how to allow read/write socket only from localhost?

Discussion in 'Java' started by Frank Fredstone, Aug 11, 2006.

  1. I want to close a socket if the other side is not on the local
    machine, how can I do that?

    InetAddress.getHostname() is not "localhost" sometimes, if the client
    connects to "localhost". For example, sometimes getHostname() returns
    "127.0.0.1".

    InetAddres.getHostAddress() could be various things...

    Would this work reliably:

    String remoteHost = remote.getHostName();
    InetAddress[] ias = InetAddress.getAllByName(remoteHost);
    boolean localhost = false;
    for (int i = 0; i < ias.length; ++i) {
    InetAddress ia = ias;
    if ("localhost".equals(ia.getHostname()) {
    localhost = true;
    }
    }
    Frank Fredstone, Aug 11, 2006
    #1
    1. Advertising

  2. Frank Fredstone

    Guest

    InetAddress clientAddr = socket.getInetAddress();
    clientAddr.isLoopbackAddress()
    , Aug 11, 2006
    #2
    1. Advertising

  3. On Thu, 10 Aug 2006 16:17:23 -0700, Frank Fredstone wrote:
    > I want to close a socket if the other side is not on the local
    > machine, how can I do that?
    >
    > InetAddress.getHostname() is not "localhost" sometimes, if the
    > client connects to "localhost". For example, sometimes getHostname()
    > returns "127.0.0.1".


    If it's a server doing this, then it's easier to simply prevent
    non-local clients from connecting in the first place.

    Just specify the localhost address when you create the ServerSocket.
    Connection attempts on other interfaces will be refused by the
    operating system, so you never have to deal with them in your
    application.

    /gordon

    --
    [ don't email me support questions or followups ]
    g o r d o n + n e w s @ b a l d e r 1 3 . s e
    Gordon Beaton, Aug 11, 2006
    #3
  4. Hi there.

    I would suggest you to delegate the test to a method, and throw an
    exception if is the case.



    if (!isLocalHost())
    throw new NotLocalHostException();


    protected boolean isLocalHost() {
    boolean isLocal = false;
    //whatever tests you can do in order to be sure that it is localhost

    return isLocal;
    }

    OK?
    Hope I Helped,
    - InĂ¡cio Ferrarini

    Frank Fredstone wrote:
    > I want to close a socket if the other side is not on the local
    > machine, how can I do that?
    >
    > InetAddress.getHostname() is not "localhost" sometimes, if the client
    > connects to "localhost". For example, sometimes getHostname() returns
    > "127.0.0.1".
    >
    > InetAddres.getHostAddress() could be various things...
    >
    > Would this work reliably:
    >
    > String remoteHost = remote.getHostName();
    > InetAddress[] ias = InetAddress.getAllByName(remoteHost);
    > boolean localhost = false;
    > for (int i = 0; i < ias.length; ++i) {
    > InetAddress ia = ias;
    > if ("localhost".equals(ia.getHostname()) {
    > localhost = true;
    > }
    > }
    =?iso-8859-1?q?In=E1cio_Ferrarini?=, Aug 11, 2006
    #4
  5. Gordon Beaton <> writes:

    > On Thu, 10 Aug 2006 16:17:23 -0700, Frank Fredstone wrote:
    >> I want to close a socket if the other side is not on the local
    >> machine, how can I do that?
    >>
    >> InetAddress.getHostname() is not "localhost" sometimes, if the
    >> client connects to "localhost". For example, sometimes getHostname()
    >> returns "127.0.0.1".

    >
    > If it's a server doing this, then it's easier to simply prevent
    > non-local clients from connecting in the first place.
    >
    > Just specify the localhost address when you create the ServerSocket.
    > Connection attempts on other interfaces will be refused by the
    > operating system, so you never have to deal with them in your
    > application.


    Thank you! It appears to do what you say, but I don't understand the
    javadoc:

    "The bindAddr argument can be used on a multi-homed host for a
    ServerSocket that will only accept connect requests to one of its
    addresses."

    Is that saying the client must have a local address that is the same
    as was given to the ServerSocket constructor on the server?
    Frank Fredstone, Aug 11, 2006
    #5
  6. On Fri, 11 Aug 2006 09:15:46 -0700, Frank Fredstone wrote:
    > Thank you! It appears to do what you say, but I don't understand the
    > javadoc:
    >
    > "The bindAddr argument can be used on a multi-homed host for a
    > ServerSocket that will only accept connect requests to one of its
    > addresses."
    >
    > Is that saying the client must have a local address that is the same
    > as was given to the ServerSocket constructor on the server?


    The bind address specifies which of the server's interfaces the
    connection must arrive on, not which address the client must have.
    It's the address the client needs to *specify* in order to connect.

    If you don't specify a bind address when you create the ServerSocket,
    it "binds" to the wildcard address and consequently accepts
    connections arriving on any of the host's (potentially multiple)
    interfaces.

    Note that after binding to 127.0.0.1, local clients can only connect
    to 127.0.0.1 and will fail when they attempt to connect using the
    "real" address of the host (even though they are connecting locally).

    /gordon

    --
    [ don't email me support questions or followups ]
    g o r d o n + n e w s @ b a l d e r 1 3 . s e
    Gordon Beaton, Aug 11, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jiong Feng
    Replies:
    0
    Views:
    794
    Jiong Feng
    Nov 19, 2003
  2. Alex
    Replies:
    4
    Views:
    553
    Hasani Blackwell
    Feb 8, 2005
  3. Ryan Parmeter
    Replies:
    4
    Views:
    235
    Douglas Wells
    Sep 5, 2007
  4. koicat
    Replies:
    0
    Views:
    212
    koicat
    Jul 2, 2010
  5. Replies:
    19
    Views:
    1,248
    Nigel Wade
    Mar 15, 2012
Loading...

Share This Page