Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results


Before Posting...

Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging

The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.

Check out The OSR Learning Library at:

Redirecting traffic to remote proxy using WFP

MilvinMilvin Member Posts: 16

hello there.
I have a use case where i have to redirect the network traffic going to particular ip/port to a remote proxy.
since i am new to WFP, wanted to check whether this is possible from user mode.
if not, will I have to write a WFP callout driver and at which layer?

thnak you very much.


  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,445

    Most network routers can do this kind of redirection, no programming required.

    Tim Roberts, [email protected]
    Providenza & Boekelheide, Inc.

  • MBond2MBond2 Member Posts: 515

    Lots of UM port forwarding programs exist. It is easy to write a very simple program to forward data from one socket to another

    the only reason you would look at WFP is if you can't 'own' the port on the local machine and some / all / modified data eventually needs to end up in a UM program on this machine.

  • MilvinMilvin Member Posts: 16

    An addition to this is that i have to encrypt the traffic to be redirected.

  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,445

    So, are you really looking for a VPN?

    Tim Roberts, [email protected]
    Providenza & Boekelheide, Inc.

  • MilvinMilvin Member Posts: 16

    Yes...some secure communication.

  • MBond2MBond2 Member Posts: 515

    Encryption, or any other transformation of the data being transferred, does not affect the ability to do the work in UM. The only consideration is the ownership of the port

    Encryption does introduce a complexity. Effective encryption algorithms work on blocks of data, but unless you understand the higher level protocol, there is no way to tell when a sender is 'done for now' and you should encrypt and send whatever partial block you have.

  • ArsenArsen Member Posts: 61

    I alsow had the task like Your's. And I wrote the filter drriver, where I encpsulated the outgoing packets inside GRE packets, changed the IP and ethernet headers of thet packets and redirected to proxy.

  • MilvinMilvin Member Posts: 16

    thanks Arsen. At which WFP layer was this filter?

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. Sign in or register to get started.

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 30 January 2023 Live, Online
Developing Minifilters 20 March 2023 Live, Online
Internals & Software Drivers 17 April 2023 Live, Online
Writing WDF Drivers 22 May 2023 Live, Online