Hi,
We have a bunch of (badly configured) machines that are continually trying to do HTTP Connects to a hostname that isn't valid on the internet (something like ec2amaz-h4wk4eu). This is just filling up our global error log with NXNAME failures and presumably tying up sockets on the Wingate server while the connection waits for the DNS timeout so that Wingate can send the client a 504 timeout.
When I try to add a manual classifier with 'ec2amaz-h4wk4eu' as the site name and add it to our 'banned' category Wingate never seems to match/deny these requests. I've tried pattern match with *ec2amaz-h4wk4eu* or adding a '.' to the end (ec2amaz-h4wk4eu.) but still nothing.
Any help on how we can just short circuit the processing of these requests until our developers work out how to stop the process continually make these requests.
Daniel