Hello,
I tried to find any information about layer 7 (application layer) inspection and potential to do firewall rules based on like destination urls. I have done this with clavister firewalls before and it works great but currently i don't have access to clavister licenses.
The background is i run serveral servers on different SVI/vlans on the inside, and only one ip on WAN. I basically need same ports available on several places, its a small nightmare to do this on portbased options, hence the question.
Is Application layer firewall rules something that could come in the future or any way to do this today?
Regards, Joel
If you want to have different servers behind the same IP/Port, you are probably interested into using a reverse proxy. A plugin is available for HAProxy, nginx is in the ports if preferred (no GUI support).
Thanks a lot, i will look in to this more carefully!
But wish that something like native L/ inspection will be a thing in Opnsense in the future! :-)