Reverse Proxy



  • Recently my company have been experimenting with Open Source firewalls, and so far the best product is pfsense. However one colleague said the most glaring while for pfsense is a reverse proxy, which got  me looking to implement a reverse proxy.

    I am willing to start work on creating a package for a reverse proxy package, I am a basic programmer, but really want to help pfsense establish itself as the top open source firewall available. Therefore I would need some help in where i need to look about configuring a Freebsd package to work with in pfsense.

    Also which reverse proxy should i look t work with, an easy one to start of with would be great.

    Yusuf



  • Maybe check out varnish?



  • Varnish unfortunatley does not support SSL, and is more a caching server as opposed to a reverse proxy, which would redirect traffic to a single ip to multile destinations.

    I have noticed in a few posts that people are looking for this, so that a connection to

    https://www.server.com/mail

    gets redirected to https://internalmailserver

    https://www.server.com/internet

    gets redirected to https://internalwebserver



  • pfSense already includes Lighttpd, which is capable of reverse proxying through mod_proxy. Problem is getting at it.

    I.e.
    $HTTP["host"] == "mail.example.org" {
      proxy.server  = ( "" => ( ( "host" => "ip address" ) );
    }

    would go into lighttpd.conf.



  • Would it be an idea to modify a exiting xml, to allow this conf to be writtem, or best practise to use another application, without risking lighttp?



  • @riogrande100:

    Would it be an idea to modify a exiting xml, to allow this conf to be writtem, or best practise to use another application, without risking lighttp?

    I would force the webConfigurator's port to be changed to somethig other than 80 and then fire off a new lighty service just for the reverse proxy.


Log in to reply