All Examples Security Examples
java.lang.Object | +----examples.security.net.SimpleConnectionFilter
Syntax of the rule file is as follows: each rule is written on a single line. Tokens in a rule are separated by whitespace. "#" is the comment character; everything after it on a line is ignored. Whitespace before or after a rule is ignored. Lines consisting solely of whitespace or comments are skipped.
All rules follow this form:
target action protocolswhere target is a specification of one or more hosts to filter, action is the action to perform (and must be either allow or deny), and protocols is the list of protocol names to match (must be one of http, https, t3, t3s, or giop; if no protocols are listed, all protocols will match a rule).
This example recognizes two kinds of rule:
dialup-650-555-1212.pa.example.net deny t3 t3s # http and https OK 192.168.81.0/255.255.254.0 allow # 23-bit netmask 192.168.0.0/16 deny # like /255.255.0.0Hostnames for fast rules are looked up once, at server startup time. While this greatly reduces connect-time overhead, it can result in the filter having an out-of-date idea of what addresses correspond to a hostname. For maximal comfort of mind, use numeric IP addresses instead.
.script-kiddiez.org denyThe "*" only matches at the head of a pattern. If you specify one anywhere else, it will be treated as part of the pattern (and so that pattern will never match anything, since "*" is not a legal part of a domain name).
If you want to "lock down" your server and only allow connections from certain addresses, you can specify 0.0.0.0/0 deny as your last rule.
This example does not take full advantage of the information provided by the connection filter. This this example assumes IPv4 addresses, but it should be easy to convert it to use IPv6 addresses, if necessary.
public static final java.lang.String FILTER_FILE
public SimpleConnectionFilter() throws java.io.IOException
public SimpleConnectionFilter(java.io.InputStream is) throws java.io.IOException
is
- stream to read from
protected void parseLine(java.lang.String line, java.util.Vector entries) throws java.io.IOException, java.lang.IllegalArgumentException
line
- the line to parse (guaranteed not to contain
comments, surrounding whitespace, or be empty)
entries
- the running list of rules
public void accept(weblogic.security.net.ConnectionEvent evt) throws weblogic.security.net.FilterException
evt
- the connection event
protected static final int parseProtocols(java.util.StringTokenizer toks) throws weblogic.security.net.FilterException
protected static final int[] parseAddresses(java.lang.String str) throws java.io.IOException
str
- hostname or IPv4 address in string form
protected static final int parseNetmask(java.lang.String maskStr) throws java.io.IOException
maskStr
- mask spec string
protected static final boolean parseAction(java.lang.String whatever) throws java.io.IOException
whatever
- the action string
public static void main(java.lang.String args[]) throws java.lang.Exception
All Examples Security Examples