Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
Layer 7 inspection with firewall rules
« previous
next »
Print
Pages: [
1
]
Author
Topic: Layer 7 inspection with firewall rules (Read 7217 times)
jberg
Newbie
Posts: 4
Karma: 0
Layer 7 inspection with firewall rules
«
on:
July 22, 2017, 12:39:57 am »
Hello,
I tried to find any information about layer 7 (application layer) inspection and potential to do firewall rules based on like destination urls. I have done this with clavister firewalls before and it works great but currently i don't have access to clavister licenses.
The background is i run serveral servers on different SVI/vlans on the inside, and only one ip on WAN. I basically need same ports available on several places, its a small nightmare to do this on portbased options, hence the question.
Is Application layer firewall rules something that could come in the future or any way to do this today?
Regards, Joel
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Layer 7 inspection with firewall rules
«
Reply #1 on:
July 22, 2017, 12:08:11 pm »
If you want to have different servers behind the same IP/Port, you are probably interested into using a reverse proxy. A plugin is available for HAProxy, nginx is in the ports if preferred (no GUI support).
Logged
jberg
Newbie
Posts: 4
Karma: 0
Re: Layer 7 inspection with firewall rules
«
Reply #2 on:
August 04, 2017, 01:28:17 am »
Thanks a lot, i will look in to this more carefully!
But wish that something like native L/ inspection will be a thing in Opnsense in the future! :-)
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
Layer 7 inspection with firewall rules