I know there is an elevated risk in accepting incoming requests. But currently I have port forwarding enabled to expose certian services to the outside world, and my understanding of port forwarding is that it is a more literal 'hole' in the firewall.
What I have are two or more servers running in their own respective qubes. I was thinking the incoming connections would hit the haproxy frontend in sys-net, authenticate the request, and forward it to the respective service backend via sys-firwall etc...
If haproxy authenticates it could decrypt the ssl connection and forward it as a normal packet, preventing a bad ssl punching through all of the qubes security layers.
Or perhaps I could allow ssl passthrough and simply prevent any other connections out of the service qube and into the qube system...
Thoughts? Suggestions?