Exemplo n.º 1
0
        /// <summary>
        /// Initializes a new instance of the <see cref="OpenSim.Framework.Communications.OutboundUrlFilter"/> class.
        /// </summary>
        /// <param name="name">Name of the filter for logging purposes.</param>
        /// <param name="config">Filter configuration</param>
        public OutboundUrlFilter(string name, IConfigSource config)
        {
            Name = name;

            string configBlacklist
                = "0.0.0.0/8|10.0.0.0/8|100.64.0.0/10|127.0.0.0/8|169.254.0.0/16|172.16.0.0/12|192.0.0.0/24|192.0.2.0/24|192.88.99.0/24|192.168.0.0/16|198.18.0.0/15|198.51.100.0/24|203.0.113.0/24|224.0.0.0/4|240.0.0.0/4|255.255.255.255/32";
            string configBlacklistExceptions = "";

            IConfig networkConfig = config.Configs["Network"];

            if (networkConfig != null)
            {
                configBlacklist = networkConfig.GetString("OutboundDisallowForUserScripts", configBlacklist);
                configBlacklistExceptions
                    = networkConfig.GetString("OutboundDisallowForUserScriptsExcept", configBlacklistExceptions);
            }

            m_log.DebugFormat(
                "[OUTBOUND URL FILTER]: OutboundDisallowForUserScripts for {0} is [{1}]", Name, configBlacklist);
            m_log.DebugFormat(
                "[OUTBOUND URL FILTER]: OutboundDisallowForUserScriptsExcept for {0} is [{1}]", Name, configBlacklistExceptions);

            OutboundUrlFilter.ParseConfigList(
                configBlacklist, Name, out m_blacklistNetworks, out m_blacklistEndPoints);
            OutboundUrlFilter.ParseConfigList(
                configBlacklistExceptions, Name, out m_blacklistExceptionNetworks, out m_blacklistExceptionEndPoints);
        }
Exemplo n.º 2
0
        /// <summary>
        /// Checks whether the given url is allowed by the filter.
        /// </summary>
        /// <returns></returns>
        public bool CheckAllowed(Uri url)
        {
            bool allowed = true;

            // Check that we are permitted to make calls to this endpoint.
            bool foundIpv4Address = false;

            IPAddress[] addresses = Dns.GetHostAddresses(url.Host);

            foreach (IPAddress addr in addresses)
            {
                if (addr.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork)
                {
//                    m_log.DebugFormat("[OUTBOUND URL FILTER]: Found address [{0}]", addr);

                    foundIpv4Address = true;

                    // Check blacklist
                    if (OutboundUrlFilter.IsInNetwork(addr, url.Port, m_blacklistNetworks, m_blacklistEndPoints, Name))
                    {
//                        m_log.DebugFormat("[OUTBOUND URL FILTER]: Found [{0}] in blacklist for {1}", url, Name);

                        // Check blacklist exceptions
                        allowed
                            = OutboundUrlFilter.IsInNetwork(
                                  addr, url.Port, m_blacklistExceptionNetworks, m_blacklistExceptionEndPoints, Name);

//                        if (allowed)
//                            m_log.DebugFormat("[OUTBOUND URL FILTER]: Found [{0}] in whitelist for {1}", url, Name);
                    }
                }

                // Found at least one address in a blacklist and not a blacklist exception
                if (!allowed)
                {
                    return(false);
                }
//                else
//                    m_log.DebugFormat("[OUTBOUND URL FILTER]: URL [{0}] not in blacklist for {1}", url, Name);
            }

            // We do not know how to handle IPv6 securely yet.
            if (!foundIpv4Address)
            {
                return(false);
            }

//            m_log.DebugFormat("[OUTBOUND URL FILTER]: Allowing request [{0}]", url);

            return(allowed);
        }
Exemplo n.º 3
0
 public void Initialise(IConfigSource config)
 {
     m_outboundUrlFilter = new OutboundUrlFilter("Script dynamic texture image module", config);
     m_proxyurl = config.Configs["Startup"].GetString("HttpProxy");
     m_proxyexcepts = config.Configs["Startup"].GetString("HttpProxyExceptions");
 }