Redirecting traffic to remote proxy using WFP

hello there.
I have a use case where i have to redirect the network traffic going to particular ip/port to a remote proxy.
since i am new to WFP, wanted to check whether this is possible from user mode.
if not, will I have to write a WFP callout driver and at which layer?

thnak you very much.

Most network routers can do this kind of redirection, no programming required.

Lots of UM port forwarding programs exist. It is easy to write a very simple program to forward data from one socket to another

the only reason you would look at WFP is if you can’t ‘own’ the port on the local machine and some / all / modified data eventually needs to end up in a UM program on this machine.

An addition to this is that i have to encrypt the traffic to be redirected.

So, are you really looking for a VPN?

Yes…some secure communication.

Encryption, or any other transformation of the data being transferred, does not affect the ability to do the work in UM. The only consideration is the ownership of the port

Encryption does introduce a complexity. Effective encryption algorithms work on blocks of data, but unless you understand the higher level protocol, there is no way to tell when a sender is ‘done for now’ and you should encrypt and send whatever partial block you have.

I alsow had the task like Your’s. And I wrote the filter drriver, where I encpsulated the outgoing packets inside GRE packets, changed the IP and ethernet headers of thet packets and redirected to proxy.

thanks Arsen. At which WFP layer was this filter?