Hi,
I have a rule that directs anything that comes in on ports 80 and 443 to an internal IP.
I have a project and would like to route a particular URL to a different IP.
Rule 1 if address = www.xyz.com forward traffic to 192.168.0.10
Rule 2 if port = 80 or 443 forward traffic to 192.168.0.19 <— these rules already exists
How can I compose this rule please?
You can’t. This kind of redirection needs a reverse proxy. Simple firewall can’t do that because L3 (TCP) connection gets established before L7 (HTTP) GET request can be sent. The url is mentioned only at the request (not before) and that is too late to redirect the connection.
Proxy works differently - it accepts the incoming connection on its own and then create a new one, depending on which destination server is selected.
You can use for example HAProxy , NGINX Proxy and many others.
If you want to make your life hell lot of easier, you can also use compiled packages like NPM (Nginx Proxy Manager) which will give you nice gui as well as HTTPS termination (with integrated letsencrypt support including DNS challenge) - that way all your internet traffic can be encrypted and you don’t have to worry about each individual server on your local network.
On top of what the pony said, things are moving increasingly to TLS, where the router couldn’t see the URL even if it wanted to. Another reason to use a reverse proxy: the rules apply after TLS termination.
Thank you guys for the clarification.
I will then use the port forwarding rule; external port translated to 80 and 443 internally.