# $DUH: connect_regex,v 1.1 2002/12/16 23:08:53 tv Exp $
#
# Copyright (c) 2002 Todd Vierling <tv@pobox.com> <tv@duh.org>.
# All rights reserved.
# Please see the COPYRIGHT file, part of the PMilter distribution,
# for full copyright and license terms.

##### connect_regex #####
#
# Rejects hostname or IP address that matches a list of regular
# expressions.

use PMilter::Modules;
use PMilter::Session qw(:all);

my @regexes = regex_list(shift @_, 'i');
my $errmsg = shift_errmsg(@_, 'Domain name "%1" not allowed');

+{
	connect => sub {
		my $ctx = shift;
		my $hostname = shift;

		foreach my $rx (@regexes) {
			if ($hostname =~ $rx) {
				return SMFIS_BREAK if ($errmsg eq 'BREAK');

				my $err = $errmsg;
				$err =~ s/%1/$hostname/g;
				return $ctx->reject("554 $err");
			}
		}

		shift; # packed IPv4-only address
		my $af = shift;

		if ($af eq SMFIA_INET || $af eq SMFIA_INET6) {
			shift; # port
			my $address = shift;

			foreach my $rx (@regexes) {
				if ("[$address]" =~ $rx) {
					return SMFIS_BREAK if ($errmsg eq 'BREAK');

					my $err = $errmsg;
					$err =~ s/%1/$address/g;
					return $ctx->reject("554 $err");
				}
			}
		}

		return SMFIS_ACCEPT;
	}
};
