#!/usr/local/bin/perl -- -*-fundamental-*-

##  Noimg.pl
##  Written by Greg Mullane <greg@turnstep.com>
##  Please see http://www.turnstep.com/Spambot/
## 
##  This program scans an access log for IPs that do
##  not load images (such as spambots)
##  Use at your own risk

##  Usage: noimg.pl [filename]
##  Default filename is "access_log"

##  Notes: This program assumes the following:
##  1. You have enough memory to run this. Access logs can get very large!
##  2. The access log is in a "standard" format
##  3. You don't have a ".gif" or ".jpg" in your domain name 
##     or in your directory names.

$accessfile = $ARGV[0] || "access_log";

open(KILLSPAM, $accessfile) || die "Could not find $accessfile!\n";

$lines=0; ## Total lines
$unip=0;  ## Unique IP's
while(<KILLSPAM>) {
  $lines++;
  if (/(.*) - - \[.*/) {
    $x=$1;
    if (/\.[gif|jpg]/) { $ip{$x} = -1;  }
    if ($ip{$x} != -1) { $ip{$x}++;     }
    if ($ip{$x} ==  1) { $unip++;       }
  }
}
close(KILLSPAM);

$names=0;
for $x (sort keys %ip) {
   if ($ip{$x} != -1) {
     printf "%-50s [%2d]\n", $x , $ip{$x};
     $names++;
   }
}
print "Total of $unip names in $lines lines.\n";
print "Total of $names \"no-graphics\" names.\n";
exit;