#!/usr/bin/env python

# ---------------- CONFIG ------------------

username = "your@secthemall username here"
apikey = "your API Key here"
size = "1000"
sleep_sec = 60
nginx_reload_cmd = "service nginx reload"

# ------------------------------------------

import sys, httplib, urllib, json, os, re, time, base64
from os import path

basedir = os.path.dirname(os.path.realpath(__file__))

headers = {
	'User-Agent':'secthemall/tor 1.0',
	'Authorization':'Basic '+base64.b64encode(username+':'+apikey, None)
}

while True:
	update = False
	savedid = ''
	conn = httplib.HTTPSConnection('secthemall.com', 443, timeout=10)
	conn.request('GET', '/public-list/tor-exit-nodes/json?lastid=true', urllib.urlencode({}), headers)

	res = json.loads(conn.getresponse().read())

	conn.close()

	if os.path.exists(basedir+'/lastid'):
		f = open(basedir+'/lastid', 'r')
		savedid = f.read().strip()
	else:
		f = open(basedir+'/lastid', 'w')
		f.write(res['lastid'])

	if savedid != res['lastid'].strip():
		f = open(basedir+'/lastid', 'w')
		f.write(res['lastid'])
		update = True

	if update is True:
		print "Lastid changed, updating Tor exit nodes list..."
		conn = httplib.HTTPSConnection('secthemall.com', 443, timeout=10)
		conn.request('GET', '/public-list/tor-exit-nodes/json?size='+str(size), urllib.urlencode({}), headers)

		res = json.loads(conn.getresponse().read())

		# Nginx deny list
		writetofile = '';
		for i in res['results']:
			writetofile += 'deny '+i['ip']+";\n"

		f = open(basedir+'/nginx_deny_tor.txt', 'w')
		f.write(writetofile.strip())

		# ModSecurity IP List
		writetofile = '';
		for i in res['results']:
			writetofile += i['ip']+"\n";

		f = open(basedir+'/modsecurity_deny_tor.txt', 'w')
		f.write(writetofile.strip())

		conn.close()

		os.system(nginx_reload_cmd)
		print "Updated, sleeping for a while..."
		time.sleep(int(sleep_sec))
	else:
		print "Lastid not changed, sleeping for a while..."
		time.sleep(int(sleep_sec))