protected virtual IPAddress GetClientIP(HttpContext context, bool filterPrivateIP = false) { var httpConnectionFeature = context.Features.Get <IHttpConnectionFeature>(); if (httpConnectionFeature == null) { return(IPAddress.Loopback); } var ipAddress = httpConnectionFeature.RemoteIpAddress ?? IPAddress.Loopback; if (context.Request.Headers.TryGetValue("X-Forwarded-For", out StringValues xForwardedFor)) { if (!StringValues.IsNullOrEmpty(xForwardedFor)) { var forwardingIps = xForwardedFor.ToString().Split(',').Select(s => { return(IPAddress.TryParse(s, out var ipd) ? ipd : IPAddress.Loopback); }).ToList(); if (filterPrivateIP) { forwardingIps = forwardingIps.Where(s => s != null && !IPHelper.IsPrivateIpAddress(s)).ToList(); } if (forwardingIps.Any()) { return(forwardingIps.First()); } return(ipAddress); } } return(ipAddress); }
public Task <bool> IsWhitelisted(RequestContext requestContext) { if (_throttlePolicy?.IpWhitelist?.Count > 0) { var ipAddress = requestContext.RequestIP; if (_throttlePolicy.EnableIP) { if (_throttlePolicy.IpWhitelist != null && _throttlePolicy.IpWhitelist.Any(white => { IPHelper.GetRange(white, out IPAddress begin, out IPAddress end); if (ipAddress.AddressFamily != begin.AddressFamily) { return(false); } var adrBytes = ipAddress.GetAddressBytes(); return(Bits.GE(begin.GetAddressBytes(), adrBytes) && Bits.LE(end.GetAddressBytes(), adrBytes)); })) { return(True); } } if (_throttlePolicy.EnableRequestPath) { var requestPath = requestContext.Request.Path; if (_throttlePolicy.RequestPathWhitelist != null && _throttlePolicy.RequestPathWhitelist.Any(white => { return(requestPath.Value?.IndexOf(white, 0, StringComparison.OrdinalIgnoreCase) != -1); })) { return(True); } } if (_throttlePolicy.EnableUserAgent) { var userAgent = requestContext.Request.Headers["User-Agent"]; //禁止无效的User-Agent访问 if (userAgent.Count == 0) { return(True); } if (_throttlePolicy.UserAgentWhitelist != null && _throttlePolicy.UserAgentWhitelist.Any(white => { return(userAgent.ToString().IndexOf(white, 0, StringComparison.OrdinalIgnoreCase) != -1); })) { return(True); } } } return(False); }
private IEnumerable <RateQuota> FetchRateQuota(RequestContext requestContext) { // ip rate limit if (_throttlePolicy.IPRules?.Count > 0) { var ipAddress = requestContext.RequestIP; foreach (var entry in _throttlePolicy.IPRules) { IPHelper.GetRange(entry.Key, out IPAddress begin, out IPAddress end); if (ipAddress.AddressFamily == begin.AddressFamily) { var adrBytes = ipAddress.GetAddressBytes(); if (Bits.GE(begin.GetAddressBytes(), adrBytes) && Bits.LE(end.GetAddressBytes(), adrBytes)) { yield return(entry.Value); } } } } // UserAgent rate limit if (_throttlePolicy.UserAgentRules?.Count > 0) { var userAgent = requestContext.Request.Headers["User-Agent"]; if (userAgent.Count > 0) { foreach (var entry in _throttlePolicy.UserAgentRules) { if (userAgent.ToString().IndexOf(entry.Key, 0, StringComparison.OrdinalIgnoreCase) != -1) { yield return(entry.Value); } } } } // RequestPath rate limit if (_throttlePolicy.RequestPathRules?.Count > 0) { var requestPath = requestContext.Request.Path; foreach (var entry in _throttlePolicy.RequestPathRules) { if (requestPath.Value?.IndexOf(entry.Key, 0, StringComparison.OrdinalIgnoreCase) != -1) { yield return(entry.Value); } } } }