package IPtables;
use strict;
use warnings;
use Data::Dumper;

my %CONSTANTS =    (
                        enabled    =>  "no",
                        outputfile =>  "tmp/iptables.txt",
                        threshold  =>  250,
                        excludedip =>  [],
                        eventtype  =>  [],
                        chainname  =>  "BLOCK",
                        destchain  =>  "DROP",
                        maxage     =>  "1D",
                     );

my %FORMAT   =      (   maxage     => qr/\d+[hdmHDM]/, logging  => qr/enable|disable/,);

sub run {
    my (undef, $modprefix, $cfg, $dbh, $db_engine) = @_;
   
    my $v = Constants::mergeConfigs($cfg, $modprefix, \%CONSTANTS, \%FORMAT);
    
    my $eventtype_query = DB::joinIN("type", \@{$v->{'eventtype'}});
    my $excluded_query  = DB::joinNotIN("source", \@{$v->{'excludedip'}});

    my $condition = substr($excluded_query . $eventtype_query, 0, -5);
    my @columns= ("source");
    my @params = ($condition, DB::getOldDataDB($db_engine, "NEWER", $v->{'maxage'}));
    my $query = DB::getQueryCondThreshold($db_engine, "events", \@columns, \@params, $v->{'threshold'});

    my @rows = Utils::fetchall_array_hashref($dbh, $query);

    sub header { my $v = shift; return "/sbin/iptables -F $v->{'chainname'}\n"; };
    sub record { my ($r, $v) = @_; return "/sbin/iptables -A $v->{'chainname'} -s $r->{'source'}/32 -j $v->{'destchain'}\n"; };

    my $ret = Utils::generateOutput($v->{'outputfile'}, \@rows, \&header, \&record, undef, $v);
    return $ret;
}
1;