OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 17.1 Legacy Series »
  • Layer 7 inspection with firewall rules
« previous next »
  • Print
Pages: [1]

Author Topic: Layer 7 inspection with firewall rules  (Read 4362 times)

jberg

  • Newbie
  • *
  • Posts: 4
  • Karma: 0
    • View Profile
Layer 7 inspection with firewall rules
« on: July 22, 2017, 12:39:57 am »
Hello,

I tried to find any information about layer 7 (application layer) inspection and potential to do firewall rules based on like destination urls. I have done this with clavister firewalls before and it works great but currently i don't have access to clavister licenses.

The background is i run serveral servers on different SVI/vlans on the inside, and only one ip on WAN. I basically need same ports available on several places, its a small nightmare to do this on portbased options, hence the question.

Is Application layer firewall rules something that could come in the future or any way to do this today?

Regards, Joel
Logged

fabian

  • Hero Member
  • *****
  • Posts: 2768
  • Karma: 199
  • OPNsense Contributor (Language, VPN, Proxy, etc.)
    • View Profile
    • Personal Homepage
Re: Layer 7 inspection with firewall rules
« Reply #1 on: July 22, 2017, 12:08:11 pm »
If you want to have different servers behind the same IP/Port, you are probably interested into using a reverse proxy. A plugin is available for HAProxy, nginx is in the ports if preferred (no GUI support).
Logged

jberg

  • Newbie
  • *
  • Posts: 4
  • Karma: 0
    • View Profile
Re: Layer 7 inspection with firewall rules
« Reply #2 on: August 04, 2017, 01:28:17 am »
Thanks a lot, i will look in to this more carefully!

But wish that something like native L/ inspection will be a thing in Opnsense in the future! :-)
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 17.1 Legacy Series »
  • Layer 7 inspection with firewall rules
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2