locked
Retrieving the original destination address of a redirected connection in user mode proxy application (windows 7) RRS feed

  • Question

  • I am redirecting my connections on Windows 7 via (WFPSampler.exe -s PROXY -l FWPM_LAYER_ALE_CONNECT_REDIRECT_V4 -ipp TCP -iprp 80 -pra 127.0.0.1 -prp 43000 -in -plspid <pid> -aaid != <path to my proxy executable>).

    Can anyone please recommended ways to retrieve the original destination ip and port in user mode from the proxy application ?

     I see posts recommending to get it from FWPS_METADATA_FIELD_ORIGINAL_DESTINATION, but can this meta data field be retrieved from the user mode proxy application? I also see some posts recommending to get it from the FWPS_CONNECT_REQUEST0 structure BUT I dont see how that structure can be accessed by the proxy application in user mode?

    On Windows 8 its very easy to retrieve the original destination ip and port by parsing out the redirect context. 

    Any help would be greatly appreciated.

    Thanks,


    Friday, November 7, 2014 1:18 AM