HaProxy with custom ACL
-
HaProxy with custom ACL
Pf-sense 2.5.1 with HAPxoxy and pf-blocker NG
Wan Side - One WAN interface on custom 44xxx port
LAN side - One LAN interface with multiple services such as next-cloud , several web applications and others, on multiple vm's( hyperV) ports.
based on present configuration in HA proxy with shared front end on port 443, with ACL rules iIam able to access my services externally using different noip host-names ( lets-encrypt certificates)
Problem -
1 => I am unable to use Aliases ( domain names configured in firewall rules) as source IP matches IP or Alias to allow access from specific hosts(xyz.ddns.net), since, as soon as my public ip changes i am unable to access the service.2=>Can i use aliases generated by pfblockerNG, like allowing access from certain country only?
3=> How can i chain two conditions together like a website is only accessible if and only if both conditions are true such as - host must match and source ip or alias must match.
4=>If i have manually set same source IP or Alias (eg 11.22.33.44) for abc.ddns.net hostname and source IP or Alias (eg 11.22.33.44) for def.ddns.net hostname, then when trying to access def.ddns.net its always pointing to abc.ddns.net which is surely unwanted and this is why i want to chain ac conditions together.
please help me out on this, I had been using pfsense for quite a while but surely i do not have profound knowledge about this HAproxy#anchor(title)