I have a setup where a server is front-ended by AWS ELB. I would like to filter traffic based on the source ip address using iptables possibly. I have enabled the proxy protocol on ELB. Is it possible to use iptables in conjunction with Proxy protocol?
Proxy protocol is an internet protocol used to carry connection information from the source requesting the connection to the destination for which the connection was requested. Elastic Load Balancing uses proxy protocol version 1, which uses a human-readable header format.
NOTE: When using AWS load balancers, please be aware that you cannot use PROXY protocol with an Application Load Balancer (ALB). PROXY Protocol works on layer 4 (TCP) and the Application Load Balancer only works on layer 7.
– EC2 instance that are connected to an ELB doesn't need to have public/elastic ip addresses. since it will receive traffic via the private ip address, which the elb will use to send traffic to it. However the ec2 still needs to be in a public subnet.
Cheezo. I'm not sure if this is possible, but I guess using AWS Security Group would be an easier solution.
Also, AWS Web Application Firewall might give you a hand.
Take a look at https://aws.amazon.com/waf/ and see if it helps.
Cheers,
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With