I am trying to build what I thought would be a very simple layer 7 filter. Turns out, it's not so simple (or I'm just too slow). I am trying to build a filter that will match on any attempt to open a website by IP. For example, I am wanting to match http://10.10.10.10. I have tried matching based on the http header as well as URL. I know I'm missing something simple. For example this works as expected: So does this: This does not: I realize that even if the above regex DID work it would match way more than just an IP, but this is the simplest form of a regex with a very broad scope. Anyone have any ideas?

This appears to work in 5.0rc7, should work in earlier versions, too:

Thanks, fewi! I have tried MANY variations without success. I can't believe I missed this one.