Examples with IpSubnet org.graylog2.utilities.IpSubnet used on opensource projects

Example 1 with IpSubnet

use of org.graylog2.utilities.IpSubnet in project graylog2-server by Graylog2.

the class CidrMatch method evaluate.

@Override
public Boolean evaluate(FunctionArgs args, EvaluationContext context) {
    final IpSubnet cidr = cidrParam.required(args, context);
    final IpAddress ipAddress = ipParam.required(args, context);
    if (cidr == null || ipAddress == null) {
        return null;
    }
    return cidr.contains(ipAddress.inetAddress());
}

Example 2 with IpSubnet

use of org.graylog2.utilities.IpSubnet in project graylog2-server by Graylog2.

the class RestTools method getRemoteAddrFromRequest.

/**
 * If X-Forwarded-For request header is set, and the request came from a trusted source,
 * return the value of X-Forwarded-For. Otherwise return {@link Request#getRemoteAddr()}.
 */
public static String getRemoteAddrFromRequest(Request request, Set<IpSubnet> trustedSubnets) {
    final String remoteAddr = request.getRemoteAddr();
    final String XForwardedFor = request.getHeader("X-Forwarded-For");
    if (XForwardedFor != null) {
        for (IpSubnet s : trustedSubnets) {
            try {
                if (s.contains(remoteAddr)) {
                    // Request came from trusted source, trust X-Forwarded-For and return it
                    return XForwardedFor;
                }
            } catch (UnknownHostException e) {
            // ignore silently, probably not worth logging
            }
        }
    }
    // Request did not come from a trusted source, or the X-Forwarded-For header was not set
    return remoteAddr;
}

Example 3 with IpSubnet

use of org.graylog2.utilities.IpSubnet in project graylog2-server by Graylog2.

the class RestToolsTest method getRemoteAddrFromRequestWorksWithIPv6IfSubnetsContainsOnlyIPv4.

@Test
public void getRemoteAddrFromRequestWorksWithIPv6IfSubnetsContainsOnlyIPv4() throws Exception {
    final Request request = mock(Request.class);
    when(request.getRemoteAddr()).thenReturn("2001:DB8::42");
    when(request.getHeader("X-Forwarded-For")).thenReturn("2001:DB8::1");
    final String s = RestTools.getRemoteAddrFromRequest(request, Collections.singleton(new IpSubnet("127.0.0.1/32")));
    assertThat(s).isEqualTo("2001:DB8::42");
}

Example 4 with IpSubnet

use of org.graylog2.utilities.IpSubnet in project graylog2-server by Graylog2.

the class RestToolsTest method getRemoteAddrFromRequestReturnsHeaderContentWithXForwardedForHeaderFromTrustedNetwork.

@Test
public void getRemoteAddrFromRequestReturnsHeaderContentWithXForwardedForHeaderFromTrustedNetwork() throws Exception {
    final Request request = mock(Request.class);
    when(request.getRemoteAddr()).thenReturn("127.0.0.1");
    when(request.getHeader("X-Forwarded-For")).thenReturn("192.168.100.42");
    final String s = RestTools.getRemoteAddrFromRequest(request, Collections.singleton(new IpSubnet("127.0.0.0/8")));
    assertThat(s).isEqualTo("192.168.100.42");
}

Example 5 with IpSubnet

use of org.graylog2.utilities.IpSubnet in project graylog2-server by Graylog2.

the class RestToolsTest method getRemoteAddrFromRequestReturnsClientAddressWithXForwardedForHeaderFromUntrustedNetwork.

@Test
public void getRemoteAddrFromRequestReturnsClientAddressWithXForwardedForHeaderFromUntrustedNetwork() throws Exception {
    final Request request = mock(Request.class);
    when(request.getRemoteAddr()).thenReturn("192.168.0.1");
    when(request.getHeader("X-Forwarded-For")).thenReturn("192.168.100.42");
    final String s = RestTools.getRemoteAddrFromRequest(request, Collections.singleton(new IpSubnet("127.0.0.0/8")));
    assertThat(s).isEqualTo("192.168.0.1");
}