feat: iplist2rule utility command (#1373)

* feat: iplist2rule utility command Assisted-By: GLM 4.7 via Claude Code Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: update CHANGELOG Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: fix spelling Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: fix spelling again Signed-off-by: Xe Iaso <me@xeiaso.net> * feat(iplist2rule): add comment describing how rule was generated Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: add iplist2rule docs Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: fix spelling Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-12-29 12:10:17 -05:00 · 2025-12-29 12:10:17 -05:00 · 359613f35a
commit 359613f35a
parent 1d8e98c5ec
6 changed files with 223 additions and 4 deletions
--- a/docs/docs/CHANGELOG.md
+++ b/docs/docs/CHANGELOG.md
@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

 ## [Unreleased]

+- Add iplist2rule tool that lets admins turn an IP address blocklist into an Anubis ruleset.
 - Add Polish locale ([#1292](https://github.com/TecharoHQ/anubis/pull/1309))

 <!-- This changes the project to: -->
--- a/docs/docs/admin/iplist2rule.mdx
+++ b/docs/docs/admin/iplist2rule.mdx
@ -0,0 +1,50 @@
+---
+title: iplist2rule CLI tool
+---
+
+The `iplist2rule` tool converts IP blocklists into Anubis challenge policies. It reads common IP block list formats and generates the appropriate Anubis policy file for IP address filtering.
+
+## Installation
+
+Install directly with Go
+
+```bash
+go install github.com/TecharoHQ/anubis/utils/cmd/iplist2rule@latest
+```
+
+## Usage
+
+Basic conversion from URL:
+
+```bash
+iplist2rule https://raw.githubusercontent.com/7c/torfilter/refs/heads/main/lists/txt/torfilter-1m-flat.txt filter-tor.yaml
+```
+
+Explicitly allow every IP address on a list:
+
+```bash
+iplist2rule --action ALLOW https://raw.githubusercontent.com/7c/torfilter/refs/heads/main/lists/txt/torfilter-1m-flat.txt filter-tor.yaml
+```
+
+Add weight to requests matching IP addresses on a list:
+
+```bash
+iplist2rule --action WEIGH --weight 20 https://raw.githubusercontent.com/7c/torfilter/refs/heads/main/lists/txt/torfilter-1m-flat.txt filter-tor.yaml
+```
+
+## Options
+
+| Flag          | Description                                                                                      | Default                           |
+| :------------ | :----------------------------------------------------------------------------------------------- | :-------------------------------- |
+| `--action`    | The Anubis action to take for the IP address in question, must be in ALL CAPS.                   | `DENY` (forbids traffic)          |
+| `--rule-name` | The name for the generated Anubis rule, should be in kebab-case.                                 | (not set, inferred from filename) |
+| `--weight`    | When `--action=WEIGH`, how many weight points should be added or removed from matching requests? | 0 (not set)                       |
+
+## Using the Generated Policy
+
+Save the output and import it in your main policy file:
+
+```yaml
+bots:
+  - import: "./filter-tor.yaml"
+```
--- a/docs/docs/admin/robots2policy.mdx
+++ b/docs/docs/admin/robots2policy.mdx
@ -12,6 +12,7 @@ Install directly with Go:
 ```bash
 go install github.com/TecharoHQ/anubis/cmd/robots2policy@latest
 ```
+
 ## Usage

 Basic conversion from URL:
@ -35,8 +36,8 @@ robots2policy -input robots.txt -action DENY -format json
 ## Options

 | Flag                  | Description                                                        | Default             |
-|-----------------------|--------------------------------------------------------------------|---------------------|
-| `-input`              | robots.txt file path or URL (use `-` for stdin)                    | *required*          |
+| --------------------- | ------------------------------------------------------------------ | ------------------- |
+| `-input`              | robots.txt file path or URL (use `-` for stdin)                    | _required_          |
 | `-output`             | Output file (use `-` for stdout)                                   | stdout              |
 | `-format`             | Output format: `yaml` or `json`                                    | `yaml`              |
 | `-action`             | Action for disallowed paths: `ALLOW`, `DENY`, `CHALLENGE`, `WEIGH` | `CHALLENGE`         |
@ -47,6 +48,7 @@ robots2policy -input robots.txt -action DENY -format json
 ## Example

 Input robots.txt:
+
 ```txt
 User-agent: *
 Disallow: /admin/
@ -57,6 +59,7 @@ Disallow: /
 ```

 Generated policy:
+
 ```yaml
 - name: robots-txt-policy-disallow-1
  action: CHALLENGE
@ -77,8 +80,8 @@ Generated policy:
 Save the output and import it in your main policy file:

 ```yaml
-import:
-  - path: "./robots-policy.yaml"
+bots:
+  - import: "./robots-policy.yaml"
 ```

 The tool handles wildcard patterns, user-agent specific rules, and blacklisted bots automatically.