<![CDATA[Allow incoming connection to a URL based on IP address]]>We would like to able to filter incoming connections based on the URL.  For example
http://domain.com/site1
http://domain.com/site2

We would like to be able to filter at the firewall so that site1 is open to anyone but site2 will only allow access for a particular ip address.  We don't want to do this at the web server.

Thanks Gord.

]]>https://forum.netgate.com/topic/48060/allow-incoming-connection-to-a-url-based-on-ip-addressRSS for NodeSun, 15 Mar 2026 04:41:50 GMTMon, 27 Aug 2012 17:38:09 GMT60<![CDATA[Reply to Allow incoming connection to a URL based on IP address on Mon, 27 Aug 2012 19:34:35 GMT]]>You would need a reverse type proxy for this sort of filtering.  Firewall has no way of looking at that traffic it just sees a connection from src IP:port to dst IP:port , so you either need to change the the dest IP or the port and then you could filter on src IP.

You could look at the squid3 packare or the proxy server modsecurity package - both state they can be used as reverse proxy.  This should allow you to put in such filtering.

]]>https://forum.netgate.com/post/353337https://forum.netgate.com/post/353337Mon, 27 Aug 2012 19:34:35 GMT