ForbidHost


1   /*
2    * Copyright (c) 1998-2006 Caucho Technology -- all rights reserved
3    *
4    * This file is part of Resin(R) Open Source
5    *
6    * Each copy or derived work must preserve the copyright notice and this
7    * notice unmodified.
8    *
9    * Resin Open Source is free software; you can redistribute it and/or modify
10   * it under the terms of the GNU General Public License as published by
11   * the Free Software Foundation; either version 2 of the License, or
12   * (at your option) any later version.
13   *
14   * Resin Open Source is distributed in the hope that it will be useful,
15   * but WITHOUT ANY WARRANTY; without even the implied warranty of
16   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
17   * of NON-INFRINGEMENT.  See the GNU General Public License for more
18   * details.
19   *
20   * You should have received a copy of the GNU General Public License
21   * along with Resin Open Source; if not, write to the
22   *   Free SoftwareFoundation, Inc.
23   *   59 Temple Place, Suite 330
24   *   Boston, MA 02111-1307  USA
25   *
26   * @author Scott Ferguson
27   */
28  
29  package com.caucho.server.security;
30  
31  import com.caucho.log.Log;
32  import com.caucho.util.InetNetwork;
33  import com.caucho.util.L10N;
34  import com.caucho.util.LongKeyMap;
35  
36  import javax.annotation.PostConstruct;
37  import java.net.InetAddress  ;
38  import java.util.ArrayList  ;
39  import java.util.logging.Level  ;
40  import java.util.logging.Logger  ;
41  
42  /**
43   * A class to forbid hosts by IP.
44   */
45  public class ForbidHost {
46    static final protected Logger   log = Log.open(ForbidHost.class);
47    static final L10N L = new L10N(ForbidHost.class);
48  
49    private LongKeyMap _forbiddenHosts;
50    private ArrayList   _forbiddenNets;
51  
52    /**
53     * Adds a forbidden host.
54     */
55    public void addForbidIP(String   addrName)
56    {
57      try {
58        InetAddress   addr = InetAddress.getByName(addrName);
59  
60        if (_forbiddenHosts == null)
61          _forbiddenHosts = new LongKeyMap();
62        
63        _forbiddenHosts.put(inetAddressToLong(addr), "true");
64      } catch (Exception   e) {
65        log.log(Level.FINE, e.toString(), e);
66      }
67    }
68  
69    /**
70     * Removes a forbidden host.
71     */
72    public void removeForbidIP(String   addrName)
73    {
74      try {
75        InetAddress   addr = InetAddress.getByName(addrName);
76  
77        if (_forbiddenHosts != null)
78          _forbiddenHosts.remove(inetAddressToLong(addr));
79      } catch (Exception   e) {
80        log.log(Level.FINE, e.toString(), e);
81      }
82    }
83  
84    /**
85     * Adds a forbidden net.
86     */
87    public void addForbidNet(String   netmask)
88    {
89      try {
90        InetNetwork net = InetNetwork.create(netmask);
91  
92        if (net == null)
93          return;
94  
95        if (_forbiddenNets == null)
96          _forbiddenNets = new ArrayList  ();
97        
98        _forbiddenNets.add(net);
99      } catch (Exception   e) {
100       log.log(Level.FINE, e.toString(), e);
101     }
102   }
103 
104   /**
105    * Removes a forbidden net.
106    */
107   public void removeForbidNet(String   netmask)
108   {
109     try {
110       InetNetwork net = InetNetwork.create(netmask);
111 
112       if (net == null)
113         return;
114 
115       if (_forbiddenNets != null)
116         _forbiddenNets.remove(net);
117     } catch (Exception   e) {
118       log.log(Level.FINE, e.toString(), e);
119     }
120   }
121 
122   /**
123    * Initialize the forbidden host.
124    */
125   @PostConstruct
126   public void init()
127   {
128   }
129 
130   /**
131    * Returns true if the host is forbidden.
132    */
133   public boolean isForbidden(long addr)
134   {
135     if (_forbiddenHosts != null) {
136       if (_forbiddenHosts.get(addr) != null)
137         return true;
138     }
139 
140     if (_forbiddenNets != null) {
141       for (int i = _forbiddenNets.size(); i >= 0; i--) {
142         InetNetwork net = (InetNetwork) _forbiddenNets.get(i);
143 
144         if (net.isMatch(addr))
145           return true;
146       }
147     }
148 
149     return false;
150   }
151 
152   /**
153    * Returns true if the host is forbidden.
154    */
155   public boolean isForbidden(InetAddress   addr)
156   {
157     if (_forbiddenHosts == null && _forbiddenNets == null)
158       return false;
159     
160     long ip = inetAddressToLong(addr);
161     if (_forbiddenHosts != null) {
162       if (_forbiddenHosts.get(ip) != null)
163         return true;
164     }
165 
166     if (_forbiddenNets != null) {
167       for (int i = _forbiddenNets.size(); i >= 0; i--) {
168         InetNetwork net = (InetNetwork) _forbiddenNets.get(i);
169 
170         if (net.isMatch(ip))
171           return true;
172       }
173     }
174 
175     return false;
176   }
177 
178   private static long inetAddressToLong(InetAddress   addr)
179   {
180     byte []bytes = addr.getAddress();
181 
182     long address = 0;
183     for (int i = 0; i < bytes.length; i++)
184       address = 256 * address + (bytes[i] & 0xff);
185 
186     return address;
187   }
188 }
189
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags