "\n";
		   print "-A LOG_" . $code . " -j LOG --log-prefix \"CIDR-" . $code . "\"\n";
		   print "-A LOG_" . $code . " -j ACCEPT\n";
		}
		
		print "-A CIDR-". $code . " -s " . $ip . " -j LOG_" . $code . "\n"; 
		print CIDR_FILE $ip . "\t\t\OK\n"; 

		$old_code = $code;


	} else {
		if ($code ne $old_code) {
		   print "#################################################################################\n";
		   print "# CIDR-$code Entries                                       \n";
		   print "#################################################################################\n";
		   print ":LOG_". $code . " - [0:0]\n";
		   print ":CIDR-". $code . " - [0:0]\n";
		   print "-A SMTP_TRAFFIC -j CIDR-" . $code . "\n";
		   print "-A LOG_" . $code . " -j LOG --log-prefix \"SPAM-BLOCK-CIDR-" . $code . "\"\n";
		   print "-A LOG_" . $code . " -j DROP\n";
		}
		
		print "-A CIDR-". $code . " -s " . $ip . " -j LOG_" . $code . "\n"; 

		$old_code = $code;
	        print MAP_FILE $ip . "\n";
			  print CIDR_FILE $ip . "\t\t\REJECT CIDR-BLOCK " . $code . "->" . $ip . "\n"; 
	}


}

#-----[ End of config file ]------------------------------------------------------------------------------------------
print "COMMIT\n";
print "#################################################################################\n";
print "# iptables.conf  EOF                                                            #\n";
print "#################################################################################\n";


close(CONFIG_FILE);
close(MAP_FILE);
exit;