Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Interface for Reverse Proxy {now $500}

    Scheduled Pinned Locked Moved Expired/Withdrawn Bounties
    14 Posts 8 Posters 14.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      joanywhere
      last edited by

      All,
      I've seen posts on here saying reverse proxy can be configured through LightPPD.

      However, it would appear there is no UI for this.

      Anyone interested in this?

      Ideally it would allow you to specify an interface (i.e. WAN), a destination IP Address, and a protocol (i.e. HTTP or HTTPS).

      It would need to support authentication on the webservers (i.e. when Outlook WebMail pops up a dialog client side)

      Plus other stuff I've probably not thought of :)

      Cheers
      Jo

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        Please add a pricetag for that feature. Witout a pricetag it's not a bounty and doesn't belog here.

        1 Reply Last reply Reply Quote 0
        • J
          joanywhere
          last edited by

          Hoba,
          I read the forum guidelines, and as I didn't have a price in mind, I didn't list one.  Is my understanding incorrect?

          I've quoted from the guidelines below

          Here you can start a thread requesting a specific feature for a given amount of money. If you don't have a price in mind or aren't sure of the level of effort required for your desired feature, you can make a post without a specific price. Typically bounties are posted in US Dollars, but you can post in any currency you desire. Please be specific about the functionality you desire.

          Regards
          Jo

          1 Reply Last reply Reply Quote 0
          • H
            hoba
            last edited by

            Ok, it's sit and wait then  ;)

            1 Reply Last reply Reply Quote 0
            • J
              joanywhere
              last edited by

              Hoba,
              I had to chuckle about this.  If I'm adhering to forum rules, then what was the point of your original response?  I assume that as an administrator you know the rules to the various forums? :) :) :)

              I'm curious to see what it would take someone to build this, and then work towards raising the funds

              regards
              Jo

              1 Reply Last reply Reply Quote 0
              • H
                hoba
                last edited by

                No offense, just ignore me  ;)

                1 Reply Last reply Reply Quote 0
                • J
                  joanywhere
                  last edited by

                  Hehe.. not that anyone DOES seem interested.

                  I would have thought this was a fairly straightforward mod for someone with the right skills?

                  1 Reply Last reply Reply Quote 0
                  • ?
                    Guest
                    last edited by

                    Typically someone with the right skills is able to charge a premium for those skills.  Also, those people tend to have their time pretty heavily in demand.  You'll notice that the spamd project has a bounty of $1000 just to fix the existing package.  In terms of complexity, the spamd package is probably similar to creating a Varnish package, so its not a simply, easy-to-implement job like you might believe.  Although many of us believe that Varnish is a superior piece of software, I doubt you'll find many people interested in doing the work without a set dollar amount and a very complete and detailed specification for what the project would look like.

                    1 Reply Last reply Reply Quote 0
                    • J
                      joanywhere
                      last edited by

                      Sumicron,
                      all good comments with one exception - I never assumed that this was easy.

                      I'll consider placing a $$ value on this bounty and see what happens

                      Cheers
                      Jo

                      1 Reply Last reply Reply Quote 0
                      • J
                        jwbrown77
                        last edited by

                        Want a killer feature that no one but f5 and Secure Computing (that I can find) are offering?

                        Do a reverse proxy with Apache and integrate it with mod_security.  This allows for intrusion detection on HTTPS, which Snort can't do.

                        This is a requirement  for PCI (Credit Card Industry Regulations) that many people would be interested in.

                        I'd offer a bounty but I don't have the time to wait on it since the deadline is 6/30.

                        1 Reply Last reply Reply Quote 0
                        • S
                          sullrich
                          last edited by

                          Varnish would be a better solution IMHO.

                          1 Reply Last reply Reply Quote 0
                          • C
                            cybrsrfr
                            last edited by

                            Another option for reverse proxy is Nginx. It is a very fast web server running many large Russian websites. It can also be a proxy server.  Below are some of my notes I have been collecting about Nginx. License is a BSD style license.

                            HTTP Server and Reverse Proxy
                            http://nginx.net/

                            Documentation
                            http://wiki.codemongers.com/Main

                            Reverse Proxy Example Config (can be used for load balancing, add https to web sites)
                            http://brainspl.at/nginx.conf.txt

                            Forum
                            http://nginxforums.com/

                            http://hostingfu.com/article/nginx-vs-lighttpd-for-a-small-vps
                            http://blog.fastmail.fm/2007/01/04/webimappop-frontend-proxies-changed-to-nginx/
                            http://errtheblog.com/posts/52-nginx-config-like-whoa
                            http://brainspl.at/articles/2006/08/23/nginx-my-new-favorite-front-end-for-mongrel-cluster

                            I'm not sure which is better Varnish or Nginx just wanted to share another BSD licensed tool that could provide this functionality.

                            1 Reply Last reply Reply Quote 0
                            • A
                              andersenvance
                              last edited by

                              I would be willing to kick in $500 for Apache mod_proxy, mod_rewrite, plus mod_security to use as a Web Application Firewall (WAF).  It would need the ability to terminate the SSL/HTTPS on the firewall so that http traffic could be process by mod_security.  I think there is a great SSL proxy app called "Pound" available that does SSL Proxy.

                              Let me know if this is doable.

                              Thanks!

                              1 Reply Last reply Reply Quote 0
                              • K
                                kosta
                                last edited by

                                Sorry for the possible stupid question, but im assuming anyone can grab up a bounty? If thats the case, I may be interested in this project =]

                                I am currently working with pfsense in a test environment to try to replace our current setup at work.

                                Now as far as questions about the bounty, I'm assuming you would want this proxy to work with different back-end servers. i.e. :

                                192.168.1.10 www.site1.com
                                192.168.1.11 www.site2.com
                                192.168.1.12 www.site3.com

                                Use pfsense as central WAF (web appliance firewall) that would check content, and if ok pass on to appropriate site. Im assuming this would be configured through pfsense, i.e. point site1 to .10 ip, site2 .11 and site3 .12.

                                Let me know if that makes sense!

                                thanks,

                                kosta

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.