Using Layer7 protocol to redirect incoming http request to Calibre server

ykleet · November 24, 2020, 10:49am

Need help n thx in advance.

I want to use Layer7 protocol to redirect all WAN incoming http request with address like calibre.xxx.yyy.zzz to my calibre server, so I can reach my book library anywhere.

I added an regex expression “^calibre” in my layer7 protocol list and name it as “IncomingFilter”.
Added a NAT dstnat rule on WAN with TCP 80 to redirect all my incoming http request to my calibre server (using http://calibre.xxx.yyy.zzz in my browser from external) and everything work as expected. But if I enabled Layer7 protocol and select “IncomingFilter” to the NAT rule, it doesn’t work anymore.

Any hint on my issue??

sindy · November 24, 2020, 12:14pm

There is no way to redirect incoming HTTP sessions using layer7-protocol rules. The NAT (redirecting) rules only act on the inital (first) packet of each connection (and it works like that on purpose and cannot be changed), and in case of TCP which is used to transport HTTP, this initial packet carries no payload yet.

ykleet · November 24, 2020, 1:13pm

Thx a lot.