List of usage examples for io.netty.handler.ipfilter IpSubnetFilterRule IpSubnetFilterRule
public IpSubnetFilterRule(InetAddress ipAddress, int cidrPrefix, IpFilterRuleType ruleType)
From source file:org.curioswitch.common.server.framework.filter.IpFilteringService.java
License:Open Source License
private static List<IpFilterRule> parseRules(List<String> ipRules) { return ipRules.stream().map(rule -> { List<String> parts = RULE_SPLITTER.splitToList(rule); // TODO(choko): Add better validation. checkArgument(parts.size() == 2, "invalid rule: {}", rule); return new IpSubnetFilterRule(parts.get(0), Integer.parseInt(parts.get(1)), IpFilterRuleType.ACCEPT); }).collect(toImmutableList());/*w w w . ja v a 2s .com*/ }
From source file:org.elasticsearch.xpack.security.transport.filter.SecurityIpFilterRule.java
License:Open Source License
static IpFilterRule getRule(boolean isAllowRule, String value) { IpFilterRuleType filterRuleType = isAllowRule ? IpFilterRuleType.ACCEPT : IpFilterRuleType.REJECT; String[] values = value.split(","); if (Arrays.stream(values).anyMatch("_all"::equals)) { // all rule was found. It should be the only rule! if (values.length != 1) { throw new IllegalArgumentException("rules that specify _all may not have other values!"); }/*from ww w . j ava 2 s .co m*/ return isAllowRule ? ACCEPT_ALL : DENY_ALL; } if (value.contains("/")) { // subnet rule... if (values.length != 1) { throw new IllegalArgumentException("multiple subnet filters cannot be specified in a single rule!"); } try { Tuple<InetAddress, Integer> inetAddressIntegerTuple = parseSubnetMask(value); return new IpSubnetFilterRule(inetAddressIntegerTuple.v1(), inetAddressIntegerTuple.v2(), filterRuleType); } catch (UnknownHostException e) { String ruleType = (isAllowRule ? "allow " : "deny "); throw new ElasticsearchException( "unable to create ip filter for rule [" + ruleType + " " + value + "]", e); } } else { // pattern rule - not netmask StringJoiner rules = new StringJoiner(","); for (String pattern : values) { if (InetAddresses.isInetAddress(pattern)) { // we want the inet addresses to be normalized especially in the IPv6 case where :0:0: is equivalent to :: // that's why we convert the address here and then format since PatternRule also uses the formatting to normalize // the value we are matching against InetAddress inetAddress = InetAddresses.forString(pattern); pattern = "i:" + NetworkAddress.format(inetAddress); } else { pattern = "n:" + pattern; } rules.add(pattern); } return new PatternRule(filterRuleType, rules.toString()); } }
From source file:org.springframework.cloud.gateway.handler.predicate.RemoteAddrRoutePredicateFactory.java
License:Apache License
private void addSource(List<IpSubnetFilterRule> sources, String source) { if (!source.contains("/")) { // no netmask, add default source = source + "/32"; }// ww w .j a va 2s . c om String[] ipAddressCidrPrefix = source.split("/", 2); String ipAddress = ipAddressCidrPrefix[0]; int cidrPrefix = Integer.parseInt(ipAddressCidrPrefix[1]); sources.add(new IpSubnetFilterRule(ipAddress, cidrPrefix, IpFilterRuleType.ACCEPT)); }