Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How do I route port 80/443 traffic for only one application, local proxy?

    Routing and Multi WAN
    1
    1
    416
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • xanaroX
      xanaro
      last edited by

      So I am very familiar with the basics of routing traffic, and have been using pfsense successfully for the last several years for QoS.

      Recently I have been giving VPN service a try and have configured it so that the traffic from certain hosts on my local network go through the VPN connection which is configured directly on pfsense.

      Today I have been experimenting with routing only particular ports of a particular local host through the VPN.

      Now the tricky part…. What I would like is a way to forward port 80 and 443 but only when those ports are used for a particular application (in this case a games launcher) This way any regular traffic on 80 and 443 does NOT go though the VPN, only the port 80 and 443 traffic originating from the particular game launcher/application.

      I read about ephemeral ports, they appear to be random, so I am not sure the application local port would work unless there is a way to restrict the application to a particular range.

      The other idea I had was some kind of locally installed proxy directly on the system, that tunnels the traffic for only that application over a particular port so that I can differentiate that traffic on pfsense for routing.

      and maybe there is an easier way, I am just not sure how to go about telling the different between regular web traffic and game web traffic when they are both on port 80/443. any help and feedback is appreciated!

      In this particular instance the client machine I am wanting to set this up for is running windows 7, however I also often run linux, so I am interested in both of those set ups if they are OS dependent.

      When I think about the problem in my head, the solution I come up with is something I install or configure on windows that takes any port 80 traffic from the game client and routes it to say 8080, this way I can distinguish it when it hits pfsense, then I can take that port 8080 traffic and change the port back to 80 instead of 8080 and forward it to the VPN .... I dont know if this particular type of setup is something that is doable.... but surely there must be a way to differentiate the web traffic from different applications with the right solution.

      Also I am not looking for somebody to spell out the entire setup for me, I know that can take quite a bit of time, just a couple links or if it involves using a particular application, the name of it. Using the search terms I have tried so far, I am not coming up with any workable solutions.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.