only allowing one connection per IP address

Trustin Lee tlee at redhat.com
Sun Mar 22 12:57:12 EDT 2009 

A couple ideas:

* We cannot assume that a Channel's remoteAddress will be available
when a Channel is not connected yet.  Therefore, 'early refuse'
doesn't make sense.  Is there any use case where there needs to
determine when the connection was refused? (e.g. right after the
connection is accepted vs. after receiving some messages.)

* I don't think we need this many *Accept() methods.  My initial idea
was just to make IpFilterHandler to monitor all events so that any
connections can be closed even when messageReceived event is
triggered.  It could be like this:

    public void handlerUpstream(ctx, evt) {
        if (accept(..., ctx.getChannel().getRemoteAddress())) {
            ctx.sendUpstream(evt);
        } else {
            handleRefusedChannel(...);
        }
    }

* As I told you in my previous message, there should be the default
handleRefusedChannel() implementation.

* I think we need to add 'throws Exception' clause to accept() and
handleRefusedChannel() as we did for other overridable methods (e.g.
FrameDecoder.decode()).  Any raised exceptions will trigger
exceptionCaught event anyway.

* IpSubnet looks OK to me, but it could be more extensible as I told
you in my previous message regarding the IpFilterRule interface.

— Trustin Lee, http://gleamynode.net/

On Mon, Mar 23, 2009 at 1:03 AM, Frederic Bregier <fredbregier at free.fr> wrote:
>
> Hi Trustin,
>
> I try to do what you suggested. I didn't test them right now.
> I didn't create either a branch until your suggestion on my question.
>
> In order to be able to continue to shared my prototype, here are the new
> classes:
>
> http://n2.nabble.com/file/n2517382/IpFilteringHandler.java
> IpFilteringHandler.java
> http://n2.nabble.com/file/n2517382/OneIpFilterHandler.java
> OneIpFilterHandler.java
> http://n2.nabble.com/file/n2517382/IpSubnet.java IpSubnet.java
> http://n2.nabble.com/file/n2517382/IpBlackWhiteListHandler.java
> IpBlackWhiteListHandler.java
>
> WDYT?
> Cheers,
> Frederic
>
> -----
> Hardware/Software Architect
> --
> View this message in context: http://n2.nabble.com/only-allowing-one-connection-per-IP-address-tp2495797p2517382.html
> Sent from the Netty User Group mailing list archive at Nabble.com.
>
> _______________________________________________
> netty-users mailing list
> netty-users at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/netty-users
>

More information about the netty-users mailing list