/** Does the work of setting new good & bad hosts. */
private void refreshHostsImpl() {
LOG.debug("refreshing hosts");
// Load the local blacklist, stripping out invalid entries
IPList newBad = new IPList();
String[] allHosts = FilterSettings.BLACK_LISTED_IP_ADDRESSES.get();
ArrayList<String> valid = new ArrayList<String>(allHosts.length);
for (int i = 0; i < allHosts.length; i++) {
if (newBad.add(allHosts[i])) valid.add(allHosts[i]);
}
if (valid.size() != allHosts.length) {
allHosts = valid.toArray(new String[0]);
FilterSettings.BLACK_LISTED_IP_ADDRESSES.set(allHosts);
}
// Load the local whitelist, stripping out invalid entries
IPList newGood = new IPList();
allHosts = FilterSettings.WHITE_LISTED_IP_ADDRESSES.get();
valid = new ArrayList<String>(allHosts.length);
for (int i = 0; i < allHosts.length; i++) {
if (newGood.add(allHosts[i])) valid.add(allHosts[i]);
}
if (valid.size() != allHosts.length) {
allHosts = valid.toArray(new String[0]);
FilterSettings.WHITE_LISTED_IP_ADDRESSES.set(allHosts);
}
// Load data from hostiles.txt (if it wasn't already loaded!)...
if (shouldLoadHostiles) {
shouldLoadHostiles = false;
LOG.debug("loading hostiles");
File hostiles = new File(CommonUtils.getUserSettingsDir(), "hostiles.txt");
BufferedReader reader = null;
try {
reader = new BufferedReader(new FileReader(hostiles));
String read = null;
while ((read = reader.readLine()) != null) {
hostilesTXTHosts.add(read);
}
} catch (IOException ignored) {
LOG.debug("iox loading hostiles", ignored);
} finally {
IOUtils.close(reader);
}
}
badHosts = new MultiIPList(newBad, hostilesTXTHosts);
goodHosts = newGood;
}
@Override
protected boolean allowImpl(IP ip) {
if (goodHosts.contains(ip)) {
whitelistings++;
return true;
}
if (badHosts.contains(ip)) {
blacklistings++;
return false;
}
if (FilterSettings.USE_NETWORK_FILTER.getValue() && !hostileNetworkFilter.allow(ip)) {
netblockings++;
return false;
}
implicitings++;
return true;
}
public void testContains() {
IPList list = new IPList();
list.add("192.168.1.1");
assertTrue(list.contains(new IP("192.168.1.1")));
assertFalse(list.contains(new IP("192.168.1.2")));
assertEquals(1, list.size());
list.add("192.168.2.0/255.255.255.0");
assertTrue(list.contains(new IP("192.168.1.1")));
assertTrue(list.contains(new IP("192.168.2.2")));
assertFalse(list.contains(new IP("192.168.1.2")));
assertEquals(2, list.size());
list.add("192.168.2.1");
assertEquals(2, list.size());
list.add("192.168.2.3");
assertEquals(2, list.size());
list.add("192.168.1.255");
assertEquals(3, list.size());
list.add("192.168.1.254");
assertEquals(4, list.size());
assertTrue(list.contains(new IP("192.168.1.1")));
assertTrue(list.contains(new IP("192.168.2.2")));
assertFalse(list.contains(new IP("192.168.1.2")));
list.add("100.0.0.0/255.0.0.0");
assertEquals(5, list.size());
list.add("100.1.2.3");
assertEquals(5, list.size());
list.add("100.5.4.3");
assertEquals(5, list.size());
assertTrue(list.contains(new IP("100.5.3.2")));
assertTrue(list.contains(new IP("100.2.3.4")));
assertFalse(list.contains(new IP("99.2.1.3")));
list.add("98.1.2.3");
assertEquals(6, list.size());
list.add("98.5.4.3");
assertEquals(7, list.size());
list.add("98.0.0.0/255.0.0.0");
assertEquals(6, list.size());
assertTrue(list.contains(new IP("98.5.3.2")));
assertTrue(list.contains(new IP("98.2.3.4")));
assertFalse(list.contains(new IP("99.2.1.3")));
list.add("69.41.173.34");
assertEquals(7, list.size());
list.add("69.*.*.*");
assertEquals(7, list.size());
list.add("*.*.*.*");
assertEquals(1, list.size());
assertTrue(list.contains(new IP("98.5.3.2")));
assertTrue(list.contains(new IP("98.2.3.4")));
assertTrue(list.contains(new IP("99.2.1.3")));
assertTrue(list.contains(new IP("100.5.3.2")));
assertTrue(list.contains(new IP("100.2.3.4")));
assertTrue(list.contains(new IP("99.2.1.3")));
assertTrue(list.contains(new IP("192.168.1.1")));
assertTrue(list.contains(new IP("192.168.2.2")));
assertTrue(list.contains(new IP("192.168.1.2")));
}
public void testIPListLegacy() {
IPList iplist = new IPList();
iplist.add("192.168.0.1/255.255.255.0");
iplist.add("10.0.*.*");
assertTrue(!iplist.contains(new IP("192.168.1.2/255.255.255.0")));
assertTrue(iplist.contains(new IP("192.168.0.2")));
assertTrue(iplist.contains(new IP(bytes(192, 168, 0, 2))));
assertTrue(iplist.contains(new IP("192.168.0.1")));
assertTrue(iplist.contains(new IP(bytes(192, 168, 0, 1))));
assertTrue(!iplist.contains(new IP("192.168.1.1")));
assertTrue(!iplist.contains(new IP(bytes(192, 168, 1, 1))));
assertTrue(iplist.contains(new IP("10.0.1.1")));
assertTrue(iplist.contains(new IP(bytes(10, 0, 1, 1))));
assertTrue(!iplist.contains(new IP("10.1.0.1")));
assertTrue(!iplist.contains(new IP(bytes(10, 1, 0, 1))));
}
public void testIsValid() throws Exception {
IPList list = new IPList();
// try a private address
list.add("192.168.1.1");
assertFalse(list.isValidFilter(false, new SimpleNetworkInstanceUtils()));
assertTrue(list.isValidFilter(true, null));
// try filling up the space
list = new IPList();
list.add("*.*.*.*");
assertFalse(list.isValidFilter(false, new SimpleNetworkInstanceUtils()));
// try below max space - 2.5% of 4GB = 6 class A networks
list = new IPList();
list.add("1.*.*.*");
list.add("2.*.*.*");
list.add("3.*.*.*");
list.add("4.*.*.*");
list.add("5.*.*.*");
list.add("6.*.*.*");
assertTrue(list.isValidFilter(false, new SimpleNetworkInstanceUtils()));
list.add("7.*.*.*");
assertFalse(list.isValidFilter(false, new SimpleNetworkInstanceUtils()));
}
/** Determines if any blacklisted hosts exist. */
public boolean hasBlacklistedHosts() {
return (FilterSettings.USE_NETWORK_FILTER.getValue()
&& hostileNetworkFilter.hasBlacklistedHosts())
|| !badHosts.isEmpty();
}
