def go(self, modify, urlpath, remote_addr):
# authenticate by checking if client IP is in the whitelist - normally reqests from non-whitelisted IPs should be blocked by firewall beforehand
if not iputil.ip_in_list(remote_addr, rfwconf.whitelist()):
log.error('Request from client IP: {} which is not authorized in the whitelist. It should have been blocked by firewall.'.format(remote_addr))
return self.http_resp(403, '') # Forbidden
process(self, modify, urlpath)
def go(self, modify, urlpath, remote_addr):
# authenticate by checking if client IP is in the whitelist - normally reqests from non-whitelisted IPs should be blocked by firewall beforehand
if not iputil.ip_in_list(remote_addr, rfwconf.whitelist()):
log.error(
'Request from client IP: {} which is not authorized in the whitelist. It should have been blocked by firewall.'
.format(remote_addr))
return self.http_resp(403, '') # Forbidden
process(self, modify, urlpath)
def test_ip_in_list(self):
self.assertEqual(iputil.ip_in_list('1.2.0.0/16', ['1.2.3.4']), True)
def check_whitelist_conflict(ip, whitelist):
if ip != '0.0.0.0/0' and iputil.ip_in_list(ip, whitelist):
msg = 'Ignoring the request conflicting with the whitelist'
log.warn(msg)
raise Exception(msg)
def test_ip_in_list(self):
self.assertEqual(iputil.ip_in_list('1.2.0.0/16', ['1.2.3.4']), True)
def check_whitelist_conflict(ip, whitelist):
if ip != '0.0.0.0/0' and iputil.ip_in_list(ip, whitelist):
msg = 'Ignoring the request conflicting with the whitelist'
log.warn(msg)
raise Exception(msg)
