Mod_security: rules and forwards?
This should be easy. I'm trying to use mod_security to proxy http traffic to back-end servers.
What I'm never clear on is how to configure the firewall rules and NAT port forwards, especially when the service resides on the firewall its self. For example what would the rule look like that passes traffic in to the proxy? Is there anything required in order for the proxy to reach the back-end server?
You do not need Nat, just change pfsense gui port, configure apache on 80 and allow it's traffic using firewall rules on wan interface.
Well, didn't really answer the critical part of the question, but I seemed to have figured it out.
The rule should allow all source IP, all sorce port to the public IP the proxy is listening on as the destination IP with a destination port of 80.