1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

route external wild card domain to internal proxy

Discussion in 'Asuswrt-Merlin' started by waeking, Aug 20, 2019.

  1. waeking

    waeking Occasional Visitor

    Joined:
    May 15, 2018
    Messages:
    45
    I do not want to open up port 80 and forward to traefik running on an internal pc unless the specific domain is used. For example if I go to the External Static IP (http://123.456.123.456:80) I dont want anything to happen. However if I go to fresh.pxy.domain,com I would like that to go to the actual traefik proxy. I know how to setup the dns wildcard A record (*.pxy.domain.com). That has been done.

    I can't seem to find any documentation on this as of yet. I am not sure what I should even be searching for.

    Any assistance would be great!
     
  2. waeking

    waeking Occasional Visitor

    Joined:
    May 15, 2018
    Messages:
    45
    Code:
     iptables -t nat -A PREROUTING -d *.pxy.domain.com -i eth0 -p tcp -m tcp -j DNAT --to-destination 192.168.1.100
    would something like this work?
     
  3. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    9,269
    Location:
    UK
    No, because iptables translates a domain name into an IP address when the command is issued. It also doesn't accept wildcards.
     
  4. waeking

    waeking Occasional Visitor

    Joined:
    May 15, 2018
    Messages:
    45
    Would some sort of reverse proxy built into the router (wan facing) be able to do this? or would two reverse proxies (router and traefik) be able to communicate with each other?
     
  5. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    9,269
    Location:
    UK
    I would have thought it would make sense to do this on the web server as that is able to examine the URL of the incoming requests. I guess you could do it on a reverse proxy as well. Beyond that I don't know. It's not really my area of knowledge.