IP地址段的过滤

IP地址段的过滤

        昨天接到领导指示,要对地市的IP地址进行过滤,晕了,过滤啥呀,不过想归想,那还得做不是,呵呵
开始想在服务器<Tomcat>上整一下呢,仔细一看不行,附Tomcat过滤IP方法:
限制ip,限制主机访问:
如果想禁止指定的ip或者主机名来拒绝某些机器访问,或者指定某些机器来访问。
也支持分别按Engine, Host, or Context,进行以下配置:
<Context path="/examples" ...> ...
<Valve className="org.apache.catalina.valves.RemoteHostValve"
allow="*.mycompany.com,www.yourcompany.com"/>
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
deny="192.168.1.*"/>
</Context>
参考:
http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/context.html
没辙,继续...
因为要过滤的IP有七十二组<(58.87.96.0    58.57.121.255),(219.147.0.0    219.147.0.211)>想到用正则表达式,因为本人对正则表达式这东西,实在不精,呵呵,也就没敢用,呵呵
最终在于朋友交流后,采取如下形式解决的:

一、新建一xml配置文件,将要过滤的IP段写入;
二、新建一Filter,完成过滤要求
代码如下所示:
IP.XML
<?xml version="1.0" encoding="UTF-8"?>
<root id="allow">
   <group>   
    <start>122.6.192.0</start>
    <end>122.6.255.255</end>
   </group>
   <group>   
    <start>219.146.208.0</start>
    <end>219.146.215.255</end>
   </group>
   <group>   
    <start>222.174.224.0</start>
    <end>222.174.255.255</end>
   </group>
</root>
Filter如下所示:
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

import javax.xml.parsers.*;


public class FilterServlet    extends HttpServlet    implements Filter {
 

  private Document doc=null;
  private FilterConfig filterConfig;
  //Handle the passed-in FilterConfig
  private String encoding = "GBK";
 
  public void init(FilterConfig filterConfig) {
    this.filterConfig = filterConfig;
  }

  //Process the request/response pair
  public void doFilter(ServletRequest request, ServletResponse response,
                       FilterChain filterChain) {
  
   HttpServletResponse httpResp = null;
   HttpServletRequest httpReq = null;

    try {

      String reqip = request.getRemoteHost();
      if(null != reqip){       
          reqip = reqip.replace('.','_');
      }
      String[] temp = reqip.split("_");
      int[] ip = new int[temp.length];
     
      for(int i=0;i<temp.length;i++){       
          ip[i] = new Integer(temp[i]).intValue();
      }
      if (response instanceof HttpServletResponse) {
      
       httpReq = (HttpServletRequest)request;
       httpResp = (HttpServletResponse)response;
      if(!viewXml(httpReq.getRealPath("/")+"/WEB-INF/ip.xml",ip)){
       
       httpResp.sendRedirect(" http://welcome.sd.vnet.cn/ ");
      }
      filterChain.doFilter(request, response);
    }
    }
    catch (ServletException sx) {
     filterConfig.getServletContext().log(sx.getMessage());
    }
    catch (IOException iox) {
      filterConfig.getServletContext().log(iox.getMessage());
    }catch(Exception e){
     
     filterConfig.getServletContext().log(e.getMessage());
    }
  }
 
  /**
   * 验证请求IP是否符合要求
   * @param xmlFile
   * @return
   * @throws Exception
   */
  public boolean viewXml(String xmlFile,int[] ip) throws Exception {
  
   int[] test = ip;
   boolean flag = true;
   DocumentBuilderFactory dbf=DocumentBuilderFactory.newInstance();
   DocumentBuilder db=dbf.newDocumentBuilder(); 
   doc=db.parse(new File(xmlFile));
   Element root = doc.getDocumentElement();
      NodeList list = root.getElementsByTagName("group");

      for (int i=0; i < list.getLength() ; i++) {
        Element element = (Element)list.item(i);
        NodeList titleid = element.getElementsByTagName("start");
        Element idElement = (Element)titleid.item(0);
        String ip1 = idElement.getFirstChild().getNodeValue();      
        ip1 = ip1.replace('.','_');
        String[] ip1s = ip1.trim().split("_");
        Integer[] ipl1 = new Integer[ip1s.length];
        for(int a=0;a<ip1s.length;a++){
                  ipl1[a] = new Integer(ip1s[a]);
        }
        
        NodeList titleList = element.getElementsByTagName("end");
        Element titleElement = (Element)titleList.item(0);
        String ip2 = titleElement.getFirstChild().getNodeValue();
        ip2 = ip2.replace('.','_');
        String[] ip2s = ip2.trim().split("_");
        Integer[] ipl2 = new Integer[ip2s.length];
        for(int b=0;b<ip2s.length;b++){         
            ipl2[b] = new Integer(ip2s[b]);
        }
        
        long test_value = test[0]*255*255*255+test[1]*255*255+test[2]*255+test[3];
        long ip1_value = ipl1[0]*255*255*255+ipl1[1]*255*255+ipl1[2]*255+ipl1[3];
        long ip2_value = ipl2[0]*255*255*255+ipl2[1]*255*255+ipl2[2]*255+ipl2[3];
       
        if(test_value >= ip1_value && test_value <= ip2_value){        
            return true;
        }
       
      }      
      return false;
  }

  public void destroy() {
    filterConfig = null;
    encoding = null;
  }
}
WEB.XML如下:
<filter>
  <filter-name>filterservlet</filter-name>
  <filter-class>com.lvke.web.qcbst.util.common.FilterServlet</filter-class>
 </filter>
<filter-mapping>
   <filter-name>filterservlet</filter-name>
  <url-pattern>/*</url-pattern>
 </filter-mapping>

希望能给用到的朋友减少一下负担,呵呵



你可能感兴趣的:(IP地址段的过滤)