public void IPInfoConstructorTest()
{
var rule = IPRule.Parse("2886766592,24,0");
var info = new IPInfo(rule);
Assert.AreEqual(info.RequestCount, 0);
Assert.AreEqual(info.IsValidated , false);
}
public override bool Block(string ip, int requestCount, IPInfo info, HttpContext context)
{
context.Response.StatusCode = 429;
context.ApplicationInstance.CompleteRequest();
tracer.Log(
LogType.URL,
LogLevel.INFO,
"Request is blocked", "Blocking rate is " + info.Rule.Rate.ToString(),
new Dictionary<string, string> {{ "SourceIP", ip }});
return true;
}
/// <summary>
/// 尝试获取指定的IP信息
/// </summary>
/// <param name="ip">IP地址</param>
/// <param name="info">包含找到的值,未找到时为null</param>
/// <returns></returns>
public bool TryGetIPInfo(string ip, out IPInfo info)
{
var c = content;
object rule;
if (c.Item1.TryGetRule(ip, out rule))
{
info = c.Item2.GetOrAdd(ip, key => new IPInfo((IPRule)rule));
return true;
}
info = null;
return false;
}
public override bool Block(string ip, int requestCount, IPInfo info, HttpContext context)
{
if (ConfigSettings.ValidateEnabled && !status.IsSuspended)
{
if (!info.IsValidated) //待验证,并发请求时可能会出现重复验证的情况
{
bool result;
if (TryValidate(ip, out result)) //执行验证,验证过程中发生异常时,仍然允许请求通过
{
if (result) //验证成功
{
info.IsValidated = true;
tracer.Log(
LogType.URL,
LogLevel.INFO,
"Request is validated",
"Blocking rate is " + info.Rule.Rate,
new Dictionary<string, string> {{ "SrouceIP", ip }});
}
else //验证失败
{
//跳转至验证页面
if (ConfigSettings.ValidatePageUrl != string.Empty)
{
string targetUrl = string.Concat(ConfigSettings.ValidatePageUrl, "?returnurl=", HttpUtility.UrlEncode(context.Request.Url.GetLeftPart(UriPartial.Authority) + context.Request.RawUrl));
context.Response.Redirect(targetUrl, false);
context.ApplicationInstance.CompleteRequest();
tracer.Log(
LogType.URL,
LogLevel.INFO,
"Request needs to be validated",
"Blocking rate is " + info.Rule.Rate,
new Dictionary<string, string> {{ "SourceIP", ip }});
return true;
}
}
}
}
}
return false;
}
public override bool Block(string ip, int requestCount, IPInfo info, HttpContext context)
{
//以10为周期计算概率,例如,当概率为10%,第1至第9个请求将允许通过,第10个请求将被阻止
var num = requestCount % 10;
if (num == 0 || num > (10 - info.Rule.Rate))
{
context.Response.StatusCode = 429;
context.ApplicationInstance.CompleteRequest();
tracer.Log(
LogType.URL,
LogLevel.INFO,
"Request is blocked",
"Blocking rate is " + info.Rule.Rate,
new Dictionary<string, string> { { "SourceIP", ip } });
return true;
}
return false;
}
public void Block_Test()
{
HttpContext.Current = new HttpContext(wr);
HttpContext.Current.Request.Browser = new TestHttpBrowserCapabilities();
ValidateBlocker validateBlocker = new ValidateBlocker();
var rule = IPRule.Parse("2886766592,24,0");
var info = new IPInfo(rule);
try
{
bool bock = validateBlocker.Block("127.0.0.", 10, info, HttpContext.Current);
}
catch
{ }
}
/// <summary> /// 对满足特定规则的请求进行Block /// </summary> /// <param name="ip">客户端IP</param> /// <param name="requestCount">指定IP在周期内的累计请求数</param> /// <param name="info">IP Block规则与相关信息</param> /// <param name="context">Http上下文</param> /// <returns>Block结果</returns> public abstract bool Block(string ip, int requestCount, IPInfo info, HttpContext context);
public override bool Block(string ip, int requestCount, IPInfo info, System.Web.HttpContext context)
{
return false;
}