import java.io.IOException;\r
import java.net.InetAddress;\r
import java.net.UnknownHostException;\r
-import java.util.Collection;\r
import java.util.Collections;\r
import java.util.HashSet;\r
import java.util.Set;\r
import java.util.Timer;\r
import java.util.TimerTask;\r
-import java.util.regex.Pattern;\r
\r
/**\r
* A {@link Filter} that rejects requests from hosts that are sending too many\r
private static final int MAX_ACCESSES_PER_IP_PER_TIME = 10;\r
private static final long MAX_ACCESS_INTERVAL_MSEC = 10L * 1000L;\r
private static final long UNBAN_INTERVAL_MSEC = 60L * 60L * 1000L;\r
- private static final Pattern COMMA_PATTERN = Pattern.compile(",");\r
\r
private final IPTrie numRecentAccesses;\r
private final Timer timer;\r
private final Set<String> bannedIPAddresses;\r
- private final Collection<String> manuallyBannedIPAddresses;\r
private ServletContext context;\r
\r
public DoSFilter() {\r
numRecentAccesses = new IPTrie();\r
timer = new Timer("DosFilter reset timer");\r
bannedIPAddresses = Collections.synchronizedSet(new HashSet<String>());\r
- manuallyBannedIPAddresses = new HashSet<String>();\r
}\r
\r
public void init(FilterConfig filterConfig) {\r
context = filterConfig.getServletContext();\r
- String bannedIPs = filterConfig.getInitParameter("bannedIPs");\r
- if (bannedIPs != null) {\r
- for (String ip : COMMA_PATTERN.split(bannedIPs)) {\r
- manuallyBannedIPAddresses.add(ip.trim());\r
- }\r
- }\r
timer.scheduleAtFixedRate(new ResetTask(), 0L, MAX_ACCESS_INTERVAL_MSEC);\r
timer.scheduleAtFixedRate(new UnbanTask(), 0L, UNBAN_INTERVAL_MSEC);\r
}\r
\r
private boolean isBanned(ServletRequest request) {\r
String remoteIPAddressString = request.getRemoteAddr();\r
- if (bannedIPAddresses.contains(remoteIPAddressString) ||\r
- manuallyBannedIPAddresses.contains(remoteIPAddressString)) {\r
+ if (bannedIPAddresses.contains(remoteIPAddressString)) {\r
return true;\r
}\r
InetAddress remoteIPAddress;\r