On Thu, Mar 11, 2021 at 02:42:51PM +0000, Jason Long wrote:
Thank you.
Thus, Firewalld can't work as Apache Web Server in proxy mode or HAProxy?
Accurate. It can not. It's a firewall. If you need a proxy, then you
should use a proxy.
On Monday, March 8, 2021, 04:47:10 PM GMT+3:30, Eric Garver
<egarver(a)redhat.com> wrote:
On Sun, Mar 07, 2021 at 11:19:38AM -0000, Jason Long wrote:
> Hello,
> Is it possible and logical to use the Firewalld as a reverse proxy server?
> I have below plan:
> The Internet --> Reverse Proxy --> Apache Web Server
> Apache can do it, but how about Firewalld?
Firewalld supports port forwarding which means it can forward the
request to a different server via DNAT. However it can not load balance
to multiple servers like full proxies (e.g. haproxy).
e.g.
# firewall-cmd --zone <zone>
--add-forward-port=port=8080:proto=tcp:toaddr=<addr>:toport=80
This is useful if the webserver is behind a gateway (usually the node
running firewalld).