Block request if host == IP



I would like to block all requests that use any of the ip addresses of the server as host. Is there an easier way than acl is_ip hdr(host) -i -i



Well, any ip addresses than really, right? I suggest you use regular expressions.


Can I just use acl is_ip hdr(host) -i \d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}? Or how does that work?


Yes, just call -m reg and also escape the dot:

acl is_ip hdr(host) -i -m reg \d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}