基于Http的IP防火墙

最新推荐文章于 2022-11-28 19:38:26 发布

w_j_w2010

最新推荐文章于 2022-11-28 19:38:26 发布

阅读量603

点赞数

本文链接：https://blog.csdn.net/w_j_w2010/article/details/45768469

版权

* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/

package apps.plugs.userIpLimit.domain;

import apps.plugs.ipUtil.IpConvertUtil;
import apps.plugs.ipUtil.WebIpBaseUtil;
import apps.plugs.userIpLimit.EntryService.IpEntryEntryService;
import apps.plugs.userIpLimit.config.PageMappingUrlConfig;
import apps.plugs.userIpLimit.config.UserAppConfigLoader;
import apps.plugs.userIpLimit.config.UserLimitPlugsConfigBean;
import apps.plugs.userIpLimit.dao.IpCheckItem;
import apps.plugs.userIpLimit.dao.IpEntry;

import apps.plugs.userIpLimit.service.MoreIpLimitCacheService;
import apps.plugs.userIpLimit.service.SimpleIpLimitCacheService;
import java.io.IOException;
import java.sql.Timestamp;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;

import apps.plugs.userIpLimit.memory.dao.IpEntryCache;
import apps.plugs.userIpLimit.memory.dao.IplogCache;
import apps.plugs.userIpLimit.memory.entryService.IpEntryCacheEntryService;
import apps.plugs.userIpLimit.memory.entryService.IplogCacheEntryService;

/**
*
* @author Administrator
*
* 调用代码：
* Filter 方式,配置xml文件
*
*
嵌入网站app方式:

UserIpLimitRequestService service=UserIpLimitRequestService.getInstance();
service.ipCheckAndCount( request, response);
*/
public class UserIpLimitRequestService {


    private Logger log=Logger.getLogger(this.getClass());


    private UserAppConfigLoader appConfig=UserAppConfigLoader.getInstance();

    private WebIpBaseUtil ipBaeeUtil=WebIpBaseUtil.getInstance();

    private SimpleIpLimitCacheService simpleIpLimitCacheService=SimpleIpLimitCacheService.getInstance();
    private MoreIpLimitCacheService moreIpLimitCacheService=MoreIpLimitCacheService.getInstance();

      //单例模式
    private static UserIpLimitRequestService instance;

    public static UserIpLimitRequestService getInstance() {
        if(instance==null){
            instance=new UserIpLimitRequestService();
        }
        return instance;
   }


    private UserIpLimitRequestService(){

    }


    /*
    根据IP黑白名称检查会员IP

    该调用方式会存在，response is commit 异常，跳转代码应在servlet或filter内调用。
    */
      public boolean ipCheckUserVisit(ServletRequest request,ServletResponse response) throws ServletException, IOException{

          //禁用ip过滤

      // System.out.println("IP安全过滤系统");
        //获取系统配置
        UserLimitPlugsConfigBean ipListSysConfigBean = appConfig.getPlugsConfigBean();



        //是否激活插件
        Boolean isIsplugs_enable= ipListSysConfigBean.isIsplugs_enable();
        if(isIsplugs_enable==null||isIsplugs_enable==false){

          return false;
        }





        //是否栏截用户
         boolean islimit_user=false;
        //是否开通简单IP检验
         Boolean isOpenSimpleIpLimitService=ipListSysConfigBean.isBsimple_ip_service_open();

        if(isOpenSimpleIpLimitService!=null&&isOpenSimpleIpLimitService==true){
               //System.out.println("单ip检测，拦截");

            islimit_user= checkIpVisitByIpTables_One(request);
        }


        //是否开通IP段检验
        Boolean isOpenMoreIpLimitService=ipListSysConfigBean.isBmore_ip_litem_service_open();
        if(isOpenMoreIpLimitService!=null&&isOpenMoreIpLimitService==true){
            // System.out.println("ip段检测，拦截");
             islimit_user= checkIpVisitByIpTables_More(request);

        }

        return islimit_user;


    }


      public void ipCount(ServletRequest request,ServletResponse response) throws ServletException, IOException{

          //禁用ip过滤

      // System.out.println("IP安全过滤系统");
        //获取系统配置
        UserLimitPlugsConfigBean ipListSysConfigBean = appConfig.getPlugsConfigBean();

                       //是否开通自动IP统计与限制服务
        boolean isAutoCountAndLimitSeriveOpen=ipListSysConfigBean.isBauto_ip_limit_and_count_service_open();

        if(isAutoCountAndLimitSeriveOpen==true){

          // System.out.println("统计IP");
            countUserIPVisite(request);
        }
      }

     //IpConvertUtil

     //单IP限制访问

   public boolean checkIpVisitByIpTables_One(ServletRequest request){

          HttpServletRequest req=(HttpServletRequest)request;

