import lombok.extern.slf4j.Slf4j; import java.util.ArrayList; import java.util.HashSet; import java.util.List; import java.util.Set; import java.util.regex.Pattern; /** * @ Author :sunpz * @ Date :Created in 15:20 2019-06-04 * @ Description:ip 对比检查 * 1.设置单个IP的白名单, 2.设置ip通配符,对一个ip段进行匹配 3.设置一个IP范围(*和-不能组合使用,只能有一组 *) * 如: 192.168.**.1 ; 如果 192.168.**.* ,则会匹配错误 * @ Modified By: * @ Version : 1.0 */ @Slf4j public class IpFIlterUtils { /** * IP的正则校验 */ private static final Pattern PATTERN = Pattern.compile("(1\d{1,2}|2[0-4]\d|25[0-5]|\d{1,2})\." + "(1\d{1,2}|2[0-4]\d|25[0-5]|\d{1,2})\." + "(1\d{1,2}|2[0-4]\d|25[0-5]|\d{1,2})\." + "(1\d{1,2}|2[0-4]\d|25[0-5]|\d{1,2})"); /** * 分割符号 */ private static final String SPLICT = ";"; /** * ip 连接范围符号 */ private static final String CONNECT_SYMBOL = "-"; /** * 单个ip分割最大值 */ private static final int MAX_IP_SPLICT = 255; /** * @Auther sunpz * @DateTime 2019-06-04 15:31 * @Description: 根据IP白名单设置获取可用的IP列表 * @Param allowIp * @Return: java.util.Set<java.lang.String> */ private static Set<String> getAvaliIpList(String allowIp) { Set<String> ipList = new HashSet<>(); for (String allow : allowIp.replaceAll("\s", "").split(SPLICT)) { //如果带有 * 需要特殊处理 if (allow.contains("*")) { String[] ips = allow.split("\."); String[] from = new String[] { "0", "0", "0", "0" }; String[] end = new String[] { "255", "255", "255", "255" }; List<String> tem = new ArrayList<>(); for (int i = 0; i < ips.length; i++){ if (ips[i].contains("*")) { tem = complete(ips[i]); from[i] = null; end[i] = null; } else { from[i] = ips[i]; end[i] = ips[i]; } } StringBuilder fromIP = new StringBuilder(); StringBuilder endIP = new StringBuilder(); for (int i = 0; i < 4; i++){ if (from[i] != null) { fromIP.append(from[i]).append("."); endIP.append(end[i]).append("."); } else { fromIP.append("[*]."); endIP.append("[*]."); } } fromIP.deleteCharAt(fromIP.length() - 1); endIP.deleteCharAt(endIP.length() - 1); for (String s : tem) { String ip = fromIP.toString().replace("[*]", s.split(SPLICT)[0]) + CONNECT_SYMBOL + endIP.toString().replace("[*]", s.split(SPLICT)[1]); if (validate(ip)) { ipList.add(ip); } } } else { if (validate(allow)) { ipList.add(allow); } } } return ipList; } /** * @Auther sunpz * @DateTime 2019-06-04 17:13 * @Description: 对单个IP节点进行范围限定 * @Param null * @Return: 回限定后的IP范围,格式为List[10;19, 100;199] */ private static List<String> complete(String arg) { List<String> com = new ArrayList<>(); if (arg.length() == 1) { com.add("0;255"); } else if (arg.length() == 2) { String s1 = complete(arg, 1); if (s1 != null){ com.add(s1); } String s2 = complete(arg, 2); if (s2 != null){ com.add(s2); } } else { String s1 = complete(arg, 1); if (s1 != null){ com.add(s1); } } return com; } /** * @Auther sunpz * @DateTime 2019-06-04 17:13 * @Description: 获取 ip范围 * @Param arg * @Param length * @Return: java.lang.String */ private static String complete(String arg, int length) { String from; String end; if (length == 1) { from = arg.replace("*", "0"); end = arg.replace("*", "9"); } else { from = arg.replace("*", "00"); end = arg.replace("*", "99"); } if (Integer.valueOf(from) > MAX_IP_SPLICT){ return null; } if (Integer.valueOf(end) > MAX_IP_SPLICT){ end = "255"; } return from + SPLICT + end; } /** * @Auther sunpz * @DateTime 2019-06-04 17:13 * @Description: 对ip进行格式校验 * @Param ip * @Return: boolean */ private static boolean validate(String ip) { for (String s : ip.split(CONNECT_SYMBOL)){ if (!PATTERN.matcher(s).matches()) { return false; } } return true; } /** * @Auther sunpz * @DateTime 2019-06-04 15:33 * @Description: 根据IP,及可用Ip列表来判断ip是否包含在白名单之中 * @Param ip * @Param ipList * @Return: boolean: boolean */ private static boolean checkLoginIP(String ip, Set<String> ipList) { log.info("[检查IP] 处理后 : {} ,list {}", ip, ipList); if (ipList.isEmpty() || ipList.contains(ip)){ return true; } //如果含有 "-" 则需要逐段比较 else { for (String allow : ipList) { if (allow.contains(CONNECT_SYMBOL)) { String[] from = allow.split(CONNECT_SYMBOL)[0].split("\."); String[] end = allow.split(CONNECT_SYMBOL)[1].split("\."); String[] tag = ip.split("\."); // 对IP从左到右进行逐段匹配 boolean check = true; for (int i = 0; i < 4; i++) { int s = Integer.valueOf(from[i]); int t = Integer.valueOf(tag[i]); int e = Integer.valueOf(end[i]); if (!(s <= t && t <= e)) { check = false; break; } } if (check) { return true; } } } } return false; } /** * * checkLoginIP:(根据IP地址,及IP白名单设置规则判断IP是否包含在白名单). * @date 2017-4-17 下午03:01:37 * @param ip * @param ipWhiteConfig * @return */ public static boolean checkLoginIP(String ip,String ipWhiteConfig){ log.info("[检查IP] {} ,list {}", ip, ipWhiteConfig); Set<String> ipList = getAvaliIpList(ipWhiteConfig); return checkLoginIP(ip, ipList); } public static void main(String[] args) { // String ipWhilte = "192.168.1.1;" + "192.168.2.*;" + "192.168.3.17-192.168.3.38"; System.out.println(checkLoginIP("192.168.1.3", ipWhilte)); } }
代码部分来自网络,有修改 http://www.itdaan.com/blog/2017/01/23/973ee9c4c156ddcbd1992fc7bd2edb79.html