/// <summary>
/// Updates an IP address
/// </summary>
/// <param name="ipAddress">IP address</param>
/// <returns>IP address</returns>
public void UpdateBannedIpAddress(BannedIpAddress ipAddress)
{
if (ipAddress == null)
{
throw new ArgumentNullException("ipAddress");
}
ipAddress.Address = CommonHelper.EnsureNotNull(ipAddress.Address);
ipAddress.Address = ipAddress.Address.Trim();
ipAddress.Address = CommonHelper.EnsureMaximumLength(ipAddress.Address, 50);
ipAddress.Comment = CommonHelper.EnsureNotNull(ipAddress.Comment);
ipAddress.Comment = CommonHelper.EnsureMaximumLength(ipAddress.Comment, 500);
if (!_context.IsAttached(ipAddress))
{
_context.BannedIpAddresses.Attach(ipAddress);
}
_context.SaveChanges();
if (this.CacheEnabled)
{
_cacheManager.RemoveByPattern(BLACKLIST_IP_PATTERN_KEY);
}
}
/// <summary>
/// Checks if an IP from the IpAddressCollection or the IpNetworkCollection is banned
/// </summary>
/// <param name="ipAddress">IP address</param>
/// <returns>False or true</returns>
public bool IsIpAddressBanned(BannedIpAddress ipAddress)
{
// Check if the IP is valid
if (!IsValidIp(ipAddress.Address.Trim()))
{
throw new CRMException("The following isn't a valid IP address: " + ipAddress.Address);
}
// Check if the IP is in the banned IP addresses
var ipAddressCollection = GetBannedIpAddressAll();
//if (ipAddressCollection.Contains(ipAddress))
foreach (var ip in ipAddressCollection)
{
if (IsEqual(ipAddress.Address, ip.Address))
{
return(true);
}
}
// Check if the IP is in the banned IP networks
var ipNetworkCollection = GetBannedIpNetworkAll();
foreach (var ipNetwork in ipNetworkCollection)
{
// Get the first and last IPs in the network
string[] rangeItem = ipNetwork.ToString().Split("-".ToCharArray());
// Get the exceptions as a list
var exceptionItem = new List <string>();
exceptionItem.AddRange(ipNetwork.IpException.Split(";".ToCharArray()));
// Check if the IP is an exception
if (exceptionItem.Contains(ipAddress.Address))
{
return(false);
}
// Check if the 1st IP is valid
if (!IsValidIp(rangeItem[0].Trim()))
{
throw new CRMException("The following isn't a valid IP address: " + rangeItem[0]);
}
// Check if the 2nd IP is valid
if (!IsValidIp(rangeItem[1].Trim()))
{
throw new CRMException("The following isn't a valid IP address: " + rangeItem[1]);
}
//Check if the IP is in the given range
if (IsGreaterOrEqual(ipAddress.Address, rangeItem[0].Trim()) &&
IsLessOrEqual(ipAddress.Address, rangeItem[1].Trim()))
{
return(true);
}
}
// Return false otherwise
return(false);
}
/// <summary>
/// Event handler for BeginRequest.
/// </summary>
/// <param name="sender">Sender object instance.</param>
/// <param name="e">Event arguments.</param>
private void Context_BeginRequest(object sender, EventArgs e)
{
try
{
//exit if a request for a .net mapping that isn't a content page is made i.e. axd
if (!CommonHelper.IsContentPageRequested())
{
return;
}
//exit if a request for a .net mapping that isn't a content page is made i.e. axd
if (!CommonHelper.IsContentPageRequested())
{
return;
}
if (HttpContext.Current != null && !HttpContext.Current.Request.Url.IsLoopback)
{
HttpApplication application = sender as HttpApplication;
var clientIp = new BannedIpAddress();
clientIp.Address = application.Request.UserHostAddress;
// On any unexpected error we let visitor to visit website
if (IoC.Resolve <IBlacklistService>().IsIpAddressBanned(clientIp))
{
// Blocking process
// for now just show error 404 - Forbidden
// later let the user know that his ip address/network
// was banned and a reason why... this means we need an error page (aspx)
application.Response.StatusCode = 403;
application.Server.Transfer("~/BannedAddress.htm");
application.Response.StatusDescription = "Access is denied";
application.Response.End();
}
}
}
catch (Exception)
{
}
}
