#!/usr/bin/perl

use strict;
use warnings;

my $mail_log_path = '/var/log/mail';
my $blocklist_file = '/etc/nftables.d/blocklist';
my $nft_cmd = 'nft';

open my $log_fh, '<', $mail_log_path or die "Can't open mail log file: $!\n";

my %seen_ips;
while (my $line = <$log_fh>) {
    if ($line =~ /(\d+\.\d+\.\d+\.\d+)/) {
        my $ip = $1;
        $seen_ips{$ip} = 1;
    }
}

close $log_fh;

open my $blocklist_fh, '>>', $blocklist_file or die "Can't open blocklist file: $!\n";

foreach my $ip (keys %seen_ips) {
    print $blocklist_fh "$ip\n";
    my $nft_command = "$nft_cmd add element inet filter blocklist { $ip }";
    system($nft_command) == 0 or die "Failed to add IP $ip to nftables: $!\n";
}

close $blocklist_fh;

truncate($mail_log_path, 0) or die "Can't truncate mail log file: $!\n";

print "Successfully processed and added IPs to blocklist.\n";