def go(self, modify, urlpath, remote_addr): # authenticate by checking if client IP is in the whitelist - normally reqests from non-whitelisted IPs should be blocked by firewall beforehand if not iputil.ip_in_list(remote_addr, rfwconf.whitelist()): log.error('Request from client IP: {} which is not authorized in the whitelist. It should have been blocked by firewall.'.format(remote_addr)) return self.http_resp(403, '') # Forbidden process(self, modify, urlpath)
def go(self, modify, urlpath, remote_addr): # authenticate by checking if client IP is in the whitelist - normally reqests from non-whitelisted IPs should be blocked by firewall beforehand if not iputil.ip_in_list(remote_addr, rfwconf.whitelist()): log.error( 'Request from client IP: {} which is not authorized in the whitelist. It should have been blocked by firewall.' .format(remote_addr)) return self.http_resp(403, '') # Forbidden process(self, modify, urlpath)
def test_ip_in_list(self): self.assertEqual(iputil.ip_in_list('1.2.0.0/16', ['1.2.3.4']), True)
def check_whitelist_conflict(ip, whitelist): if ip != '0.0.0.0/0' and iputil.ip_in_list(ip, whitelist): msg = 'Ignoring the request conflicting with the whitelist' log.warn(msg) raise Exception(msg)