block specific ip addresses after time limit reached

I’m modifying my Pi-hole to block specific websites after a defined period of time. Thing is, I’m not at all conversant with Github or c, just a bit of python. In essence it scans Pi-hole’s log for instances of a local ip address accessing a site, then logs the accumulated time. Once the time limit has been reached it write a regex expression to Pi-hole’s regex.list to prevent further access.

I know it’s not strictly part of Pi-hole’s raison d’etre, but I thought it’d be a nice feature to potentially merge into the main Pi-hole system.
Thanks for looking
Graham

import re, datetime, time, argparse, os

parser = argparse.ArgumentParser(description = "PiHole log parser")
parser.add_argument("-i",default="192.168.#.#", help="ip address to scan for")
parser.add_argument("-c",default="#####", help="content/url segment to scan fo$
parser.add_argument("-t",default=90,help="time to limit it to in mins")
args = parser.parse_args()
destIp=args.i
banned = args.c
limit = args.t
print(destIp, banned, limit)

filepath = "/var/log/pihole.log"
regexlist = "/etc/pihole/regex.list"
oldregex = "/etc/pihole/regex.old"
time1 = 0
time2 = datetime.datetime(1900,1,1,0,0,0)
while True:
  usageTime = 1
  with open(filepath) as fp:
    line = fp.readline()
    while line:
      match=(re.search(banned+".*."+destIp,line))
      if (match):
        dateTimeStr = line[0:15]
        dateTimeObj = datetime.datetime.strptime(dateTimeStr, '%b %d %H:%M:%S')
        #print(time1,time2)
        if(time1 == 0):
          time1 = dateTimeObj
          df = (time2 - time1).seconds/60
          if (df<3):
            time1 = time1.replace(second=0, microsecond=0)
            time2 = time2.replace(second=0, microsecond=0)
            df = int((time2-time1).seconds/60)
            usageTime=usageTime+df
      line = fp.readline()
  fp.close()
  print("Usage time for ",banned,", ",destIp," is ",usageTime," minutes")
  if int(usageTime)>=limit:
    print("Over time...."+limit)
    f = open(regexlist,"a+")
    inline = 0
    searchlines = f.readlines()
    f.seek(0)
    for line in searchlines:
      if banned in line:
        inline = 1
    if inline == 0:
    f.write("((^)|(\.))"+banned+"\.\r\n")
  else:
    print ("under time..."+limit)
    with open(regexlist,"r+") as f:
      searchlines = f.readlines()
      f.seek(0)
      for line in searchlines:
        if banned not in line:
          f.write(line)
      f.truncate()
  f.close()
  os.system("sudo service pihole-FTL restart")
  time.sleep(60)

What is the use case here? A client visits a domain (may be once, and may be momentary, or they may stay on the site indefinitely). After some defined period of time (from the initial request), this domain is permanently blocked?

A user repeatedly ‘visits’ the site, eg. a streaming service or gaming service, something of that ilk, causing multiple requests to be logged. A single hit to a site would not cause an issue (and is impossible to time) - it’s multiple hits I’m looking at. After a pre-defined period of time the domain is blocked until the next day.