I'm trying to setup a list of IP addresses that are to be blocked. Known malicious sites etc … stuff not blocked by Lumen. I can add the IP address in the IP Blackhole list, but that only works if the user specifies http://ipaddress/somefolder/somefile in the URL. This doesn't stop an IP that hosts 200+ webpages. After reading on here, I decided to go the route of WWW Proxy Service Request event policy. My initial tests were not being blocked so I setup an email event and had it email me these events just so I could see what was being compared.
{{Session.ServerIp}}
{{Request.Server}}
{{Session.InterceptedDestIp}}
This was the response that I received.
255.255.255.255
http://www.bing.com
255.255.255.255
At first glance, it looks like it's not working as intended … surely I am missing something?