#!/usr/pkg/bin/perl
# Usage:
#    ./ipf-to-access_db < ipf.conf > ipf
#    makemap hash  ipf < ipf 
#    --- >> duplication may not be accepted by makemap
# See also:
#   http://www.ki.nu/software/cf2/antispam.html
use strict;
my $DEBUG = 0;
my @list;
my $ip;
my @IPs;
my %DONE;
while(<>){
    if    ( m|^#|   ) {next}
    elsif ( m|^\s+$|) {next}
    @list = split();
    if ($list[0] ne 'block') { next }
    if ($list[1] ne 'in'   ) { next }
    if ($list[2] eq 'log'  ) { shift @list; }  # log がある場合とない場合があるのでずらして調整

# --------------------------------------
# 分類を検証する部分。普段は print しない
    if ($list[2] eq 'on'  ) {
#	print ' on  -> ',$_;
    }
    elsif ($list[2] eq 'log'  ) {
#	print ' log -> ',$_;
    }
    else {
	print ' *** ',$list[2], ' -> ', $_;
    }
# --------------------------------------
# pick only port = 25 line up
#    if    ( m|block in log on \w+ proto tcp from (.*)\s+to any port = 25|) {
     if ($list[12] == 25 ) {
	$ip = $list[7];
	$ip =~ s| ||g;
	$ip =~ s|/32$||;
	$ip =~ s|.0/24$||;
	$ip =~ s|.0.0/16$||;
	if ($DONE{$ip} == 0) {  # avoid duplication
	    push(@IPs,[$ip, sprintf("%-20s\tREJECT\n",$ip)]);
	    $DONE{$ip}++;       # register for 'DONE'
	}
#	print;
    }
    elsif ($DEBUG){
	print $list[11],',';
	print $list[12],',';
	print $list[13],',';
	print $list[14],'->',$_;
    }
#    elsif ( m|block in     on pppoe0 proto tcp from (.*) to any port = 80|m) {
#    }
#    elsif ( m|block in log on pppoe0 proto tcp from (.*) to any port = 80|m) {
#    }
#    else {
#	print
#    }
}
foreach (sort { $a ->[0] <=> $b ->[0]} @IPs){
    print $_ -> [1];}
__END__

block in log on pppoe0 proto tcp from 205.148.35.18/32   to any port = 80  

http://www.ki.nu/software/cf2/antispam.html