Block request if host == IP


#1

Hi,

I would like to block all requests that use any of the ip addresses of the server as host. Is there an easier way than acl is_ip hdr(host) -i 1.2.3.4 -i 4.3.2.1?

Greetings


#2

Well, any ip addresses than really, right? I suggest you use regular expressions.


#3

Can I just use acl is_ip hdr(host) -i \d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}? Or how does that work?


#4

Yes, just call -m reg and also escape the dot:

acl is_ip hdr(host) -i -m reg \d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}