服务端过滤接收客户端连接（客户端IP黑白名单）

HslCommunication_Net35/Enthernet/SimplifyNet/NetSimplifyServer.cs

@@ -7,12 +7,57 @@ using System.Text;
 
 namespace HslCommunication.Enthernet
 {
+    /// <summary>
+    /// IP防护类型
+    /// </summary>
+    public enum IPShieldType
+    {
+        /// <summary>
+        /// 不防护，全部允许
+        /// </summary>
+        None = 0,
+        /// <summary>
+        /// 白名单
+        /// </summary>
+        WhiteList,
+        /// <summary>
+        /// 黑名单
+        /// </summary>
+        BlackList
+    }
 
     /// <summary>
     /// 同步消息处理服务器，主要用来实现接收客户端信息并进行消息反馈的操作
     /// </summary>
     public class NetSimplifyServer : NetworkServerBase
     {
+        #region 客户端连接防护
+        /// <summary>
+        /// 客户端连接防护类型
+        /// </summary>
+        public IPShieldType ClientIPShieldType
+        {
+            get;
+            set;
+        } = IPShieldType.None;
+        /// <summary>
+        /// 白名单
+        /// </summary>
+        public List<string> WhiteList
+        {
+            get;
+            set;
+        }
+        /// <summary>
+        /// 黑名单
+        /// </summary>
+        public List<string> BlackList
+        {
+            get;
+            set;
+        }
+        #endregion
+
         #region Constructor
 
         /// <summary>
@@ -104,6 +149,30 @@ namespace HslCommunication.Enthernet
                 {
                     session.IpEndPoint = (System.Net.IPEndPoint)socket.RemoteEndPoint;
                     session.IpAddress = session.IpEndPoint.Address.ToString( );
+
+                    // IP防护过滤 by cxy 2021-07-26
+                    if (this.ClientIPShieldType == IPShieldType.WhiteList)
+                    {
+                        if (!(this.WhiteList?.Contains(session.IpAddress) ?? false))
+                        {
+                            LogNet?.WriteDebug(ToString(), $"客户端 [ {session.IpEndPoint} ] 不在白名单中");
+                            // 应该关闭网络通信
+                            LogNet?.WriteWarn(ToString(), $"客户端 [ {session.IpEndPoint} ] 不在白名单中");
+                            AppSessionRemoteClose(session);
+                            return;
+                        }
+                    }
+                    else if (this.ClientIPShieldType == IPShieldType.BlackList)
+                    {
+                        if ((this.BlackList?.Contains(session.IpAddress) ?? false))
+                        {
+                            LogNet?.WriteDebug(ToString(), $"客户端 [ {session.IpEndPoint} ] 在黑名单中");
+                            // 应该关闭网络通信
+                            LogNet?.WriteWarn(ToString(), $"客户端 [ {session.IpEndPoint} ] 在黑名单中");
+                            AppSessionRemoteClose(session);
+                            return;
+                        }
+                    }
                 }
                 catch(Exception ex)
                 {

PCLCommunication/ConnSetting.cs

@@ -30,8 +30,8 @@ namespace PCLCommunication
         public static string _sqlitString = null;
         public static string _oracleString = null;
 
-        private static string INI_NAME = "DBSetting.ini";
-        private static string INI_PATH = ApplicationInformation.GetAbsolutePath(INI_NAME);
+        public static string INI_NAME = "DBSetting.ini";
+        public static string INI_PATH = ApplicationInformation.GetAbsolutePath(INI_NAME);
 
         public static string[] PLCServiceSettings = new string[2];
         public static MESInfo MESInfo = null;

PCLCommunication/DBSetting.ini

@@ -18,4 +18,10 @@ UserCode=F80
 Password=
 
 [Procedures]
-ProcedureID=56
+ProcedureID=56
+
+[ClientIPShield]
+#0:none,1:WhiteList,2:BlackList
+ClientIPShieldType=2
+WhiteList=
+BlackList=172.18.130.84,127.0.0.1

PCLCommunication/FrmMelsecA1EAscii.cs

@@ -232,6 +232,25 @@ namespace PCLCommunication
             {
                 simplifyServer = new NetSimplifyServer();
 
+                // IP防护过滤 by cxy 2021-07-26
+                INIUtil ini = INIUtil.IniFile(ConnSetting.INI_PATH);
+                string iptype = ini.Read("ClientIPShield", "ClientIPShieldType");
+                string wl = ini.Read("ClientIPShield", "WhiteList");
+                string bl = ini.Read("ClientIPShield", "BlackList");
+
+                if (iptype == "1")
+                {
+                    simplifyServer.ClientIPShieldType = IPShieldType.WhiteList;
+                    simplifyServer.WhiteList = new List<string>();
+                    simplifyServer.WhiteList.AddRange(wl?.Split(','));
+                }
+                else if (iptype == "2")
+                {
+                    simplifyServer.ClientIPShieldType = IPShieldType.BlackList;
+                    simplifyServer.BlackList = new List<string>();
+                    simplifyServer.BlackList.AddRange(bl?.Split(','));
+                }
+
                 simplifyServer.LogNet = new HslCommunication.LogNet.LogNetSingle(Application.StartupPath + @"\ServerLogs\log.txt");
                 simplifyServer.LogNet.BeforeSaveToFile += LogNet_BeforeSaveToFile;