Hello,
I have setup the wireguard vpn to send all traffic through the tunnel. It create its own interface and route traffic to it.
I want to redirect the traffic for some ips to my default interface. How can I route the traffic for those ips to other interface using the wfp driver. And what changes do I need to do in the packets?
Will changing the destinetion mac and ip address work?
At which layer can I change it?
I think I will need to catch packets after they route to wireguard interface and then change its destination ip address. But I dont know how to route packets to my default interface.
You can use the command-line “route” command to do this. No kernel programming is required.
But I don’t have the ip adresses, I am retriving ip addreses for some url’s by parsing the dns packets. And the ip addresses can change. Can I still do that?
Perhaps you should describe what you’re actually trying to do, instead of asking about one thing at a time. If we understand the overall process, we can offer better advice.
I have set the wireguard vpn. it create its own interface and route this traffic to its interface and send all the traffic to vpn server using this interface.
Now I want some url’s to do not use wireguard vpn and go directly to internet.
The ip adresses of the url’s can change thats why I am using wfp to get the ip adresses from dns packets.
Now what I dont understand is how can I prevent those urls to use wireguard vpn.
You can do this u UM by using the CreateIpForwardEntry API. Note that you must be running from an elevated process (UAC) to call this API. Just determine the current IP address for the DNS name(s) that you are interested in, and add dynamic routes as you see fit.