#!/bin/bash

# Test if any IP4 and IP6 addresses of a hostname blocked on a DNSBL
# 2024-02-23
# by Sandros

# Parameter check
if [[ $# -ne 2 ]]; then
    echo "Usage: ./${0##*/} <hostname> <blacklist service>"
    exit 1
fi

DNS="84.2.44.1"

# Get IPs
IPS=$(dig +short $1 A @$DNS | sort -u)
IP6S=$(dig +short $1 AAAA @$DNS | sort -u)

IPSP=""

# Prepare IP4 addresses
if [ ! -z "$IPS" ]; then
        for IP in $IPS; do
                # Check IP format
                if [[ ! ${IP##*[[:space:]]} =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
                        # skip if invalid
                        continue
                fi

                # Reverse IP octet order
                IPSP="$IPSP $(sed -r 's/([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/\4.\3.\2.\1/' <<< ${IP##*[[:space:]]})."
        done
fi

# Prepare IP6 addresses
if [ ! -z "$IP6S" ]; then
        for IP6 in $IP6S; do
                IPSP="$IPSP $(sipcalc $IP6 | fgrep Expanded | cut -d '-' -f 2 | sed 's/://g' | rev | sed 's/[0-9a-f]/&./g')"
        done
fi

# Loop through IPs
listed=0
for IP in $IPSP; do
        # Performs the actual lookup against blacklists
        if host -W 2 -t a $IP$2 $DNS >/dev/null 2>&1; then
                ((listed++))
        fi
done

echo $listed
exit 0