Date: Fri, 7 Oct 2011 23:21:42 +0200 From: "Spenst, Aleksej" <Aleksej.Spenst@harman.com> To: Chris Buechler <cbuechler@gmail.com> Cc: "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: AW: How to block HTTP packets going to 0.0.0.0 via proxy Message-ID: <20290C577F743240B5256C89EFA753810D28CDC051@HIKAWSEX01.ad.harman.com> In-Reply-To: <CAOmxWMWYUeTNjOCdjPp-cZJNuRyHJkWXHgWs3FtVbtscE8wq2Q@mail.gmail.com> References: <20290C577F743240B5256C89EFA753810D28E8E174@HIKAWSEX01.ad.harman.com>, <CAOmxWMWYUeTNjOCdjPp-cZJNuRyHJkWXHgWs3FtVbtscE8wq2Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks, Chris! Unfortunately, I don't have access to this proxy and can't configure any ru= les on it. Hmm... then it seems that this is not possible with pf. Regards, Aleks. ________________________________________ Von: Chris Buechler [cbuechler@gmail.com] Gesendet: Freitag, 7. Oktober 2011 17:24 An: Spenst, Aleksej Cc: freebsd-pf@freebsd.org Betreff: Re: How to block HTTP packets going to 0.0.0.0 via proxy On Fri, Oct 7, 2011 at 5:11 PM, Spenst, Aleksej <Aleksej.Spenst@harman.com> wrote: > Hi, > > my browser goes online via proxy. > So, when I type http://0.0.0.0 in my browser I see in wireshark the follo= wing: > > Source Destination Protocol = Info > 172.16.102.100 172.16.2.17 HTTP GET http://0= .0.0.0/ HTTP/1.1 > > That is the http GET request with the 0.0.0.0 IP address is sent to my pr= oxy 172.16.2.17. > I do not want these requests to go to proxy. How can I block such request= s with pf rules? > > I could easily write a rule to block all packets directly going to IP 0.0= .0.0, but in case with proxy, I don't know how to block such requests. > Block them on the proxy. PF can't tell the difference between GET http://0.0.0.0 and GET http://google.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20290C577F743240B5256C89EFA753810D28CDC051>