Use a specific line for specific websites



  • Hi all, I'm wondering about this possibility:
    a pfsense managing two interner connection.
    One of the two (line b) has a wide upload bandwith.
    I would like to be able to force connections made from lan toward a specific site like wetransfer, to exit from line b.
    If wetransfer has a single static ip, that would be easy…
    Any idea?



  • Use the site (IP or URL) as the destination on a LAN rule and specify the gateway.



  • @dotdash:

    Use the site (IP or URL) as the destination on a LAN rule and specify the gateway.

    It's not that easy.
    I tried to track connecction generated by firefox during a file transfer by 'netstat -taucpn | grep <pid>' and that's what you get

    
    tcp        0      0 192.168.2.27:44541      54.76.214.212:443       ESTABLISHED 18316/firefox-esr
    tcp        0      0 192.168.2.27:47488      52.85.214.38:443        ESTABLISHED 18316/firefox-esr
    tcp        0 160384 192.168.2.27:41548      54.231.131.56:443       ESTABLISHED 18316/firefox-esr
    tcp        0      0 192.168.2.27:44077      216.58.198.6:443        ESTABLISHED 18316/firefox-esr
    tcp        0      0 192.168.2.27:44306      52.18.166.34:443        ESTABLISHED 18316/firefox-esr
    
    tcp        0      0 192.168.2.27:47488      52.85.214.38:443        ESTABLISHED 18316/firefox-esr
    tcp        0      0 192.168.2.27:33931      216.58.198.40:443       ESTABLISHED 18316/firefox-esr
    tcp        0  64772 192.168.2.27:41548      54.231.131.56:443       ESTABLISHED 18316/firefox-esr
    
    tcp        0      0 192.168.2.27:33930      216.58.198.40:443       ESTABLISHED 18316/firefox-esr
    tcp        0      0 192.168.2.27:47488      52.85.214.38:443        ESTABLISHED 18316/firefox-esr
    tcp        0      0 192.168.2.27:33931      216.58.198.40:443       ESTABLISHED 18316/firefox-esr
    tcp        0      0 192.168.2.27:44552      54.76.214.212:443 
    
    tcp        0      0 192.168.2.27:33930      216.58.198.40:443       ESTABLISHED 18316/firefox-esr
    tcp        0      0 192.168.2.27:33931      216.58.198.40:443       ESTABLISHED 18316/firefox-esr
    tcp        0      0 192.168.2.27:44552      54.76.214.212:443       ESTABLISHED 18316/firefox-esr
    
    

    I think that reasoning on ip bases it won't work.
    I didn't try yet using an url but I guess the rule should work layer 7.</pid>



  • Use an alias that contains all the possible IPs. Shouldn't be a big deal.


Log in to reply