tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 51953] Proposal: netmask filtering valve and filter
Date Tue, 04 Oct 2011 21:05:25 GMT

--- Comment #6 from Francis Galiegue <> 2011-10-04 21:05:25 UTC ---
(In reply to comment #5)
> I might make this filter/valve a bit more generic: there's no reason to go
> through all the trouble of doing an InetAddress lookup, creating a BigInteger,
> shifting it, and then comparing it if there is no CIDR spec in the IP specified
> by the configuration.

Well, the remote host is always an IP address in string form, so there is no
lookup performed  at all. When supplied with an IP address in string form,
InetAddress.getByName() only validates the validity of the IP address (whether
it be IPv4 and IPv6).

Also, the current implementation also does simple IP matching, since if there
is no CIDR the right shift is 0, thus an exact match is required.

More to the point, I don't see how I could make this generic? It would mean
dispatching at some point, but how?

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message