banipaction.java

真正的、彻底的、完全面向对象软件系统。有兴趣的加我好友

package com.jdon.jivejdon.presentation.action.admin;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.Set;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.log4j.Logger;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import com.jdon.controller.WebAppUtil;
import com.jdon.jivejdon.manager.block.IPBanList;
import com.jdon.jivejdon.manager.throttle.ThrottleManagerIF;
import com.jdon.util.UtilValidate;

public class BanIPAction extends Action {
	private final static Logger logger = Logger.getLogger(BanIPAction.class);
	public final static String IPLIST = "ips";

	public ActionForward execute(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest request, HttpServletResponse response) {

		String ip = request.getParameter("ip");
		String actionS = request.getParameter("action");
		if ((actionS != null) && (actionS.equalsIgnoreCase("delete"))) {
			delBanIpFromList(request, ip);
		} else {//no delete,maybe list or add
			if (!UtilValidate.isEmpty(ip)) { // it is add IP to List
				addBanIp(request, ip);
			} 
		}
		Collection ips = getBanIpList(request);
		request.setAttribute(IPLIST, ips);// save request for jsp out
		return actionMapping.findForward("forward");
	}
	
	private Collection getBanIpList(HttpServletRequest request){
		logger.debug("enter getBanIpList");
		Collection ipsres =  new ArrayList();
		try {
			ThrottleManagerIF throttleManager = (ThrottleManagerIF) WebAppUtil.getService("throttleManager", request);
			IPBanList iPBanList = throttleManager.getIPBanList();
			Set ips =  iPBanList.getBannedIps();
			Iterator iter = ips.iterator();
			while(iter.hasNext()){
				ipsres.add(iter.next());//struts taglib logic:iterato only support List
			}
		} catch (Exception e) {
			System.err.println(e.toString());
			
		}	
		return ipsres;
	}
	
	private void delBanIpFromList(HttpServletRequest request, String ip){
		logger.debug("enter delBanIpFromList");
		try {
			ThrottleManagerIF throttleManager = (ThrottleManagerIF) WebAppUtil.getService("throttleManager", request);
			IPBanList iPBanList = throttleManager.getIPBanList();
			iPBanList.deleteBannedIp(ip);
		} catch (Exception e) {
			System.err.println(e.toString());
		}		
	}
	
	private void addBanIp(HttpServletRequest request, String ip){
		try {
			ThrottleManagerIF throttleManager = (ThrottleManagerIF) WebAppUtil.getService("throttleManager", request);
			IPBanList iPBanList = throttleManager.getIPBanList();
			iPBanList.addBannedIp(ip);

			execLinuxIptables(ip);
			logger.warn(request.getRemoteAddr() + " was blocked");

		} catch (Exception e) {
			System.err.println(e.toString());
		}
		
	}
	
	//need running in admin in linux.
	private void execLinuxIptables(String ip){
		try {
			Runtime sys = Runtime.getRuntime();
			//linux iptables , root user running this class
			sys.exec("/usr/bin/sudo -u root /sbin/iptables -A INPUT -s " + ip
					+ " -j DROP");
		} catch (Exception e) {
			
		}
	}

}