IP白名單

本文轉載自查看原文 2019-06-04 17:13 539 java
import lombok.extern.slf4j.Slf4j;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;

/**
 * @ Author     ：sunpz
 * @ Date       ：Created in 15:20 2019-06-04
 * @ Description：ip 對比檢查
 *            1.設置單個IP的白名單, 2.設置ip通配符,對一個ip段進行匹配 3.設置一個IP范圍(*和-不能組合使用,只能有一組 *)
 *            如: 192.168.**.1 ； 如果 192.168.**.* ,則會匹配錯誤
 * @ Modified By：
 * @ Version    : 1.0
 */
@Slf4j
public class IpFIlterUtils {

    /**
     * IP的正則校驗
     */
    private static final  Pattern PATTERN = Pattern.compile("(1\\d{1,2}|2[0-4]\\d|25[0-5]|\\d{1,2})\\."
                    + "(1\\d{1,2}|2[0-4]\\d|25[0-5]|\\d{1,2})\\."
                    + "(1\\d{1,2}|2[0-4]\\d|25[0-5]|\\d{1,2})\\."
                    + "(1\\d{1,2}|2[0-4]\\d|25[0-5]|\\d{1,2})");

    /**
     * 分割符號
     */
    private static final String SPLICT = ";";
    /**
     * ip 連接范圍符號
     */
    private static final String CONNECT_SYMBOL = "-";
    /**
     * 單個ip分割最大值
     */
    private static final int MAX_IP_SPLICT = 255;

    /**
     * @Auther sunpz
     * @DateTime 2019-06-04 15:31
     * @Description: 根據IP白名單設置獲取可用的IP列表
     * @Param allowIp
     * @Return: java.util.Set<java.lang.String>
     */
    private static Set<String> getAvaliIpList(String allowIp) {

        Set<String> ipList = new HashSet<>();
        for (String allow : allowIp.replaceAll("\\s", "").split(SPLICT)) {
            //如果帶有 * 需要特殊處理
            if (allow.contains("*")) {
                String[] ips = allow.split("\\.");
                String[] from = new String[] { "0", "0", "0", "0" };
                String[] end = new String[] { "255", "255", "255", "255" };
                List<String> tem = new ArrayList<>();
                for (int i = 0; i < ips.length; i++){
                    if (ips[i].contains("*")) {
                        tem = complete(ips[i]);
                        from[i] = null;
                        end[i] = null;
                    } else {
                        from[i] = ips[i];
                        end[i] = ips[i];
                    }
                }
                StringBuilder fromIP = new StringBuilder();
                StringBuilder endIP = new StringBuilder();
                for (int i = 0; i < 4; i++){
                    if (from[i] != null) {
                        fromIP.append(from[i]).append(".");
                        endIP.append(end[i]).append(".");
                    } else {
                        fromIP.append("[*].");
                        endIP.append("[*].");
                    }
                }
                fromIP.deleteCharAt(fromIP.length() - 1);
                endIP.deleteCharAt(endIP.length() - 1);

                for (String s : tem) {
                    String ip = fromIP.toString().replace("[*]", s.split(SPLICT)[0])
                            + CONNECT_SYMBOL
                            + endIP.toString().replace("[*]", s.split(SPLICT)[1]);
                    if (validate(ip)) {
                        ipList.add(ip);
                    }
                }
            } else {
                if (validate(allow)) {
                    ipList.add(allow);
                }
            }

        }

        return ipList;
    }

   /**
    * @Auther sunpz
    * @DateTime 2019-06-04 17:13
    * @Description: 對單個IP節點進行范圍限定
    * @Param null
    * @Return: 回限定后的IP范圍，格式為List[10;19, 100;199]
    */
    private static List<String> complete(String arg) {
        List<String> com = new ArrayList<>();
        if (arg.length() == 1) {
            com.add("0;255");
        } else if (arg.length() == 2) {
            String s1 = complete(arg, 1);
            if (s1 != null){
                com.add(s1);
            }
            String s2 = complete(arg, 2);
            if (s2 != null){
                com.add(s2);
            }
        } else {
            String s1 = complete(arg, 1);
            if (s1 != null){
                com.add(s1);
            }
        }
        return com;
    }
    
