I’m newbie in firewall stuff i need to know is there any solution for just routing the WEB/http request in Layer 3 and Check ratelimit of ips or Dos or DDos check then if okey send to acctual webserver like nginx and add X-Forwarder-For or X-Real-Ip to tell nginx what’s acctual client ip.
Normal senario
[Normal Request] =====> [IPFire] ====> [Nginx] (Ngninx will known what’s acctual client IP adress)
I am not sure if I understand your question, but I will give it a try:
Yes, IPFire provides nginx as a package. You could use it as reverse proxy and configure it to limit connections, etc. I would recommend haproxy, which is a lot better for this job.
IPFire can limit the number of connections being forwarded to your web server. You can limit to a total of X connections or to X connections per time slot (not more than 10 new connections a second for example).