Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results


Before Posting...

Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging

The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.

Check out The OSR Learning Library at:

redirecting traffic from one interface to another

v_kalv_kal Member Posts: 16

I have setup the wireguard vpn to send all traffic through the tunnel. It create its own interface and route traffic to it.

1) I want to redirect the traffic for some ips to my default interface. How can I route the traffic for those ips to other interface using the wfp driver. And what changes do I need to do in the packets?

2) Will changing the destinetion mac and ip address work?

3) At which layer can I change it?


  • v_kalv_kal Member Posts: 16

    I think I will need to catch packets after they route to wireguard interface and then change its destination ip address. But I dont know how to route packets to my default interface.

  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,832

    You can use the command-line "route" command to do this. No kernel programming is required.

    Tim Roberts, [email protected]
    Software Wizard Emeritus

  • v_kalv_kal Member Posts: 16

    But I don't have the ip adresses, I am retriving ip addreses for some url's by parsing the dns packets. And the ip addresses can change. Can I still do that?

  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,832

    Perhaps you should describe what you're actually trying to do, instead of asking about one thing at a time. If we understand the overall process, we can offer better advice.

    Tim Roberts, [email protected]
    Software Wizard Emeritus

  • v_kalv_kal Member Posts: 16

    I have set the wireguard vpn. it create its own interface and route this traffic to its interface and send all the traffic to vpn server using this interface.

    Now I want some url's to do not use wireguard vpn and go directly to internet.
    The ip adresses of the url's can change thats why I am using wfp to get the ip adresses from dns packets.

    Now what I dont understand is how can I prevent those urls to use wireguard vpn.

  • MBond2MBond2 Member Posts: 705

    You can do this u UM by using the CreateIpForwardEntry API. Note that you must be running from an elevated process (UAC) to call this API. Just determine the current IP address for the DNS name(s) that you are interested in, and add dynamic routes as you see fit.

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. Sign in or register to get started.

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 13-17 May 2024 Live, Online
Developing Minifilters 1-5 Apr 2024 Live, Online
Internals & Software Drivers 11-15 Mar 2024 Live, Online
Writing WDF Drivers 20-24 May 2024 Live, Online