View Javadoc
1   /*
2    * Copyright 2024 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty.example.ipfilter;
17  
18  import io.netty.bootstrap.ServerBootstrap;
19  import io.netty.buffer.ByteBuf;
20  import io.netty.channel.ChannelFuture;
21  import io.netty.channel.ChannelHandlerContext;
22  import io.netty.channel.ChannelInitializer;
23  import io.netty.channel.ChannelPipeline;
24  import io.netty.channel.EventLoopGroup;
25  import io.netty.channel.SimpleChannelInboundHandler;
26  import io.netty.channel.nio.NioEventLoopGroup;
27  import io.netty.channel.socket.SocketChannel;
28  import io.netty.channel.socket.nio.NioServerSocketChannel;
29  import io.netty.handler.ipfilter.IpFilterRuleType;
30  import io.netty.handler.ipfilter.IpSubnetFilter;
31  import io.netty.handler.ipfilter.IpSubnetFilterRule;
32  import io.netty.handler.logging.LogLevel;
33  import io.netty.handler.logging.LoggingHandler;
34  
35  import java.util.ArrayList;
36  import java.util.List;
37  
38  /**
39   * Discards any incoming data from a blacklisteded IP address subnet and accepts the rest.
40   */
41  public final class IpSubnetFilterExample {
42  
43      static final int PORT = Integer.parseInt(System.getProperty("port", "8009"));
44  
45      public static void main(String[] args) throws Exception {
46          EventLoopGroup group = new NioEventLoopGroup();
47          try {
48              List<IpSubnetFilterRule> rules = new ArrayList<IpSubnetFilterRule>();
49  
50              // Reject 10.10.10.0/24 and 192.168.0.0/16 ranges but accept the rest
51              rules.add(new IpSubnetFilterRule("10.10.10.0", 24, IpFilterRuleType.REJECT));
52              rules.add(new IpSubnetFilterRule("192.168.0.0", 16, IpFilterRuleType.REJECT));
53  
54              // Share this same Handler instance with multiple ChannelPipeline(s).
55              final IpSubnetFilter ipFilter = new IpSubnetFilter(rules);
56  
57              ServerBootstrap b = new ServerBootstrap();
58              b.group(group)
59                      .channel(NioServerSocketChannel.class)
60                      .handler(new LoggingHandler(LogLevel.INFO))
61                      .childHandler(new ChannelInitializer<SocketChannel>() {
62                          @Override
63                          public void initChannel(SocketChannel ch) {
64                              ChannelPipeline p = ch.pipeline();
65                              p.addFirst(ipFilter);
66  
67                              p.addLast(new SimpleChannelInboundHandler<ByteBuf>() {
68                                  @Override
69                                  protected void channelRead0(ChannelHandlerContext ctx, ByteBuf msg) throws Exception {
70                                      System.out.println("Received data from: " + ctx.channel().remoteAddress());
71                                  }
72                              });
73                          }
74                      });
75  
76              // Bind and start to accept incoming connections.
77              ChannelFuture f = b.bind(PORT).sync();
78  
79              // Wait until the server socket is closed.
80              // In this example, this does not happen, but you can do that to gracefully
81              // shut down your server.
82              f.channel().closeFuture().sync();
83          } finally {
84              group.shutdownGracefully();
85          }
86      }
87  }