          String ipAddress=request.getRemoteAddr();
          String clientRealIP=ipBaeeUtil.getIpPaser().parseRealIpAddr(req);
        long clientRealIpLong= ipBaeeUtil.getIpPaser().ipToLong(clientRealIP);

         //白名单客户不作过滤及黑名单更新
        IpCheckItem ip_white = this.simpleIpLimitCacheService.queryLimitIpAtCatcheIpWhiteTables(clientRealIpLong);
          if(ip_white!=null){
             //System.out.println("ip审查，许可访问:"+clientRealIP);
          }

        //查询ip黑名单
      IpCheckItem ipitem= this.simpleIpLimitCacheService.queryLimitIpAtCatcheIpBlackTables(clientRealIpLong);

        if(ipitem!=null){
            //ip位于黑名单中，被系统限制

          System.out.println("ip审查,禁止访问:"+clientRealIP);

            return true;
        }



      return false;
    }

   //多IP限制,IP段暂不实现IP段检测网站访问量还不大

    public boolean checkIpVisitByIpTables_More(ServletRequest request){

          HttpServletRequest req=(HttpServletRequest)request;

          String ipAddress=request.getRemoteAddr();
          String clientRealIP=ipBaeeUtil.getIpPaser().parseRealIpAddr(req);
        long clientRealIpLong= ipBaeeUtil.getIpPaser().ipToLong(clientRealIP);


        return true;
    }

      public void countUserIPVisite (ServletRequest request){

      //获取客户真实IP，添加监测实体，建立统计日志记录

       //基于内存DB进行统计
       IplogCache log=   countUserIPVisiteLog(request);

       if(log==null){
            System.out.println("添加IP日志失败，无法统计:"+this.getClass().getName());
           this.log.error("添加IP日志失败，无法统计:"+this.getClass().getName());
            return ;
       }

             //判断是否超出当天许可访问次数，否则加入黑名单
          //获取系统配置
        UserLimitPlugsConfigBean ipListSysConfigBean = appConfig.getPlugsConfigBean();
        int maxpvCountLimit= ipListSysConfigBean.getAuto_ip_limit_ip_one_day_max_pv();
        long max_current=log.getDayCount();


          SimpleIpLimitCacheService ipservice=SimpleIpLimitCacheService.getInstance();
        //白名单客户不作过滤及黑名单更新
        IpCheckItem ip_white = ipservice.queryLimitIpAtCatcheIpWhiteTables(log.getIpAddressLong());
          if(ip_white!=null){
              return ;
          }

        //超出IP访问次数限制，加入黑名单
        if(max_current>=maxpvCountLimit){

            IpCheckItem iplimit=new IpCheckItem ();
            iplimit.setBlimit(true);
            iplimit.setIpAddressView(log.getIpAddress());
            iplimit.setIpAddressLong(log.getIpAddressLong());
            iplimit.setLimitTime(new java.sql.Date(System.currentTimeMillis()));

            ipservice.addIp(iplimit);



        }else{
             // System.out.println("当前"+max_current+"正常IP，小于"+maxpvCountLimit);
        }

      }

    //统计IP访问次数,如超出限制额，则加入黑名单，实现对访问次数进行限制

    //统计会员IP访问
    public IplogCache countUserIPVisiteLog(ServletRequest request){


               HttpServletRequest req=(HttpServletRequest)request;

          String ipRemoteAddress=request.getRemoteAddr();


          //客户端真实IP
          String clientRealIP=ipBaeeUtil.getIpPaser().parseRealIpAddr(req);
        long clientRealIpLong= ipBaeeUtil.getIpPaser().ipToLong(clientRealIP);


      //代理节点IP
        String agentIp="";
        //通过代理节点访问
        if(ipRemoteAddress.equals(clientRealIP)==false){
            agentIp=ipRemoteAddress;
        }

        // System.out.println("统计访客IP："+clientRealIP + " agent:"+ipRemoteAddress);
          //IP实体是否存在


       return count(   clientRealIpLong,      clientRealIP,   agentIp);

    }


    public IplogCache count( long clientRealIpLong,     String clientRealIP, String agentIp){

        //从内存DB中获取

       IpEntryCache ipE= null;

              //时间信息
             long tlong= System.currentTimeMillis();
           Timestamp st= new java.sql.Timestamp(tlong);
           java.text.SimpleDateFormat ft=new    java.text.SimpleDateFormat("yyyy-MM-dd");
          String today_str= ft.format(new java.util.Date(tlong));

       ipE= getIpEntryCache(   agentIp,   clientRealIP, clientRealIpLong);

        //更新IP监测实体总记录

        //更新IP当天记录

        IplogCacheEntryService logService;
        logService = IplogCacheEntryService.getInstance();

