Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

stopping port flood via server sockets  RSS feed

 
Ignas Sliuzas
Greenhorn
Posts: 13
Firefox Browser Java Notepad
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi guys, I've stumbled across one problem which is quite frustrating for me since I don't know much about it. The idea is this: I have a user flooding one of my ports with connections. As far as I know there isn't much things stopping Server Socket from accepting all of those connections. So what I need is pretty clear, to somehow stop user from flooding my ports. I think I need to modify my firewall or maybe set up some sort of a new firewall to keep users from flooding me. Is there a way to do that in java?
 
Mike Pukuotukas
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If your system is Linux based, you can easily block unwanted IP address from the command line (as root) with IPTables.

iptables -I INPUT -s 111.111.111.111 -j DROP

(use the the IP address you do not like instead of 1's).

It is not exactly Java based but works fine with Tomcat and you can also apply this method for your custom server sockets.

For Tomcat or Glassfish, it is also possible to define filter in web.xml. Filter is written in Java and can have complex logic, as counting the number of allowed requests per minute or traffic in Mb, taking the user rank into consideration or blocking automatically for the given period. It has access to many details of request and can either pass the request to the real servlet or force to return the error.

The tutorial on how to write and deploy the filters can be found here. However while filters are nice, I am not sure if they work before the connection has already been opened.
 
Ignas Sliuzas
Greenhorn
Posts: 13
Firefox Browser Java Notepad
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
this is a bit outdated and I didn't even formulate my problem right, anyway dekui

I have already found a solution to this problem
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!