From 8cb980a9b9de6114a98c68f0ca37fb28f8441310 Mon Sep 17 00:00:00 2001
From: Daniel Lysfjord <lysfjord.daniel@smokepit.net>
Date: Fri, 21 Mar 2025 23:37:43 +0100
Subject: [PATCH] Add error code 400, as that seems to be a non-good one, also
 on http

---
 lib/haproxy_parser.pm | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/lib/haproxy_parser.pm b/lib/haproxy_parser.pm
index 9734007..69b4562 100644
--- a/lib/haproxy_parser.pm
+++ b/lib/haproxy_parser.pm
@@ -22,16 +22,19 @@ sub parser {
 			m/(\ ($re_host):[0-9]{1,6})/gcix && do {
 				$host	= $2;
 			};
-	} elsif($string =~ m/https\~ https\/\<NOSRV\>/) {
-		if($string =~ m/-1\/-1\/-1\/-1\/[0-9]{1,20} 0 0/) {
-			#This one seems like someone is doing something bad. Return code 0
+	} elsif($string =~ m/http(s\~|) http(s|)\/\<NOSRV\>/) {
+		if($string =~ m/-1\/-1\/-1\/-1\/[0-9]{1,20} (400|0) 0/) {
+			#This one seems like someone is doing something bad. Return code 400/0
 			$_		= $string;
 			$hostile	= 1;
-			$reply		= 'Bad request, return code 0';
+			$reply		= 'Bad request, return code 400/0';
 			PARSE:
 				m/(\ ($re_host):[0-9]{1,6})/gcix && do {
 					$host	= $2;
 				};
+		} else {
+			#Other requests of this type seems to be ... not too bad
+			$reply		= 'Not routed, but probs only random error codes'
 		}
 	} elsif($string =~ m/https\~ /) {
 		#Accepted as https, probably fine..