        //获取当天日志
        IplogCache log=logService.queryLogByTodayIpLong(today_str,clientRealIpLong);
        //创建日志
        if(log==null){
            log=new IplogCache();

            log.setAddDay(today_str);

            log.setDayCount(1);

            log.setIpAddressLong(clientRealIpLong);

            log.setIpAddress(clientRealIP);

            log.setIpEntryId(ipE.getIpEntryid());

            logService.add(log);

          log=logService.queryLogByTodayIpLong(today_str,clientRealIpLong);
        }
        //java.lang.NullPointerException
        if(log!=null){
            int maxCount_current=log.getDayCount()+1;
        log.setDayCount(maxCount_current);
        logService.update_day_count(today_str,clientRealIpLong,maxCount_current);
        }


        return log;
    }



    //获取统计IP （内存）
        public IpEntryCache getIpEntryCache( String agentIp, String clientRealIP,long clientRealIpLong){
          //时间信息
             long tlong= System.currentTimeMillis();
           Timestamp st= new java.sql.Timestamp(tlong);
           java.text.SimpleDateFormat ft=new    java.text.SimpleDateFormat("yyyy-MM-dd");
          String today_str= ft.format(new java.util.Date(tlong));


        //从内存中加载
             IpEntryCache ipECache= null;
             IpEntryCacheEntryService ipEntryCacheService=IpEntryCacheEntryService.getInstance();
             ipECache= ipEntryCacheService.getClientRealIpByLongIpAddress(clientRealIpLong);
             //内存中监测IP不存在,从数据库中加载IP

             if(ipECache==null){
                 //从数据库获取统计IP
                  IpEntry ipLocal=getIpEntryLocalDb(   agentIp,   clientRealIP, clientRealIpLong);

                    System.out.println("保存监测IP实体："+clientRealIpLong);
            ipECache=new IpEntryCache();
            //ID与本地数据ID同步
            ipECache.setIpEntryid(ipLocal.getIpEntryid());

            ipECache.setAgentIpAddress(agentIp);
            ipECache.setIpAddress(clientRealIP);
            ipECache.setIpAddressLong(clientRealIpLong);

            ipECache.setLastVisitDay( st);
            ipECache.setLastVisitDayLong(tlong);

             int r=   ipEntryCacheService.add(ipECache);

            ipECache= ipEntryCacheService.getClientRealIpByLongIpAddress(clientRealIpLong);

             }
            return ipECache;
        }


        public IpEntry getIpEntryLocalDb( String agentIp, String clientRealIP,long clientRealIpLong){

        //从内存中加载


              IpEntryEntryService ipService=IpEntryEntryService.getInstance();

             IpEntry ipE= null;

             ipE= ipService.getClientRealIpByLongIpAddress(clientRealIpLong);

       //时间信息
             long tlong= System.currentTimeMillis();
           Timestamp st= new java.sql.Timestamp(tlong);
           java.text.SimpleDateFormat ft=new    java.text.SimpleDateFormat("yyyy-MM-dd");
          String today_str= ft.format(new java.util.Date(tlong));

       //创建IP监测实体
        if(ipE==null){
            System.out.println("保存监测IP实体："+clientRealIpLong);
            ipE=new IpEntry();

            ipE.setAgentIpAddress(agentIp);
            ipE.setIpAddress(clientRealIP);
            ipE.setIpAddressLong(clientRealIpLong);

            ipE.setLastVisitDay( st);
            ipE.setLastVisitDayLong(tlong);

             int r=   ipService.add(ipE);

            ipE= ipService.getClientRealIpByLongIpAddress(clientRealIpLong);

        }

        if(ipE==null){
           log.error("保存监测IP失败,class:"+this.getClass().getName());
              System.out.println("保存监测IP失败,class:"+this.getClass().getName());
            return null;
        }

        return ipE;
    }


    public WebIpBaseUtil getIpBaeeUtil() {
        return ipBaeeUtil;
    }

    public void setIpBaeeUtil(WebIpBaseUtil ipBaeeUtil) {
        this.ipBaeeUtil = ipBaeeUtil;
    }



    public UserAppConfigLoader getAppConfig() {
        return appConfig;
    }

    public void setAppConfig(UserAppConfigLoader appConfig) {
        this.appConfig = appConfig;
    }


    public static void main(String argvs[]){

        String agentIp="192.168.1.98";

        String clientRealIP="8.8.8.8";

        long clientRealIpLong=12435791;

        UserIpLimitRequestService s=new UserIpLimitRequestService();
        //本地DB 测试
       // s.getIpEntryLocalDb(agentIp, clientRealIP, clientRealIpLong);

        //内存DB测试

       // s.getIpEntryCache(agentIp, clientRealIP, clientRealIpLong);

        //统计测试
        for(int i=0;i<1000;i++){
             s.count(clientRealIpLong, clientRealIP, agentIp);

        }




    }
}

w_j_w2010

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
基于Http的IP防火墙

/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */package
复制链接

扫一扫