TsgcWebSocketFirewall › Methods
Public methods grouped by purpose, followed by the full alphabetical list.
| Name | Description |
|---|---|
| IsConnectionAllowed | Core handshake filter. Evaluates every enabled connection-time protection module (bans, whitelist, blacklist, rate limit, GeoIP, custom rules) and returns whether the connection should be accepted. |
| IsMessageAllowed | Core per-message filter. Runs the enabled content-inspection modules (SQL injection, XSS, path traversal, command injection, payload limit, flood protection, custom rules) and returns whether the message should be delivered. |
| IsOriginAllowed | Checks a WebSocket Origin header against WebSocketProtection.AllowedOrigins (with wildcard support) and returns whether it is accepted. |
| IsFrameSizeAllowed | Checks a single WebSocket frame size against WebSocketProtection.MaxFrameSize and returns whether it is within the configured limit. |
| IsSubprotocolAllowed | Checks the requested WebSocket subprotocol name against WebSocketProtection.AllowedSubprotocols and returns whether it is accepted. |
| Name | Description |
|---|---|
| RegisterConnection | Records a new accepted connection for the given IP, incrementing the per-IP counters used by RateLimit and feeding the ThreatScore decay window. |
| UnregisterConnection | Decrements the per-IP connection counter when a previously registered connection closes, freeing capacity for RateLimit. |
| RegisterFailedAttempt | Application-level hook that records a failed authentication attempt from the given IP, feeding the BruteForce tracker and potentially triggering an automatic ban. |
| Name | Description |
|---|---|
| BanIP | Manually bans an IP address for the specified duration, adding it to the active ban list so all subsequent connections from that IP are rejected. |
| UnbanIP | Removes the active ban record for a single IP address so the client can reconnect on its next attempt. |
| IsBanned | Returns True when the given IP address is currently banned, taking into account both manual and automatic bans and their remaining duration. |
| ClearBans | Removes every active ban from the firewall, immediately allowing previously blocked IPs to reconnect (subject to the other firewall checks). |
| ClearTracking | Resets all internal tracking state: per-IP connection counts, brute-force attempt logs, flood-protection message counters and threat scores. |
| SaveBansToFile | Writes the current ban list, including expiry timestamps and escalation levels, to the specified file so it can be restored with LoadBansFromFile. |
| LoadBansFromFile | Restores the active ban list from a file previously written by SaveBansToFile, so bans survive process restarts. |
| SaveBansToStream | Serializes the active ban list into any writable TStream, useful for persistence backends that are not file-based (databases, network sync, encrypted archives). |
| LoadBansFromStream | Reads ban records from any TStream (memory, network, resource) in the same format produced by SaveBansToStream. |
| Name | Description |
|---|---|
| LoadGeoIPDatabase | Loads a MaxMind GeoIP CSV database into memory so subsequent LookupCountry calls and GeoIP country-based filtering can resolve client IPs offline. |
| LookupCountry | Returns the ISO 3166-1 alpha-2 country code for an IP address, using the loaded GeoIP database or the OnResolveCountry event handler. |
| Name | Description |
|---|---|
| ResetThreatScore | Clears the accumulated threat score for a single IP, giving it a clean slate against AutoBanThreshold without affecting other IPs. |
| Name | Description |
|---|---|
| BanIP | Manually bans an IP address for the specified duration, adding it to the active ban list so all subsequent connections from that IP are rejected. |
| ClearBans | Removes every active ban from the firewall, immediately allowing previously blocked IPs to reconnect (subject to the other firewall checks). |
| ClearTracking | Resets all internal tracking state: per-IP connection counts, brute-force attempt logs, flood-protection message counters and threat scores. |
| IsBanned | Returns True when the given IP address is currently banned, taking into account both manual and automatic bans and their remaining duration. |
| IsConnectionAllowed | Core handshake filter. Evaluates every enabled connection-time protection module (bans, whitelist, blacklist, rate limit, GeoIP, custom rules) and returns whether the connection should be accepted. |
| IsFrameSizeAllowed | Checks a single WebSocket frame size against WebSocketProtection.MaxFrameSize and returns whether it is within the configured limit. |
| IsMessageAllowed | Core per-message filter. Runs the enabled content-inspection modules (SQL injection, XSS, path traversal, command injection, payload limit, flood protection, custom rules) and returns whether the message should be delivered. |
| IsOriginAllowed | Checks a WebSocket Origin header against WebSocketProtection.AllowedOrigins (with wildcard support) and returns whether it is accepted. |
| IsSubprotocolAllowed | Checks the requested WebSocket subprotocol name against WebSocketProtection.AllowedSubprotocols and returns whether it is accepted. |
| LoadBansFromFile | Restores the active ban list from a file previously written by SaveBansToFile, so bans survive process restarts. |
| LoadBansFromStream | Reads ban records from any TStream (memory, network, resource) in the same format produced by SaveBansToStream. |
| LoadGeoIPDatabase | Loads a MaxMind GeoIP CSV database into memory so subsequent LookupCountry calls and GeoIP country-based filtering can resolve client IPs offline. |
| LookupCountry | Returns the ISO 3166-1 alpha-2 country code for an IP address, using the loaded GeoIP database or the OnResolveCountry event handler. |
| RegisterConnection | Records a new accepted connection for the given IP, incrementing the per-IP counters used by RateLimit and feeding the ThreatScore decay window. |
| RegisterFailedAttempt | Application-level hook that records a failed authentication attempt from the given IP, feeding the BruteForce tracker and potentially triggering an automatic ban. |
| ResetThreatScore | Clears the accumulated threat score for a single IP, giving it a clean slate against AutoBanThreshold without affecting other IPs. |
| SaveBansToFile | Writes the current ban list, including expiry timestamps and escalation levels, to the specified file so it can be restored with LoadBansFromFile. |
| SaveBansToStream | Serializes the active ban list into any writable TStream, useful for persistence backends that are not file-based (databases, network sync, encrypted archives). |
| UnbanIP | Removes the active ban record for a single IP address so the client can reconnect on its next attempt. |
| UnregisterConnection | Decrements the per-IP connection counter when a previously registered connection closes, freeing capacity for RateLimit. |