#!/bin/sh

# Joe Gillotti - 3/15/2012

# Some config
table=blockedips
table_file=/etc/pf.blocked.ip.conf
tmp=/var/tmp/.pfc


# Localize args here
command=$1
ip=$2

# Show usage and die
usage () {
	echo usage $0 '[search|unblock|block|list] [ip]'
	exit 1
}

# Look through current blocked IP's for a single one
ipgrep () {
	ip=$1
	[ "`pfctl -T show -t $table | tr -d \ | grep -c ^$ip$`" -eq 1  ] && return 1 || return 0
}


case $command in
	
	# Kill an IP
	block)	
		[ ! -z $ip ] || usage

		# Check if its already blocked
		ipgrep $ip
		if [ "$?" -eq 1 ]; then
			echo $ip is already blocked
			exit
		fi
		
		# Add it to our file
		echo $ip >> /etc/pf.blocked.ip.conf

		# Reload pf
		pfctl -f /etc/pf.conf

		# Ensure the change was made
		ipgrep $ip
		if [ "$?" -eq 0 ]; then
			echo $ip did not get blocked successfully
			exit
		fi

		echo $ip now blocked
	;;
	
	# Grep for one
	search)
		[ ! -z $ip ] || usage
		ipgrep $ip
		[ "$?" -eq 1 ]  && echo $ip is blocked
	;;
	
	# Unblock a blocked IP
	unblock)
		[ ! -z $ip ] || usage

		# First see if it isn't bloced
		ipgrep $ip
		if [ "$?" -eq 0 ]; then
			echo $ip is not blocked
			exit
		fi


		touch $tmp
		chmod 600 $tmp
		
		# Remove our IP from the blocked IP's file
		grep -v ^$ip$ $table_file > $tmp
		cat $tmp > $table_file

		rm -f $tmp
		
		# Reload PF
		pfctl -f /etc/pf.conf

		# Make sure it isn't blocked anymore
		ipgrep $ip
		if [ "$?" -eq 0 ]; then
			echo $ip is no longer blocked
			exit
		fi

		echo Failed unblocking ip?
	;;

	# Show the contents of the blocked IP's table
	list)
		echo Blocked IPs:
		pfctl -t $table -T show | tr -d ' '
	;;

	# Default to usage
	*) usage ;;
esac