# How to setup a FreeBSD server as a proxy



## Klappstuhl (Mar 4, 2020)

Hi,

I have a FreeBSD server "A" running in the cloud which offers an internet service.
I want to have another FreeBSD server "B" which acts like a proxy for the server which runs my service and routes traffic from specific ports to that server for additional security reasons and administrative control.

On server "A" I have disabled user-password login and only allow key authentication.

How can I setup server "B" to act like a proxy for Server "A" on e.g. ports 4711, 4712 and 4713? All of these ports are using IPv4 UDP/TCP protocols.


----------



## SirDice (Mar 4, 2020)

Klappstuhl said:


> I want to have another FreeBSD server "B" which acts like a proxy for the server which runs my service and routes traffic from specific ports the that server.


Why? What issue are you trying to resolve by doing this? Let's prevent an XY problem and explain exactly why you want to do this and why you think this is the right solution. 



Klappstuhl said:


> How can I setup server "B" to act like a proxy for Server "A" on e.g. ports 4711, 4712 and 4713?


What protocols are running on those ports? This will be an indication of what to use or if it's even possible at all.


----------



## SirDice (Mar 4, 2020)

Klappstuhl said:


> All of these ports are using IPv4 UDP/TCP protocols.


UDP/TCP is pretty much implied here (it's the internet afteral). But what protocol? HTTP? NFS? IRC? SMTP? IPSec? GRE? VoIP? I can probably name a couple of dozen more protocols. Not all of them are easily proxied or forwarded, some are simply impossible.


----------



## neel (Mar 5, 2020)

You could mean two things, from what I understood:


A "reverse" proxy like HAProxy where you have a server where "B" forwards requests to "A" in user-space
Network Address Translation like pf NAT or natd, where you forward packets, where "B" is connected to the Internet and "A" is behind "B"'s LAN, similar to how a consumer-level "router" works by sharing one connection and IP address with multiple computers.


----------