    /**
     * @Auther sunpz
     * @DateTime 2019-06-04 17:13
     * @Description: 獲取 ip范圍
     * @Param arg
     * @Param length
     * @Return: java.lang.String
     */
    private static String complete(String arg, int length) {
        String from;
        String end;
        if (length == 1) {
            from = arg.replace("*", "0");
            end = arg.replace("*", "9");
        } else {
            from = arg.replace("*", "00");
            end = arg.replace("*", "99");
        }
        if (Integer.valueOf(from) > MAX_IP_SPLICT){
            return null;
        }
        if (Integer.valueOf(end) > MAX_IP_SPLICT){
            end = "255";
        }
        return from + SPLICT + end;
    }

    /**
     * @Auther sunpz
     * @DateTime 2019-06-04 17:13
     * @Description: 對ip進行格式校驗
     * @Param ip
     * @Return: boolean
     */
    private static boolean validate(String ip) {
        for (String s : ip.split(CONNECT_SYMBOL)){
            if (!PATTERN.matcher(s).matches()) {
                return false;
            }
        }
        return true;
    }

     /**
      * @Auther sunpz
      * @DateTime 2019-06-04 15:33
      * @Description: 根據IP,及可用Ip列表來判斷ip是否包含在白名單之中
      * @Param ip
      * @Param ipList
      * @Return: boolean: boolean
      */
    private static boolean checkLoginIP(String ip, Set<String> ipList) {
        log.info("[檢查IP] 處理后 ： {} ,list {}", ip, ipList);
        if (ipList.isEmpty() || ipList.contains(ip)){
            return true;
        }
        //如果含有 "-" 則需要逐段比較
        else {
            for (String allow : ipList) {
                if (allow.contains(CONNECT_SYMBOL)) {
                    String[] from = allow.split(CONNECT_SYMBOL)[0].split("\\.");
                    String[] end = allow.split(CONNECT_SYMBOL)[1].split("\\.");
                    String[] tag = ip.split("\\.");

                    // 對IP從左到右進行逐段匹配
                    boolean check = true;
                    for (int i = 0; i < 4; i++) {
                        int s = Integer.valueOf(from[i]);
                        int t = Integer.valueOf(tag[i]);
                        int e = Integer.valueOf(end[i]);
                        if (!(s <= t && t <= e)) {
                            check = false;
                            break;
                        }
                    }
                    if (check) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    /**
     *
     * checkLoginIP:(根據IP地址，及IP白名單設置規則判斷IP是否包含在白名單).
     * @date 2017-4-17 下午03:01:37
     * @param ip
     * @param ipWhiteConfig
     * @return
     */
    public static boolean checkLoginIP(String ip,String ipWhiteConfig){
        log.info("[檢查IP] {} ,list {}", ip, ipWhiteConfig);
        Set<String> ipList = getAvaliIpList(ipWhiteConfig);
        return checkLoginIP(ip, ipList);
    }


    public static void main(String[] args) {
        //
        String ipWhilte = "192.168.1.1;" +
                "192.168.2.*;" +
                "192.168.3.17-192.168.3.38";


        System.out.println(checkLoginIP("192.168.1.3", ipWhilte));
    }
}
代碼部分來自網絡，有修改 http://www.itdaan.com/blog/2017/01/23/973ee9c4c156ddcbd1992fc7bd2edb79.html
免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。
猜您在找 白名單及灰度IP PHP　限制訪問ip白名單 firewall ip白名單設置 Java實現IP白名單校驗 charles 白名單解決微信公眾平台IP白名單 redis中的設置bind綁定ip不是設置白名單將 Cloudflare 節點IP段加入寶塔白名單 Java IP白名單相關工具類 Java代碼中對IP進行白名單驗證