docs: update ignore domains tutorial

docs/src/content/howto-ignoredomains.md

@@ -44,7 +44,7 @@ There are two important quirks to consider:
   information before the SSL handshake. If the client uses SNI however, then we
   treat the SNI host as an ignore target.
 - **In regular and upstream proxy mode, explicit HTTP requests are never
-  ignored.**\[1\] The ignore pattern is applied on CONNECT requests, which
+  ignored.**[^1] The ignore pattern is applied on CONNECT requests, which
   initiate HTTPS or clear-text WebSocket connections.
 
 ## Tutorial
@@ -52,21 +52,23 @@ There are two important quirks to consider:
 If you just want to ignore one specific domain, there's usually a bulletproof
 method to do so:
 
-1. Run mitmproxy or mitmdump in verbose mode (`-v`) and observe the `host:port`
-    information in the serverconnect messages. mitmproxy will filter on these.
+1. Run mitmproxy or mitmdump and observe the `host:port`
+   information following the `server connect` messages in the event log.
+   mitmproxy will filter on these.
 2. Take the `host:port` string, surround it with ^ and $, escape all dots (.
     becomes \\.) and use this as your ignore pattern:
 
 ```
->>> mitmdump -v
-127.0.0.1:50588: clientconnect
-127.0.0.1:50588: request
-  -> CONNECT example.com:443 HTTP/1.1
-127.0.0.1:50588: Set new server address: example.com:443
-127.0.0.1:50588: serverconnect
-  -> example.com:443
+>>> mitmdump
+Proxy server listening at http://*:8080
+127.0.0.1:57089: client connect
+127.0.0.1:57089: server connect example.com:443 (93.184.216.34:443)
+127.0.0.1:57089: GET https://example.com/ HTTP/2.0
+     << HTTP/2.0 200 OK 1.23k
+127.0.0.1:57089: client disconnect
+127.0.0.1:57089: server disconnect example.com:443 (93.184.216.34:443)
 ^C
->>> mitmproxy --ignore-hosts ^example\.com:443$
+>>> mitmproxy --ignore-hosts '^example\.com:443$'
 ```
 
 Here are some other examples for ignore patterns:
@@ -86,23 +88,11 @@ Here are some other examples for ignore patterns:
 --ignore-hosts 17\.178\.\d+\.\d+:443
 ```
 
-This option can also be used to only allow some specific domains through negative lookahead expressions. However, ignore
-patterns are always matched against the IP address of the target before being matched against its domain name. Thus, the
-pattern must allow any IP addresses using an expression like `^(?![0-9\.]+:)` in order for this to work.
-Here are examples of such patterns:
+If you want to capture some specific domains only, you can use the `--allow-hosts` option, which makes mitmproxy
+ignore all other traffic.
 
-```
-# Ignore everything but example.com and mitmproxy.org (not subdomains):
---ignore-hosts '^(?![0-9\.]+:)(?!example\.com:)(?!mitmproxy\.org:)'
-
-# Ignore everything but example.com and its subdomains:
---ignore-hosts '^(?![0-9\.]+:)(?!([^\.:]+\.)*example\.com:)'
-```
-
-**Footnotes**
-
-1. This stems from an limitation of explicit HTTP proxying: A single connection
-    can be re-used for multiple target domains - a `GET http://example.com/`
-    request may be followed by a `GET http://evil.com/` request on the same
-    connection. If we start to ignore the connection after the first request, we
-    would miss the relevant second one.
+[^1]: This stems from an limitation of explicit HTTP proxying: A single connection
+      can be re-used for multiple target domains - a `GET http://example.com/`
+      request may be followed by a `GET http://evil.com/` request on the same
+      connection. If we start to ignore the connection after the first request, we
+      would miss the relevant second one.

mitmproxy/proxy/server.py

@@ -173,7 +173,7 @@ class ConnectionHandler(metaclass=abc.ABCMeta):
 
                 assert command.connection.peername
                 if command.connection.address[0] != command.connection.peername[0]:
-                    addr = f"{command.connection.address[0]} ({human.format_address(command.connection.peername)})"
+                    addr = f"{human.format_address(command.connection.address)} ({human.format_address(command.connection.peername)})"
                 else:
                     addr = human.format_address(command.connection.address)
                 self.log(f"server connect {addr}")