The pfSense Store

Author Topic: Redirect Traffic 80 to 8080 Only For Spesific IP  (Read 3768 times)

0 Members and 1 Guest are viewing this topic.

Offline mynullvoid

  • Jr. Member
  • **
  • Posts: 42
  • Karma: +0/-0
    • View Profile
Redirect Traffic 80 to 8080 Only For Spesific IP
« on: April 23, 2010, 05:30:20 am »
Hi,

I got a network which connected to another network using same subnet but different gateway. I had created a static route for the resources on the other network, but the issue is for the computer to access the resources on that network, they must use proxy port which is 8080.

My question is how can I redirect outgoing port of IP xx.xx.xx.xx from 80 to 8080?

Thank you

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14994
  • Karma: +4/-0
    • View Profile
Re: Redirect Traffic 80 to 8080 Only For Spesific IP
« Reply #1 on: April 23, 2010, 01:27:48 pm »
This isn't possible in the GUI (yet) since that would require doing a port forward conditionally based on source IP, and that functionality doesn't currently exist.

IIRC, someone is working on that but it hasn't been imported into 2.0 yet even.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline mynullvoid

  • Jr. Member
  • **
  • Posts: 42
  • Karma: +0/-0
    • View Profile
Re: Redirect Traffic 80 to 8080 Only For Spesific IP
« Reply #2 on: April 23, 2010, 11:33:28 pm »
Jimp, thanks for the reply.

Let me explain further. My 'LAN Network A' connected over wireless bridge to 'LAN Network B' which also resides on the same subnet. 'LAN Network A' having DSL connection gateway with dynamic IP and 'LAN Network B' have Fixed IP as gateway.

HTTP resources at IP xxx.xxx.xxx.xxx only permits access coming from Fixed IP of 'LAN Network B', where in 'LAN Network B' all traffic must go through a proxy server yyy.yyy.yyy.yyy at port 8080.

I had created a static route from 'LAN Network A' to use 'LAN Network B' gateway but how can I set so that the HTTP traffic will pass through yyy.yyy.yyy.yyy at port 8080.

The last option is for me to manually set this proxy information in the browser, but when I set that, I will have problem if the user is accessing other than IP xxx.xxx.xxx.xxx.

FYI 'LAN Network A' is having both HAVP and Squid running at this network gateway.

Please assist. Thank you

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14994
  • Karma: +4/-0
    • View Profile
Re: Redirect Traffic 80 to 8080 Only For Spesific IP
« Reply #3 on: April 26, 2010, 08:30:50 am »
You might be able to pull that off on the LAN Network A router with a port forward on LAN that is setup thusly:

Interface: LAN
External Address: any
Protocol: TCP
External Port Range: 80
NAT IP: <ip address of your proxy on LAN B>
Local Port: 8080
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline mynullvoid

  • Jr. Member
  • **
  • Posts: 42
  • Karma: +0/-0
    • View Profile
Re: Redirect Traffic 80 to 8080 Only For Spesific IP
« Reply #4 on: April 27, 2010, 11:40:37 am »
Jimp, thank you for the reply,

From your setting a port forward setting that you demonastrate, I guess it is for all the outgoing http traffic, in my case I only want to port forward if the destination port 80 of IP is xxx.xxx.xxx.xx to use proxy IP yyy.yyy.yyy.yyy at port 8080

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14994
  • Karma: +4/-0
    • View Profile
Re: Redirect Traffic 80 to 8080 Only For Spesific IP
« Reply #5 on: April 27, 2010, 12:04:38 pm »
That is what I said you cannot currently do in the GUI. You can't apply that rule conditionally.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline cmb

  • Administrator
  • Hero Member
  • *****
  • Posts: 6333
  • Karma: +0/-0
    • LinkedIn
    • Twitter
    • View Profile
    • Chris Buechler
Re: Redirect Traffic 80 to 8080 Only For Spesific IP
« Reply #6 on: June 18, 2010, 08:43:56 am »
That's policy NAT, you can do that in 2.0.