-
Notifications
You must be signed in to change notification settings - Fork 0
/
WAFServer.java
120 lines (101 loc) · 4.37 KB
/
WAFServer.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
import java.io.*;
import java.net.ServerSocket;
import java.net.Socket;
import java.util.*;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicInteger;
public class WAFServer {
private static final int PORT = 80;
private static final List<String> BLOCKED_PATTERNS = new ArrayList<>();
private static final Set<String> BLACKLISTED_IPS = new HashSet<>();
private static final Map<String, AtomicInteger> REQUEST_COUNT = new ConcurrentHashMap<>();
private static final int MAX_REQUESTS_PER_SECOND = 10;
public static void main(String[] args) {
// Add your security rules (patterns) to the list
BLOCKED_PATTERNS.add("<script>"); // Basic XSS check
BLOCKED_PATTERNS.add("DROP TABLE"); // Basic SQL injection check
try (ServerSocket serverSocket = new ServerSocket(PORT)) {
System.out.println("WAF Server listening on port " + PORT);
while (true) {
Socket clientSocket = serverSocket.accept();
System.out.println("Client connected: " + clientSocket.getInetAddress());
// Check for blacklisted IP
if (BLACKLISTED_IPS.contains(clientSocket.getInetAddress().getHostAddress())) {
System.out.println("IP blacklisted. Rejecting connection.");
clientSocket.close();
continue;
}
// Rate limiting
String clientAddress = clientSocket.getInetAddress().getHostAddress();
AtomicInteger count = REQUEST_COUNT.computeIfAbsent(clientAddress, k -> new AtomicInteger(0));
if (count.incrementAndGet() > MAX_REQUESTS_PER_SECOND) {
System.out.println("Rate limit exceeded. Rejecting connection.");
BLACKLISTED_IPS.add(clientAddress); // Add to blacklist
clientSocket.close();
continue;
}
// Handle request in a separate thread
new Thread(new WAFRequestHandler(clientSocket)).start();
}
} catch (IOException e) {
e.printStackTrace();
}
}
public static List<String> getBlockedPatterns() {
return BLOCKED_PATTERNS;
}
public static Set<String> getBlacklistedIps() {
return BLACKLISTED_IPS;
}
}
class WAFRequestHandler implements Runnable {
private final Socket clientSocket;
public WAFRequestHandler(Socket clientSocket) {
this.clientSocket = clientSocket;
}
@Override
public void run() {
try {
handleRequest(clientSocket);
} catch (IOException e) {
e.printStackTrace();
}
}
private void handleRequest(Socket clientSocket) throws IOException {
BufferedReader reader = new BufferedReader(new InputStreamReader(clientSocket.getInputStream()));
OutputStream outputStream = clientSocket.getOutputStream();
StringBuilder requestBuilder = new StringBuilder();
String line;
while ((line = reader.readLine()) != null && !line.isEmpty()) {
requestBuilder.append(line).append("\r\n");
}
String request = requestBuilder.toString();
System.out.println("Request: " + request);
// Check for blocked patterns
if (containsBlockedPattern(request)) {
// Add the IP to the blacklist
String clientAddress = clientSocket.getInetAddress().getHostAddress();
WAFServer.getBlacklistedIps().add(clientAddress);
// If a blocked pattern is found, send a forbidden response
String forbiddenResponse = "HTTP/1.1 403 Forbidden\r\n\r\nBlocked by WAF";
outputStream.write(forbiddenResponse.getBytes());
} else {
// Otherwise, process the request and send a normal response
String okResponse = "HTTP/1.1 200 OK\r\n\r\n";
outputStream.write(okResponse.getBytes());
}
outputStream.flush();
reader.close();
outputStream.close();
clientSocket.close();
}
private boolean containsBlockedPattern(String request) {
List<String> blockedPatterns = WAFServer.getBlockedPatterns();
for (String pattern : blockedPatterns) {
if (request.contains(pattern)) {
return true;
}
}
return false;
}
}