Upstream/dynmap
1
0
Fork 0
mirror of https://github.com/webbukkit/dynmap.git synced 2024-11-24 19:25:15 +01:00
Code Issues Projects Releases Wiki Activity

Support checking banned IPs from external server proxied requests

Browse Source
This commit is contained in:
Mike Primm 2011-12-03 05:31:37 +08:00 committed by mikeprimm
parent 82318346c2
commit 8f6982265a
3 changed files with 35 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/org/dynmap/DynmapPlugin.java
View File

@ -372,7 +372,7 @@ public class DynmapPlugin extends JavaPlugin implements DynmapAPI {
Log.verboseinfo("Web server is permitting symbolic links"); Log.verboseinfo("Web server is permitting symbolic links");
else else
Log.verboseinfo("Web server is not permitting symbolic links"); Log.verboseinfo("Web server is not permitting symbolic links");
webServer = new HttpServer(bindAddress, port, checkbannedips, maxconnections); webServer = new HttpServer(bindAddress, port, checkbannedips, maxconnections, this);
webServer.handlers.put("/", new FilesystemHandler(getFile(configuration.getString("webpath", "web")), allow_symlinks)); webServer.handlers.put("/", new FilesystemHandler(getFile(configuration.getString("webpath", "web")), allow_symlinks));
webServer.handlers.put("/tiles/", new FilesystemHandler(tilesDirectory, allow_symlinks)); webServer.handlers.put("/tiles/", new FilesystemHandler(tilesDirectory, allow_symlinks));
webServer.handlers.put("/up/configuration", new ClientConfigurationHandler(this)); webServer.handlers.put("/up/configuration", new ClientConfigurationHandler(this));

53
src/main/java/org/dynmap/web/HttpServer.java
View File

@ -18,6 +18,7 @@ import java.util.SortedMap;
import java.util.TreeMap; import java.util.TreeMap;
import java.util.logging.Logger; import java.util.logging.Logger;
import org.bukkit.plugin.Plugin;
import org.dynmap.Log; import org.dynmap.Log;
public class HttpServer extends Thread { public class HttpServer extends Thread {
@ -36,13 +37,15 @@ public class HttpServer extends Thread {
private Object lock = new Object(); private Object lock = new Object();
private HashSet<HttpServerConnection> active_connections = new HashSet<HttpServerConnection>(); private HashSet<HttpServerConnection> active_connections = new HashSet<HttpServerConnection>();
private HashSet<HttpServerConnection> keepalive_connections = new HashSet<HttpServerConnection>(); private HashSet<HttpServerConnection> keepalive_connections = new HashSet<HttpServerConnection>();
private Plugin plugin;
private static Map<String, String> headers = new HashMap<String,String>(); private static Map<String, String> headers = new HashMap<String,String>();
public HttpServer(InetAddress bindAddress, int port, boolean check_banned_ips, int max_sessions) { public HttpServer(InetAddress bindAddress, int port, boolean check_banned_ips, int max_sessions, Plugin plg) {
this.bindAddress = bindAddress; this.bindAddress = bindAddress;
this.port = port; this.port = port;
this.check_banned_ips = check_banned_ips; this.check_banned_ips = check_banned_ips;
this.max_sessions = max_sessions; this.max_sessions = max_sessions;
this.plugin = plg;
} }
public InetAddress getAddress() { public InetAddress getAddress() {
@ -142,33 +145,9 @@ public class HttpServer extends Thread {
private void loadBannedIPs() { private void loadBannedIPs() {
banned_ips.clear(); banned_ips.clear();
banned_ips_notified.clear(); banned_ips_notified.clear();
File f = new File("banned-ips.txt"); banned_ips.addAll(plugin.getServer().getIPBans());
if(f.exists() == false)
return;
if(f.lastModified() == lastmod) {
return;
}
lastmod = f.lastModified();
BufferedReader rdr = null;
try {
rdr = new BufferedReader(new FileReader(f));
String line;
while((line = rdr.readLine()) != null) {
line = line.trim().toLowerCase(); /* Trim it and case normalize it */
if((line.length() == 0) || (line.charAt(0) == '#')) { /* Blank or comment? */
continue;
}
banned_ips.add(line);
}
} catch (IOException iox) {
Log.severe("Error reading banned-ips.txt!");
} finally {
if(rdr != null) {
try { rdr.close(); } catch (IOException iox) {}
rdr = null;
}
}
} }
/* Return true if address is banned */ /* Return true if address is banned */
public boolean checkForBannedIp(SocketAddress socketAddress) { public boolean checkForBannedIp(SocketAddress socketAddress) {
if(!check_banned_ips) if(!check_banned_ips)
@ -192,6 +171,26 @@ public class HttpServer extends Thread {
} }
return false; return false;
} }
/* Return true if address is banned */
public boolean checkForBannedIp(String ipaddr) {
if(!check_banned_ips)
return false;
long t = System.currentTimeMillis();
if((t < last_loaded) || ((t-last_loaded) > BANNED_RELOAD_INTERVAL)) {
loadBannedIPs();
last_loaded = t;
}
if(banned_ips.contains(ipaddr)) {
if(banned_ips_notified.contains(ipaddr) == false) {
Log.info("Rejected connection by banned IP address - " + ipaddr);
banned_ips_notified.add(ipaddr);
}
return true;
}
return false;
}
public static Map<String,String> getCustomHeaders() { public static Map<String,String> getCustomHeaders() {
return headers; return headers;
} }

8
src/main/java/org/dynmap/web/HttpServerConnection.java
View File

@ -147,6 +147,14 @@ public class HttpServerConnection extends Thread {
if (!readRequestHeader(in, request)) { if (!readRequestHeader(in, request)) {
return; return;
} }
String fwd_for = request.fields.get("X-Forwarded-For");
if(fwd_for != null) {
String[] ff = fwd_for.split(",");
for(int i = 0; i < ff.length; i++) {
if(server.checkForBannedIp(ff[i]))
return;
}
}
long bound = -1; long bound = -1;
BoundInputStream boundBody = null; BoundInputStream boundBody = null;