Examples of org.jboss.netty.handler.ipfilter.IpFilterRuleHandler

• org.jboss.netty.handler.ipfilter.IpFilterRuleHandler
  Implementation of Filter of IP based on ALLOW and DENY rules.
  
  
  This implementation could be changed by implementing a new {@link IpFilterRule} than default {@link IpV4SubnetFilterRule} (IPV4 support only), {@link IpSubnetFilterRule} (IPV4 and IPV6 support) or {@link IpPatternFilterRule} (IP and host name string pattern support) .
  
  The check is done by going from step to step in the underlying array of IpFilterRule.
  Each {@link IpFilterRule} answers to the method accept if the {@link InetAddress} is accepted or not,according to its implementation. If an InetAddress arrives at the end of the list, as in Firewall usual rules, the InetAddress is therefore accepted by default.
  

  • If it was constructed with True as first argument, the IpFilterRule is an ALLOW rule (every InetAddress that fits in the rule will be accepted).
  • If it was constructed with False as first argument, the IpFilterRule is a DENY rule (every InetAddress that fits in the rule will be refused).

  
  
  An empty list means allow all (no limitation).
  
  For efficiency reason, you should not add/remove too frequently IpFilterRules to/from this handler. You should prefer to replace an entry (set method) with an ALLOW/DENY ALL IpFilterRule if possible.
  
  
  This handler should be created only once and reused on every pipeline since it handles a global status of what is allowed or blocked.
  
  Note that {@link IpSubnetFilterRule} which supports IPV4 and IPV6 should be used with as much aspossible no mixed IP protocol. Both IPV4 and IPV6 are supported but a mix (IpFilter in IPV6 notation and the address from the channel in IPV4, or the reverse) can lead to wrong result. @author frederic bregier

  {
      ChannelPipeline pipeline = pipeline(); // Note the static import.
      if (_acl != null)
      {

        pipeline.addFirst("firewall", new IpFilterRuleHandler(new IpFilterRuleList(_acl)));
      }
        pipeline.addLast("logger",new OutLogger("server"));
        pipeline.addLast("inputStream", new InputStreamDecoder());
         pipeline.addLast("outputStream", new OutputStreamEncoder());
         pipeline.addLast("callDecoder", new PushInputStreamConsumer(new HessianRPCCallDecoder(), _executor));

  {
      ChannelPipeline pipeline = pipeline(); // Note the static import.
      if (_acl != null)
      {

        pipeline.addFirst("firewall", new IpFilterRuleHandler(new IpFilterRuleList(_acl)));
      }
         pipeline.addLast("inputStream", new InputStreamDecoder());
          pipeline.addLast("outputStream", new OutputStreamEncoder());
          pipeline.addLast("callDecoder", new PushInputStreamConsumer(new HessianRPCCallDecoder(), _executor));
          pipeline.addLast("replyEncoder", new HessianRPCReplyEncoder());

    // Configure the server.
    ServerBootstrap bootstrap = new ServerBootstrap(new NioServerSocketChannelFactory(executor, executor));

    bootstrap
        .setPipelineFactory(new AHessianServerPipelineFactory(executor, new IpFilterRuleHandler(new IpFilterRuleList(ipFilter)), mbeanServer, log));

    int serverPort = port;
    // Bind and start to accept incoming connections.
    Channel channel = bootstrap.bind(new InetSocketAddress(serverPort));
    if (serverPort == 0)

      if (enableIpFilter) {

        logger.info("Setting up ipFilter with the following rule definition: " +
          patternRuleConfigDefinition);
        IpFilterRuleHandler ipFilterHandler = new IpFilterRuleHandler();
        ipFilterHandler.addAll(rules);
        logger.info(
          "Adding ipFilter with " + ipFilterHandler.size() + " rules");

        pipeline.addFirst("ipFilter", ipFilterHandler);
      }

      return pipeline;

      if (enableIpFilter) {

        logger.info("Setting up ipFilter with the following rule definition: " +
          patternRuleConfigDefinition);
        IpFilterRuleHandler ipFilterHandler = new IpFilterRuleHandler();
        ipFilterHandler.addAll(rules);
        logger.info(
          "Adding ipFilter with " + ipFilterHandler.size() + " rules");

        pipeline.addFirst("ipFilter", ipFilterHandler);
      }

      return pipeline;