From owner-freebsd-pf@FreeBSD.ORG Fri Oct 7 21:21:46 2011 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B9CF71065674 for ; Fri, 7 Oct 2011 21:21:46 +0000 (UTC) (envelope-from Aleksej.Spenst@harman.com) Received: from exprod6og105.obsmtp.com (exprod6og105.obsmtp.com [64.18.1.189]) by mx1.freebsd.org (Postfix) with SMTP id 096298FC14 for ; Fri, 7 Oct 2011 21:21:45 +0000 (UTC) Received: from HIKAWSEX02.ad.harman.com ([194.121.90.173]) (using TLSv1) by exprod6ob105.postini.com ([64.18.5.12]) with SMTP; Fri, 07 Oct 2011 14:21:46 PDT Received: from HIKAWSEX01.ad.harman.com ([fe80::f023:31d4:f809:b22e]) by HIKAWSEX02.ad.harman.com ([172.16.1.216]) with mapi; Fri, 7 Oct 2011 23:21:43 +0200 From: "Spenst, Aleksej" To: Chris Buechler Date: Fri, 7 Oct 2011 23:21:42 +0200 Thread-Topic: How to block HTTP packets going to 0.0.0.0 via proxy Thread-Index: AcyFBUn97xzUOMqkShSp44elDuChyAAMO3GV Message-ID: <20290C577F743240B5256C89EFA753810D28CDC051@HIKAWSEX01.ad.harman.com> References: <20290C577F743240B5256C89EFA753810D28E8E174@HIKAWSEX01.ad.harman.com>, In-Reply-To: Accept-Language: de-DE, en-US Content-Language: de-DE X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: de-DE, en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: "freebsd-pf@freebsd.org" Subject: AW: How to block HTTP packets going to 0.0.0.0 via proxy X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Oct 2011 21:21:46 -0000 Thanks, Chris! Unfortunately, I don't have access to this proxy and can't configure any ru= les on it. Hmm... then it seems that this is not possible with pf. Regards, Aleks. ________________________________________ Von: Chris Buechler [cbuechler@gmail.com] Gesendet: Freitag, 7. Oktober 2011 17:24 An: Spenst, Aleksej Cc: freebsd-pf@freebsd.org Betreff: Re: How to block HTTP packets going to 0.0.0.0 via proxy On Fri, Oct 7, 2011 at 5:11 PM, Spenst, Aleksej wrote: > Hi, > > my browser goes online via proxy. > So, when I type http://0.0.0.0 in my browser I see in wireshark the follo= wing: > > Source Destination Protocol = Info > 172.16.102.100 172.16.2.17 HTTP GET http://0= .0.0.0/ HTTP/1.1 > > That is the http GET request with the 0.0.0.0 IP address is sent to my pr= oxy 172.16.2.17. > I do not want these requests to go to proxy. How can I block such request= s with pf rules? > > I could easily write a rule to block all packets directly going to IP 0.0= .0.0, but in case with proxy, I don't know how to block such requests. > Block them on the proxy. PF can't tell the difference between GET http://0.0.0.0 and GET http://google.com