NetTalk Central
NetTalk Web Server => Web Server - Ask For Help => Topic started by: RayA on May 08, 2012, 10:11:30 PM
-
Bruce,
What is the best way to implement a IP blacklist on the NetWebServer. Any Ideas?
Ray Abadie
Lafayette, La.
U.S.A.
-
Hi Ray,
Ideally of course you would block the IP address "up-stream" because blocking it in the server doesn't help with DOS or DDOS attacks. On the other hand, it can be tricky to block it up-stream, so you can do it in the server as well.
Note that this is in the WebServer procedure, so if you were running in the Multi-Host, you would need to add this in the Multi-Host program.
This goes into the ThisWebServer.Process method;
case self.Packet.PacketType
of NET:SimpleNewConnection
if blacklisted(self.packet.fromip)
self._wait()
self.closeServerConnection(self.packet.OnSocket,self.packet.SockID)
self._release()
end
End
I would also caution that this will get called for _every_ incoming connection - ie potentially thousands and thousands of calls per day, so your Blacklisted function had pretty be _fast_. Definitely a memory-lookup, don't go reading a disk file at this point.
cheers
Bruce
-
Hi Bruce,
when you say "upstream" is that on the firewall?
Cheers,
Kev
-
I am assuming that blacklisted is the list of IP's and if so what is the best way to make this list. Plait txt, Asci, Dos, or would a in memory tps file thats loaded on server start up work faster..
Ray ....................
-
Hi Ray,
I'd (personally) use an XML file (on disk) which is loaded into an In-Memory table on startup (a one liner with xFiles.)
That makes it easy to edit, but also fast.
cheers
Bruce
PS - Kevin - yes "upstream" would be the firefall or router - preferably not on the same machine. But this can be tricky depending on how much control you have over the infrastructure.
-
Thanks Bruce,
I appreciate your help and your suggestions.