Date: Fri, 7 Oct 2011 17:24:41 +0200 From: Chris Buechler <cbuechler@gmail.com> To: "Spenst, Aleksej" <Aleksej.Spenst@harman.com> Cc: "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: Re: How to block HTTP packets going to 0.0.0.0 via proxy Message-ID: <CAOmxWMWYUeTNjOCdjPp-cZJNuRyHJkWXHgWs3FtVbtscE8wq2Q@mail.gmail.com> In-Reply-To: <20290C577F743240B5256C89EFA753810D28E8E174@HIKAWSEX01.ad.harman.com> References: <20290C577F743240B5256C89EFA753810D28E8E174@HIKAWSEX01.ad.harman.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 7, 2011 at 5:11 PM, Spenst, Aleksej <Aleksej.Spenst@harman.com> wrote: > Hi, > > my browser goes online via proxy. > So, when I type http://0.0.0.0 in my browser I see in wireshark the follo= wing: > > =A0 =A0 Source =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 Destination =A0 =A0 = =A0 =A0 =A0Protocol =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0Info > 172.16.102.100 =A0 =A0 =A0 =A0172.16.2.17 =A0 =A0 =A0 =A0 =A0 =A0 HTTP = =A0 =A0 =A0 =A0 =A0 GET http://0.0.0.0/ HTTP/1.1 > > That is the http GET request with the 0.0.0.0 IP address is sent to my pr= oxy 172.16.2.17. > I do not want these requests to go to proxy. How can I block such request= s with pf rules? > > I could easily write a rule to block all packets directly going to IP 0.0= .0.0, but in case with proxy, I don't know how to block such requests. > Block them on the proxy. PF can't tell the difference between GET http://0.0.0.0 and GET http://google.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOmxWMWYUeTNjOCdjPp-cZJNuRyHJkWXHgWs3FtVbtscE8wq2Q>