import java.io.IOException;
import java.util.HashSet;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@ConditionalOnProperty(prefix="test.ip.filter",name="ip",havingValue="true",matchIfMissing=false)
@WebFilter(filterName = "IpFilter", urlPatterns = {"/api/","/api2/"})
public class IPFilter implements Filter {
@Value("${query.filter.ipadress:}")
private String ips;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
throws IOException, ServletException {
boolean needFilter = false;
String paramNames = ((HttpServletRequest) servletRequest).getParameter("paramNames");
String[] targetNames = new String[]{"","",""}for(String t:targetNames){
if(t.equals(name)){
needFilter = true;
break;
}
}
}
if(!needFilter){
filterChain.doFilter(servletRequest, servletResponse);
}else{
String ip = getIpAddress((HttpServletRequest) servletRequest);
HashSet<String> ipSet = getIpList(ips);
logger.debug("配置的过滤ip列表为:{},请求ip为:{},是否包含:{}",ips,ip,ipSet.contains(ip));
if(ipSet.contains(ip)) {
logger.warn("来自ip={}的请求任务,返回空值",ip);
sendSometing("",servletResponse);
return;
}else {
filterChain.doFilter(servletRequest, servletResponse);
}
}
}
@Override
public void destroy() {
}
public HashSet<String> getIpList(String ips){
HashSet<String> set = new HashSet<>();
String[] ipaddres = ips.split(",");
for (String ipaddr : ipaddres) {
if(ipaddr.contains("-")) {
String[] ipt = ipaddr.split("-");
int start = Integer.valueOf(ipt[0].substring(ipt[0].lastIndexOf(".") + 1));
int end = Integer.valueOf(ipt[1]);
for (int i = start; i <= end; i++) {
set.add(ipt[0].substring(0,ipt[0].lastIndexOf(".") + 1)+ i);
}
}else {
set.add(ipaddr);
}
}
return set;
}
public void sendSometing(String reason, ServletResponse servletResponse) throws IOException {
HttpServletResponse response = (HttpServletResponse) servletResponse;
response.setStatus(HttpServletResponse.SC_OK);
response.setContentType("text/plain; charset=UTF-8");
response.getWriter().write(reason);
}
// 获取ip
public static String getIpAddress(HttpServletRequest request) {
String ip = null;
// X-Forwarded-For:Squid 服务代理
String ipAddresses = request.getHeader("X-Forwarded-For");
if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses)) {
// Proxy-Client-IP:apache 服务代理
ipAddresses = request.getHeader("Proxy-Client-IP");
}
if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses)) {
// WL-Proxy-Client-IP:weblogic 服务代理
ipAddresses = request.getHeader("WL-Proxy-Client-IP");
}
if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses)) {
// HTTP_CLIENT_IP:有些代理服务器
ipAddresses = request.getHeader("HTTP_CLIENT_IP");
}
if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses)) {
// X-Real-IP:nginx服务代理
ipAddresses = request.getHeader("X-Real-IP");
}
// 有些网络通过多层代理,那么获取到的ip就会有多个,一般都是通过逗号(,)分割开来,并且第一个ip为客户端的真实IP
if (ipAddresses != null && ipAddresses.length() != 0) {
ip = ipAddresses.split(",")[0];
}
// 还是不能获取到,最后再通过request.getRemoteAddr();获取
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses)) {
ip = request.getRemoteAddr();
}
return ip;
}
public static void main(String[] args) {
String ips = "172.10.1.210,172.10.10.220-225";
HashSet<String> set = new HashSet<>();
String[] ipaddres = ips.split(",");
System.out.println(ipaddres[0]+"="+ipaddres[1]);
for (String ipaddr : ipaddres) {
if(ipaddr.contains("-")) {
String[] ipt = ipaddr.split("-");
int start = Integer.valueOf(ipt[0].substring(ipt[0].lastIndexOf(".") + 1));
int end = Integer.valueOf(ipt[1]);
for (int i = start; i <= end; i++) {
set.add(ipt[0].substring(0,ipt[0].lastIndexOf(".") + 1)+ i);
}
}else {
set.add(ipaddr);
}
}
System.out.println(set.toString());
}}
