com.datastax.oss.driver.shaded.netty.handler.ipfilter.RuleBasedIpFilter Maven / Gradle / Ivy
The newest version!
/*
* Copyright 2014 The Netty Project
*
* The Netty Project licenses this file to you under the Apache License,
* version 2.0 (the "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at:
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
package com.datastax.oss.driver.shaded.netty.handler.ipfilter;
import com.datastax.oss.driver.shaded.netty.channel.Channel;
import com.datastax.oss.driver.shaded.netty.channel.ChannelHandler.Sharable;
import com.datastax.oss.driver.shaded.netty.channel.ChannelHandlerContext;
import com.datastax.oss.driver.shaded.netty.util.internal.ObjectUtil;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.util.ArrayList;
import java.util.List;
/**
*
* This class allows one to filter new {@link Channel}s based on the
* {@link IpFilterRule}s passed to its constructor. If no rules are provided, all connections
* will be accepted.
*
*
*
* If you would like to explicitly take action on rejected {@link Channel}s, you should override
* {@link AbstractRemoteAddressFilter#channelRejected(ChannelHandlerContext, SocketAddress)}.
*
*
* Consider using {@link IpSubnetFilter} for better performance while not as
* general purpose as this filter.
*/
@Sharable
public class RuleBasedIpFilter extends AbstractRemoteAddressFilter {
private final boolean acceptIfNotFound;
private final List rules;
/**
* Create new Instance of {@link RuleBasedIpFilter} and filter incoming connections
* based on their IP address and {@code rules} applied.
*
* {@code acceptIfNotFound} is set to {@code true}.
*
* @param rules An array of {@link IpFilterRule} containing all rules.
*/
public RuleBasedIpFilter(IpFilterRule... rules) {
this(true, rules);
}
/**
* Create new Instance of {@link RuleBasedIpFilter} and filter incoming connections
* based on their IP address and {@code rules} applied.
*
* @param acceptIfNotFound If {@code true} then accept connection from IP Address if it
* doesn't match any rule.
* @param rules An array of {@link IpFilterRule} containing all rules.
*/
public RuleBasedIpFilter(boolean acceptIfNotFound, IpFilterRule... rules) {
ObjectUtil.checkNotNull(rules, "rules");
this.acceptIfNotFound = acceptIfNotFound;
this.rules = new ArrayList(rules.length);
for (IpFilterRule rule : rules) {
if (rule != null) {
this.rules.add(rule);
}
}
}
@Override
protected boolean accept(ChannelHandlerContext ctx, InetSocketAddress remoteAddress) throws Exception {
for (IpFilterRule rule : rules) {
if (rule.matches(remoteAddress)) {
return rule.ruleType() == IpFilterRuleType.ACCEPT;
}
}
return acceptIfNotFound;
}
}