none
UDP Proxy RRS feed

  • Question

  • I am trying to build a DNS proxy (to my locally running proxy). On Windows 7, I am using CONNECT_REDIRECT for UDP and I could redirect the UDP traffic to my local proxy engine. But svhhost.exe (the DNS client) is not accepting the DNS UDP response that my local proxy engine is generating. And the reason is the source IP address that the DNS client sees. Since the DNS client sent DNS request to the DNS server IP address set on the machine, it would expect the response coming from the same IP address/port, which is completely understandable from security point of view.

    But I have to proxy the DNS request/responses seamlessly and hence I need to change the source IP address from my localhost IP address to the original DNS server IP address. Now along with using CONNECT_REDIRECT, what layer I should hook to make the IP address modification in the DNS response packet. Since there could be multiple DNS servers set on the machine, I need to know the actual DNS server address as well that I need to replace the the DNS response, that means I should be making the changes for respective flow.

    The DDProxy example is one approach but I am doing proxy for TCP as well. So I need to know which is the right layer for proxying UDP along with proxying TCP at CONNECT_REDIRECT  layer .

    Moreover the address and port no. to be proxied are multiple, so I do not want to use filters.

    Monday, December 27, 2010 1:00 PM

Answers

  • CONNECT_REDIRECT doesn't redirect flows transparently. You could add a callout at the DATAGRAM layer to tweak the response packets back, however.

    Thanks, Biao.W.

    Thursday, January 20, 2011 5:42 AM