Apache MINA – Blacklist Filter Explained

Blacklist filter blocks connections from the blacklisted remote Addresses. The filter is very useful, for dropping the connection originating from addresses, not of interest.

Useful API’s

setBlacklist(InetAddress[] addresses) – Sets a list of IP Addresses that needs to be blocked. This API call clears all the previously added Addresses

setSubnetBlacklist(Subnet[] subnets) – Sets a List of Subnets to be blocked. This API call clears all the previously added Addresses

setBlacklist(Iterable<InetAddress> addresses) – Sets a list of IP Addresses that needs to be blocked. This API call clears all the previously added Addresses

setSubnetBlacklist(Iterable<Subnet> subnets) - Sets a List of Subnets to be blocked. This API call clears all the previously added Addresses

block(InetAddress address) - Adds a remote address to the blacklist

block(Subnet subnet) – Adds a Subnet to be blocked

unblock(InetAddress address) – Removes remote address from the blacklist

unblock(Subnet subnet) – Removes a Subnet from the blacklist

Under the Hood

For each of the events, the Filter checks for the remote address, in the blacklisted Address. If found, the session is closed. The isBlocked() API, checks for the remote address in the configured list and returns true if found.

 

Blacklist Filter

Blacklist Filter

How to Use Blacklist Filter

To use a blacklist filter, we need to follow some simple steps listed below

  • Create an instance of Blacklist filter
  • Add IP Addresses/Subnets to be blacklisted
  • Add the Backlist filter to the Filter chain

Code Snippet

The code is fairly straight forward. We create an instance of Blacklist Filter and add the list of Addresses to be blocked. Then we need to add the Filter instance in the Filter chain of our implementation.

Usage Scenario’s

  • Conditionally allow traffic from only selected sources

Think Differently 🙂

  • The default MINA implementation stores the blacklisted Addresses in a List, Custom data structure can be used to speed up search
  • Can extend the Filter’s functionality to allow traffic only from selected sources.

3 thoughts on “Apache MINA – Blacklist Filter Explained

  1. Hi,

    I want to block all the ip’s possible like *.*.*.* using apache-mina and then allow only selctive IP’s.
    Is there a way I can achieve that?

Leave a Reply

Your email address will not be published. Required fields are marked *