昨天接到领导指示,要对地市的IP地址进行过滤,晕了,过滤啥呀,不过想归想,那还得做不是,呵呵
开始想在服务器<Tomcat>上整一下呢,仔细一看不行,附Tomcat过滤IP方法:
限制ip,限制主机访问:
如果想禁止指定的ip或者主机名来拒绝某些机器访问,或者指定某些机器来访问。
也支持分别按Engine, Host, or Context,进行以下配置:
<Context path="/examples" ...> ...
<Valve className="org.apache.catalina.valves.RemoteHostValve"
allow="*.mycompany.com,www.yourcompany.com"/>
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
deny="192.168.1.*"/>
</Context>
参考:
http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/context.html
没辙,继续...
因为要过滤的IP有七十二组<(58.87.96.0 58.57.121.255),(219.147.0.0 219.147.0.211)>想到用正则表达式,因为本人对正则表达式这东西,实在不精,呵呵,也就没敢用,呵呵
最终在于朋友交流后,采取如下形式解决的:
一、新建一xml配置文件,将要过滤的IP段写入;
二、新建一Filter,完成过滤要求
代码如下所示:
IP.XML
<?xml version="1.0" encoding="UTF-8"?>
<root id="allow">
<group>
<start>122.6.192.0</start>
<end>122.6.255.255</end>
</group>
<group>
<start>219.146.208.0</start>
<end>219.146.215.255</end>
</group>
<group>
<start>222.174.224.0</start>
<end>222.174.255.255</end>
</group>
</root>
Filter如下所示:
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import javax.xml.parsers.*;
public class FilterServlet extends HttpServlet implements Filter {
private Document doc=null;
private FilterConfig filterConfig;
//Handle the passed-in FilterConfig
private String encoding = "GBK";
public void init(FilterConfig filterConfig) {
this.filterConfig = filterConfig;
}
//Process the request/response pair
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) {
HttpServletResponse httpResp = null;
HttpServletRequest httpReq = null;
try {
String reqip = request.getRemoteHost();
if(null != reqip){
reqip = reqip.replace('.','_');
}
String[] temp = reqip.split("_");
int[] ip = new int[temp.length];
for(int i=0;i<temp.length;i++){
ip[i] = new Integer(temp[i]).intValue();
}
if (response instanceof HttpServletResponse) {
httpReq = (HttpServletRequest)request;
httpResp = (HttpServletResponse)response;
if(!viewXml(httpReq.getRealPath("/")+"/WEB-INF/ip.xml",ip)){
httpResp.sendRedirect(" http://welcome.sd.vnet.cn/ ");
}
filterChain.doFilter(request, response);
}
}
catch (ServletException sx) {
filterConfig.getServletContext().log(sx.getMessage());
}
catch (IOException iox) {
filterConfig.getServletContext().log(iox.getMessage());
}catch(Exception e){
filterConfig.getServletContext().log(e.getMessage());
}
}
/**
* 验证请求IP是否符合要求
* @param xmlFile
* @return
* @throws Exception
*/
public boolean viewXml(String xmlFile,int[] ip) throws Exception {
int[] test = ip;
boolean flag = true;
DocumentBuilderFactory dbf=DocumentBuilderFactory.newInstance();
DocumentBuilder db=dbf.newDocumentBuilder();
doc=db.parse(new File(xmlFile));
Element root = doc.getDocumentElement();
NodeList list = root.getElementsByTagName("group");
for (int i=0; i < list.getLength() ; i++) {
Element element = (Element)list.item(i);
NodeList titleid = element.getElementsByTagName("start");
Element idElement = (Element)titleid.item(0);
String ip1 = idElement.getFirstChild().getNodeValue();
ip1 = ip1.replace('.','_');
String[] ip1s = ip1.trim().split("_");
Integer[] ipl1 = new Integer[ip1s.length];
for(int a=0;a<ip1s.length;a++){
ipl1[a] = new Integer(ip1s[a]);
}
NodeList titleList = element.getElementsByTagName("end");
Element titleElement = (Element)titleList.item(0);
String ip2 = titleElement.getFirstChild().getNodeValue();
ip2 = ip2.replace('.','_');
String[] ip2s = ip2.trim().split("_");
Integer[] ipl2 = new Integer[ip2s.length];
for(int b=0;b<ip2s.length;b++){
ipl2[b] = new Integer(ip2s[b]);
}
long test_value = test[0]*255*255*255+test[1]*255*255+test[2]*255+test[3];
long ip1_value = ipl1[0]*255*255*255+ipl1[1]*255*255+ipl1[2]*255+ipl1[3];
long ip2_value = ipl2[0]*255*255*255+ipl2[1]*255*255+ipl2[2]*255+ipl2[3];
if(test_value >= ip1_value && test_value <= ip2_value){
return true;
}
}
return false;
}
public void destroy() {
filterConfig = null;
encoding = null;
}
}
WEB.XML如下:
<filter>
<filter-name>filterservlet</filter-name>
<filter-class>com.lvke.web.qcbst.util.common.FilterServlet</filter-class>
</filter>
<filter-mapping>
<filter-name>filterservlet</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
希望能给用到的朋友减少一下负担,呵呵
|
|