From fd189a82e89611d5e279339d53c6d9a73307525f Mon Sep 17 00:00:00 2001 From: Mario Fusco Date: Thu, 4 Jan 2024 20:08:57 +0100 Subject: [PATCH] only accept connections from localhost (#98) (cherry picked from commit 79e9d97ad9116010dff448a71ddfb48e86adb5e2) --- .../integration/api/io/RuleExecutorChannel.java | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/drools-ansible-rulebook-integration-api/src/main/java/org/drools/ansible/rulebook/integration/api/io/RuleExecutorChannel.java b/drools-ansible-rulebook-integration-api/src/main/java/org/drools/ansible/rulebook/integration/api/io/RuleExecutorChannel.java index db7bce6a..f67532d0 100644 --- a/drools-ansible-rulebook-integration-api/src/main/java/org/drools/ansible/rulebook/integration/api/io/RuleExecutorChannel.java +++ b/drools-ansible-rulebook-integration-api/src/main/java/org/drools/ansible/rulebook/integration/api/io/RuleExecutorChannel.java @@ -1,17 +1,18 @@ package org.drools.ansible.rulebook.integration.api.io; +import org.drools.ansible.rulebook.integration.api.rulesengine.AsyncExecutor; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + import java.io.DataOutputStream; import java.io.IOException; import java.io.UncheckedIOException; +import java.net.InetAddress; import java.net.ServerSocket; import java.net.Socket; import java.net.StandardSocketOptions; import java.nio.charset.StandardCharsets; -import org.drools.ansible.rulebook.integration.api.rulesengine.AsyncExecutor; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - import static org.drools.ansible.rulebook.integration.api.io.JsonMapper.toJson; public class RuleExecutorChannel { @@ -25,7 +26,8 @@ public class RuleExecutorChannel { public RuleExecutorChannel() { try { - socketChannel = new ServerSocket(0); // 0 means kernel will choose a free port + InetAddress bindAddr = InetAddress.getByName("127.0.0.1"); + socketChannel = new ServerSocket(0, 50, bindAddr); // 0 means kernel will choose a free port socketChannel.setOption(StandardSocketOptions.SO_REUSEADDR, true); } catch (IOException e) { throw new RuntimeException(e);