projects
/
zxing.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Tighten up some stuff I saw from the logs
[zxing.git]
/
zxingorg
/
src
/
com
/
google
/
zxing
/
web
/
DoSFilter.java
diff --git
a/zxingorg/src/com/google/zxing/web/DoSFilter.java
b/zxingorg/src/com/google/zxing/web/DoSFilter.java
index
177fc2b
..
7c9fa77
100755
(executable)
--- a/
zxingorg/src/com/google/zxing/web/DoSFilter.java
+++ b/
zxingorg/src/com/google/zxing/web/DoSFilter.java
@@
-27,13
+27,11
@@
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
\r
import java.net.InetAddress;
\r
import java.net.UnknownHostException;
\r
import java.io.IOException;
\r
import java.net.InetAddress;
\r
import java.net.UnknownHostException;
\r
-import java.util.Collection;
\r
import java.util.Collections;
\r
import java.util.HashSet;
\r
import java.util.Set;
\r
import java.util.Timer;
\r
import java.util.TimerTask;
\r
import java.util.Collections;
\r
import java.util.HashSet;
\r
import java.util.Set;
\r
import java.util.Timer;
\r
import java.util.TimerTask;
\r
-import java.util.regex.Pattern;
\r
\r
/**
\r
* A {@link Filter} that rejects requests from hosts that are sending too many
\r
\r
/**
\r
* A {@link Filter} that rejects requests from hosts that are sending too many
\r
@@
-46,29
+44,20
@@
public final class DoSFilter implements Filter {
private static final int MAX_ACCESSES_PER_IP_PER_TIME = 10;
\r
private static final long MAX_ACCESS_INTERVAL_MSEC = 10L * 1000L;
\r
private static final long UNBAN_INTERVAL_MSEC = 60L * 60L * 1000L;
\r
private static final int MAX_ACCESSES_PER_IP_PER_TIME = 10;
\r
private static final long MAX_ACCESS_INTERVAL_MSEC = 10L * 1000L;
\r
private static final long UNBAN_INTERVAL_MSEC = 60L * 60L * 1000L;
\r
- private static final Pattern COMMA_PATTERN = Pattern.compile(",");
\r
\r
private final IPTrie numRecentAccesses;
\r
private final Timer timer;
\r
private final Set<String> bannedIPAddresses;
\r
\r
private final IPTrie numRecentAccesses;
\r
private final Timer timer;
\r
private final Set<String> bannedIPAddresses;
\r
- private final Collection<String> manuallyBannedIPAddresses;
\r
private ServletContext context;
\r
\r
public DoSFilter() {
\r
numRecentAccesses = new IPTrie();
\r
timer = new Timer("DosFilter reset timer");
\r
bannedIPAddresses = Collections.synchronizedSet(new HashSet<String>());
\r
private ServletContext context;
\r
\r
public DoSFilter() {
\r
numRecentAccesses = new IPTrie();
\r
timer = new Timer("DosFilter reset timer");
\r
bannedIPAddresses = Collections.synchronizedSet(new HashSet<String>());
\r
- manuallyBannedIPAddresses = new HashSet<String>();
\r
}
\r
\r
public void init(FilterConfig filterConfig) {
\r
context = filterConfig.getServletContext();
\r
}
\r
\r
public void init(FilterConfig filterConfig) {
\r
context = filterConfig.getServletContext();
\r
- String bannedIPs = filterConfig.getInitParameter("bannedIPs");
\r
- if (bannedIPs != null) {
\r
- for (String ip : COMMA_PATTERN.split(bannedIPs)) {
\r
- manuallyBannedIPAddresses.add(ip.trim());
\r
- }
\r
- }
\r
timer.scheduleAtFixedRate(new ResetTask(), 0L, MAX_ACCESS_INTERVAL_MSEC);
\r
timer.scheduleAtFixedRate(new UnbanTask(), 0L, UNBAN_INTERVAL_MSEC);
\r
}
\r
timer.scheduleAtFixedRate(new ResetTask(), 0L, MAX_ACCESS_INTERVAL_MSEC);
\r
timer.scheduleAtFixedRate(new UnbanTask(), 0L, UNBAN_INTERVAL_MSEC);
\r
}
\r
@@
-86,8
+75,7
@@
public final class DoSFilter implements Filter {
\r
private boolean isBanned(ServletRequest request) {
\r
String remoteIPAddressString = request.getRemoteAddr();
\r
\r
private boolean isBanned(ServletRequest request) {
\r
String remoteIPAddressString = request.getRemoteAddr();
\r
- if (bannedIPAddresses.contains(remoteIPAddressString) ||
\r
- manuallyBannedIPAddresses.contains(remoteIPAddressString)) {
\r
+ if (bannedIPAddresses.contains(remoteIPAddressString)) {
\r
return true;
\r
}
\r
InetAddress remoteIPAddress;
\r
return true;
\r
}
\r
InetAddress remoteIPAddress;
\r