netty的ip过滤

       我们经常需要用到ip白名单,ip黑名单。netty本身就帮我实现了一套验证机制,提供了IpFilterRuleHandler类
public class IpFilterRuleHandler extends IpFilteringHandlerImpl
public abstract class IpFilteringHandlerImpl implements ChannelUpstreamHandler, IpFilteringHandler

      该类和我们经常使用的解码器(decoder)以及逻辑处理handler一样都继承于ChannelUpstreamHandler,所以可以很方便的把它加入到我们的ChannelPipeline中。例如:

ChannelPipeline p = Channels.pipeline();
//ip过滤
IpFilterRuleHandler ipFilterRuleHandler = new IpFilterRuleHandler();
ipFilterRuleHandler.addAll(new IpFilterRuleList("+i:192.168.*"+ ", -i:*"));
p.addLast("ipFilter", ipFilterRuleHandler);

netty的ip过滤一共提供3中过滤:[i,n,c]

i对应的是ip地址,相应的 +i 表示allow(允许),-i 表示deny(否认)

n对应的是地址名称,相应的 +n 表示allow(允许),-n 表示deny(否认)

c对应的是CIDR (Classless Inter-Domain Routing)无分类域间路由选择,相应的 +c 表示allow(允许),-c表示deny(否认)

官方中实例:

package org.jboss.netty.handler.ipfilter;

import java.net.InetAddress;
import java.net.InetSocketAddress;

public class IpFilterRuleTest {
	public static boolean accept(IpFilterRuleHandler h, InetSocketAddress addr)
			throws Exception {
		return h.accept(null, null, addr);
	}

	public static void main(String[] args) throws Exception {
		IpFilterRuleHandler h = new IpFilterRuleHandler();
		h.addAll(new IpFilterRuleList("+n:localhost, -n:*"));
		InetSocketAddress addr = new InetSocketAddress(
				InetAddress.getLocalHost(), 8080);
		System.out.println(accept(h, addr));
		addr = new InetSocketAddress(InetAddress.getByName("127.0.0.2"), 8080);
		System.out.println(accept(h, addr));
		addr = new InetSocketAddress(InetAddress.getByName(InetAddress
				.getLocalHost().getHostName()), 8080);
		System.out.println(accept(h, addr));

		h.clear();
		h.addAll(new IpFilterRuleList("+n:*"
				+ InetAddress.getLocalHost().getHostName().substring(1)
				+ ", -n:*"));
		addr = new InetSocketAddress(InetAddress.getLocalHost(), 8080);
		System.out.println(accept(h, addr));
		addr = new InetSocketAddress(InetAddress.getByName("127.0.0.2"), 8080);
		System.out.println(accept(h, addr));
		addr = new InetSocketAddress(InetAddress.getByName(InetAddress
				.getLocalHost().getHostName()), 8080);
		System.out.println(accept(h, addr));

		h.clear();
		h.addAll(new IpFilterRuleList("+c:"
				+ InetAddress.getLocalHost().getHostAddress() + "/32, -n:*"));
		addr = new InetSocketAddress(InetAddress.getLocalHost(), 8080);
		System.out.println(accept(h, addr));
		addr = new InetSocketAddress(InetAddress.getByName("127.0.0.2"), 8080);
		System.out.println(accept(h, addr));
		addr = new InetSocketAddress(InetAddress.getByName(InetAddress
				.getLocalHost().getHostName()), 8080);
		System.out.println(accept(h, addr));

		h.clear();
		h.addAll(new IpFilterRuleList(""));
		addr = new InetSocketAddress(InetAddress.getLocalHost(), 8080);
		System.out.println(accept(h, addr));
		addr = new InetSocketAddress(InetAddress.getByName("127.0.0.2"), 8080);
		System.out.println(accept(h, addr));
		addr = new InetSocketAddress(InetAddress.getByName(InetAddress
				.getLocalHost().getHostName()), 8080);
		System.out.println(accept(h, addr));

		h.clear();
		addr = new InetSocketAddress(InetAddress.getLocalHost(), 8080);
		System.out.println(accept(h, addr));
		addr = new InetSocketAddress(InetAddress.getByName("127.0.0.2"), 8080);
		System.out.println(accept(h, addr));
		addr = new InetSocketAddress(InetAddress.getByName(InetAddress
				.getLocalHost().getHostName()), 8080);
		System.out.println(accept(h, addr));
	}
}



CIDR参考:http://blog.csdn.net/yaoyao4959/article/details/10084973

你可能感兴趣的:(netty)