如何拒绝Netty中的传入连接? [英] How to refuse incoming connections in Netty?
问题描述
我有一个Netty TCP服务器,我想有选择地拒绝/拒绝传入连接尝试(基于他们的远程地址)。我想我必须使用 ServerBootstrap.setParentHandler(ChannelHandler)
,但我该如何处理 ChannelHandler
?我处理什么事?我如何拒绝连接?
I have a Netty TCP server, and I want to reject/refuse incoming connection attempts selectively (based on their remote address). I guess I have to use ServerBootstrap.setParentHandler(ChannelHandler)
, but what do I do in the ChannelHandler
? What event am I handling? How do I refuse the connection?
推荐答案
正如Norman所说,没有办法拒绝连接,但你可以关闭它立即将Netty的IpFilterHandler添加到服务器管道作为第一个处理程序。它也将停止传播用于过滤连接的上游信道状态事件。
As Norman said, there is no way to refuse the connection, but you can close it immediately by adding a Netty's IpFilterHandler to server pipeline as the first handler. It will also stop propagating the upstream channel state events for filtered connection too.
@ChannelHandler.Sharable
public class MyFilterHandler extends IpFilteringHandlerImpl {
private final Set<InetSocketAddress> deniedRemoteAddress;
public MyFilterHandler(Set<InetSocketAddress> deniedRemoteAddress) {
this.deniedRemoteAddress = deniedRemoteAddress;
}
@Override
protected boolean accept(ChannelHandlerContext ctx, ChannelEvent e, InetSocketAddress inetSocketAddress) throws Exception {
return !deniedRemoteAddress.contains(inetSocketAddress);
}
}
如果您有要阻止的IP地址模式列表,你可以使用IpFilterRuleHandler,
if you have list of patterns of IP address to block, you can use IpFilterRuleHandler,
//Example: allow only localhost:
new IPFilterRuleHandler().addAll(new IpFilterRuleList("+n:localhost, -n:*"))
这篇关于如何拒绝Netty中的传入连接?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!