Package host.anzo.core.service

Class FirewallService

java.lang.Object

host.anzo.core.service.FirewallService

public class FirewallService
extends Object

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	FirewallService.BurstRateLimiter	Implementation of a rate limiter with a burst (i.e.

Method Summary

Modifier and Type	Method	Description
void	addBlock(String className, String ip, @Nullable Integer sourcePort, int destPort, long banTime, TimeUnit banTimeUnit)	Add firewall block rule for specified parameters
void	cleanupBans()
void	clear()	Clear blocked IP list
void	flushSystemFirewall()
boolean	isAllowedAddress(@NotNull Class<?> clazz, String ip, @Nullable Integer sourcePort, int destPort, double allowedRequestsPerSecond, ERestrictionType restrictionType)
boolean	isAllowedAddress(String className, String ip, @Nullable Integer sourcePort, int destPort, double allowedRequestsPerSecond, ERestrictionType restrictionType)
void	removeBlock(String ipAddress)	Remove specified IP address from internal firewall

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

isAllowedAddress

public boolean isAllowedAddress(@NotNull
 @NotNull Class<?> clazz,
 String ip,
 @Nullable
 @Nullable Integer sourcePort,
 int destPort,
 double allowedRequestsPerSecond,
 ERestrictionType restrictionType)

Parameters:

clazz - service class

ip - client IP address

sourcePort - client service connection port (can be null)

destPort - destination service port

allowedRequestsPerSecond - maximum allowed requests per second

restrictionType - restriction, applied to connection exceeded rate limit

Returns:

true if specified IP allowed to connect/request specified service clazz, false otherwise

isAllowedAddress

public boolean isAllowedAddress(String className,
 String ip,
 @Nullable
 @Nullable Integer sourcePort,
 int destPort,
 double allowedRequestsPerSecond,
 ERestrictionType restrictionType)

Parameters:

className - service class name

ip - client IP address

sourcePort - client service connection port (can be null)

destPort - destination service port

allowedRequestsPerSecond - maximum allowed requests per second

restrictionType - restriction, applied to connection exceeded rate limit

Returns:

true if specified IP allowed to connect/request specified service clazz, false otherwise

addBlock

public void addBlock(String className,
 String ip,
 @Nullable
 @Nullable Integer sourcePort,
 int destPort,
 long banTime,
 TimeUnit banTimeUnit)

Add firewall block rule for specified parameters

Parameters:

className - service class name

ip - client IP address

sourcePort - client service connection port (can be null, using for logs)

destPort - destination service port

banTime - ban time in specified time unit's

banTimeUnit - ban time unit's

removeBlock

public void removeBlock(String ipAddress)

Remove specified IP address from internal firewall

Parameters:

ipAddress - IP address to remove

clear

public void clear()

Clear blocked IP list

flushSystemFirewall

public void flushSystemFirewall()

cleanupBans

public void cleanupBans()