hello there.
I have a use case where i have to redirect the network traffic going to particular ip/port to a remote proxy.
since i am new to WFP, wanted to check whether this is possible from user mode.
if not, will I have to write a WFP callout driver and at which layer?
Lots of UM port forwarding programs exist. It is easy to write a very simple program to forward data from one socket to another
the only reason you would look at WFP is if you can’t ‘own’ the port on the local machine and some / all / modified data eventually needs to end up in a UM program on this machine.
Encryption, or any other transformation of the data being transferred, does not affect the ability to do the work in UM. The only consideration is the ownership of the port
Encryption does introduce a complexity. Effective encryption algorithms work on blocks of data, but unless you understand the higher level protocol, there is no way to tell when a sender is ‘done for now’ and you should encrypt and send whatever partial block you have.
I alsow had the task like Your’s. And I wrote the filter drriver, where I encpsulated the outgoing packets inside GRE packets, changed the IP and ethernet headers of thet packets and redirected to proxy.