how to allow read/write socket only from localhost?

F

Frank Fredstone

I want to close a socket if the other side is not on the local
machine, how can I do that?

InetAddress.getHostname() is not "localhost" sometimes, if the client
connects to "localhost". For example, sometimes getHostname() returns
"127.0.0.1".

InetAddres.getHostAddress() could be various things...

Would this work reliably:

String remoteHost = remote.getHostName();
InetAddress[] ias = InetAddress.getAllByName(remoteHost);
boolean localhost = false;
for (int i = 0; i < ias.length; ++i) {
InetAddress ia = ias;
if ("localhost".equals(ia.getHostname()) {
localhost = true;
}
}
 
C

christian.bongiorno

InetAddress clientAddr = socket.getInetAddress();
clientAddr.isLoopbackAddress()
 
G

Gordon Beaton

I want to close a socket if the other side is not on the local
machine, how can I do that?

InetAddress.getHostname() is not "localhost" sometimes, if the
client connects to "localhost". For example, sometimes getHostname()
returns "127.0.0.1".

If it's a server doing this, then it's easier to simply prevent
non-local clients from connecting in the first place.

Just specify the localhost address when you create the ServerSocket.
Connection attempts on other interfaces will be refused by the
operating system, so you never have to deal with them in your
application.

/gordon
 
?

=?iso-8859-1?q?In=E1cio_Ferrarini?=

Hi there.

I would suggest you to delegate the test to a method, and throw an
exception if is the case.



if (!isLocalHost())
throw new NotLocalHostException();


protected boolean isLocalHost() {
boolean isLocal = false;
//whatever tests you can do in order to be sure that it is localhost

return isLocal;
}

OK?
Hope I Helped,
- Inácio Ferrarini
 
F

Frank Fredstone

Gordon Beaton said:
If it's a server doing this, then it's easier to simply prevent
non-local clients from connecting in the first place.

Just specify the localhost address when you create the ServerSocket.
Connection attempts on other interfaces will be refused by the
operating system, so you never have to deal with them in your
application.

Thank you! It appears to do what you say, but I don't understand the
javadoc:

"The bindAddr argument can be used on a multi-homed host for a
ServerSocket that will only accept connect requests to one of its
addresses."

Is that saying the client must have a local address that is the same
as was given to the ServerSocket constructor on the server?
 
G

Gordon Beaton

Thank you! It appears to do what you say, but I don't understand the
javadoc:

"The bindAddr argument can be used on a multi-homed host for a
ServerSocket that will only accept connect requests to one of its
addresses."

Is that saying the client must have a local address that is the same
as was given to the ServerSocket constructor on the server?

The bind address specifies which of the server's interfaces the
connection must arrive on, not which address the client must have.
It's the address the client needs to *specify* in order to connect.

If you don't specify a bind address when you create the ServerSocket,
it "binds" to the wildcard address and consequently accepts
connections arriving on any of the host's (potentially multiple)
interfaces.

Note that after binding to 127.0.0.1, local clients can only connect
to 127.0.0.1 and will fail when they attempt to connect using the
"real" address of the host (even though they are connecting locally).

/gordon
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,743
Messages
2,569,478
Members
44,899
Latest member
RodneyMcAu

Latest Threads

Top