Hello, How to using comandline create rule which allow to forward on firewall ie.
internet ip 44.1.1.2, 44.1.1.3. I have two apache servers ie 192.168.1.19:10000, 192.168.1.20:80. I want to create rule which make forward to ie forward when connect client 44.1.1.2 to router port 80 will forward it to 192.168.1.19:10000, when client from 44.1.1.3 connect to router port 80 will forward it to 192.168.1.20:80. How to create those rules? because at the moment I can forward router port 80 to i 192.168.1.19:10000, and second rule on second port ie 81 ro 192.168.1.20:80, but this is somthing else. Is this possible?
Do you wamt a load balancer?
no, just limit port forwarding depending from source ip. not to open it to wan. This is rather security issue. I want to open port forwarding depending from source ip. I have ssh on router allowed to WAN. When it was without limit, all the time diffrent ip try to connect,. First I set ban for 1h, after wrong pass, but they try to conect each 1,5h. At the end I limit it to specified IP subnets. And I want the same for forwarding. It's rather for others services then http. For http I use haproxy. I use IOT, in LAN I have rpi with IOT server. I want to have in remote location davice on arduino which will be connected to my server. I thought about create some service on complete separate server which will have list of allowed IP. Those list will be uploaded to firewall. From arduino I will open url, which will actualize this list for device IP. this will be uploaded on firewall, and forward will be work only for this device. How to do this?
uci add firewall redirect
uci set firewall.@redirect[-1].dest='lan'
uci set firewall.@redirect[-1].target='DNAT'
uci set firewall.@redirect[-1].name='rule1'
uci set firewall.@redirect[-1].family='ipv4'
uci add_list firewall.@redirect[-1].proto='tcp'
uci set firewall.@redirect[-1].src='wan'
uci set firewall.@redirect[-1].src_ip='44.1.1.2'
uci set firewall.@redirect[-1].src_dport='80'
uci set firewall.@redirect[-1].dest_ip='192.168.1.19'
uci set firewall.@redirect[-1].dest_port='10000'
uci set firewall.@redirect[-1].reflection='0'
uci add firewall redirect
uci set firewall.@redirect[-1].dest='lan'
uci set firewall.@redirect[-1].target='DNAT'
uci set firewall.@redirect[-1].name='rule2'
uci add_list firewall.@redirect[-1].proto='tcp'
uci set firewall.@redirect[-1].src='wan'
uci set firewall.@redirect[-1].src_ip='44.1.1.3'
uci set firewall.@redirect[-1].src_dport='10000'
uci set firewall.@redirect[-1].dest_ip='192.168.1.20'
uci set firewall.@redirect[-1].dest_port='80'
uci set firewall.@redirect[-1].reflection='0'
uci commit firewall
service firewall restart
What will be shell command for it?
Copy paste to shell
1 Like