Redirect a website



  • I am trying to do something really simple but im trying to figure out if pfS is the way to go on about it.

    within my network, i want to redirect all request to www.aaa.com to www.bbb.com
    And i don't mean on a DNS level. That way i will still have aaa.com on the user's address bar. And that's illegal.
    I just want a simple redirect.

    Is there a way to do this?



  • if www.aaa.com and www.bbb.com have separate external IPs, then you can use port forwarding to redirect the connection to the same web server. Your web server is going to have to know what to do from there. If they have the same external IP, then you are going to have to point www.aaa.com to the same IP as www.bbb.com. As long as your web server doesn't redirect you should be okay.



  • These two websites have two entirely different ips on two entirely different servers.
    Maybe i didn't explain it well enough so i'm just going to go with enother esample.
    (Pardon the simplicity of this example).

    when my network users type in www.bing.com i want them to be redirected to www.google.com
    and of course the address on the address bar change as well.

    best regards and thank you in advance
    sid



  • you will need a proxy server with redirect features.

    Dansguardian and squidguard can do the job.



  • Thank you marcelloc.
    In fact, yesterday before i closed the day i had installed squid and squidguard on the pfsense box.

    I am following the info found on http://doc.pfsense.org/index.php/SquidGuard_package.
    I have squid enabled under Services->Proxy Server, listening on the interface i am interested in. I allow users on the interface and have set it up as a transparent proxy so all request on port 80 are redirected.

    I have SquidGuard enabled under Services->Proxy Filter, enabled logs and disabled blacklist (bc i don't need it).
    I have on the rewrite tab set a rule that finds url www.aaa.com and redirects to www.bbb.com.

    My confusion arises on the Common ACL tab.
    I'm not very clear on the target rules list (wether in this case i need allow or deny), the Redirect mode (i believe i need ext url found, right?), what the url on the redirect info is supposed to be since i'm already defining a redirect rule?
    Under rewrite i choose the rewrite rule i created earlier.

    Clearly i'm not configuring it properly but as is, aaa.com and bbb.com are accessbile on the chosen interface.
    So basically i ain't doin' squat.

    Any help would be needed and apreciated.



  • I think you have to deny access to aaa.com and define deny action as redirect to bbb.com

    Define general acl to deny may activate custom acl.

    Take a look on squidguard doc

    http://doc.pfsense.org/index.php/SquidGuard_package



  • That was indeed the same documentation i was checking.
    Whatever it was in your reply, i had a moment of clarity.
    Problem solved.

    Thank you



  • Another thing, is there a way to define a squid rule to use a specific gateway for these requests that it redirects?
    I explain: in juncture with the topic i have here : http://forum.pfsense.org/index.php/topic,45481.0.html
    this is a two step problem and i've managed to solve them both separately.

    So i've instructed the interface to use a specific gateway for requests towards a certain website.
    Now since i pass all requests of that interface through the filter, my rules are being ignored as far as gateway choice goes and squid goes and takes the default gateway.
    Is this expected behavior?

    I've tested by disabling the transparent proxy, and then my rules are executed correctly :(



  • This can be done via squid acl, but I'm not sure if just creating this acl and pasting on squid custom options will work.



  • And i just realized from the moment i installed squid, all the rules defined in my tables are being ignored.
    regardless on what interface i have squid running on.
    The machine has been in production for A WHILE. And the rules and plugins are correct.

    This is not good. Not good at all.



  • I managed to get my rules to be executed again.
    The only thing right now, as i said above, is that squid is ignoring what i do with the gateway choices on that interface and taking the default one.
    Which is really strange because it's executing all the other rules' aspects but the gateway choice.
    I really don't know what to do anymore.  ???



  • you need rules on floating rules tab to match squid traffic

    take a look on this tutorial

    http://securite-ti.com/pfSense_Web_Proxy_with_multi-WAN_links.pdf



  • I'm gonna study it a little deeper because i just created a floating rule to separate the interfaces/requests as needed and left the rules on the specific interfaces on default gw (unspecified gw).
    The rule is ignored and the default gw is taken anyway unless i disable the proxy.

    This is making me crawl up the walls. I'm gonna work some more on it.
    Either i crash or squid does :D


Log in to reply