#!/usr/bin/env fail2ban-python
# Inspired by https://isc.sans.edu/forums/diary/When+Google+isnt+Google/15968/
#
# Written in Python to reuse built-in Python batteries and not depend on
# presence of host and cut commands
#
import sys

def process_args(argv):
    if len(argv) != 2:
       sys.stderr.write("Please provide a single IP as an argument. Got: %s\n"
                        % (argv[1:]))
       sys.exit(2)

    ip = argv[1]

    from fail2ban.server.filter import DNSUtils
    if not DNSUtils.isValidIP(ip):
       sys.stderr.write("Argument must be a single valid IP. Got: %s\n"
                        % ip)
       sys.exit(3)
    return ip

def is_googlebot(ip):
    import re
    from fail2ban.server.filter import DNSUtils

    host = DNSUtils.ipToName(ip)
    if not host or not re.match('.*\.google(bot)?\.com$', host):
       sys.exit(1)
    host_ips = DNSUtils.dnsToIp(host)
    sys.exit(0 if ip in host_ips else 1)

if __name__ == '__main__':
    is_googlebot(process_args(sys.argv))