locked
Proxy client for Windows RRS feed

  • Question

  • I am tasked with writing a proxy client for Windows, which will detect any attempt to perform socket functions, e.g. accept(), socket(), read(), write(), etc. , and will redirect them through our proprietary socket API (it's a compression application, if that matters). 

    I am just now surveying the landscape and need to know a few things: 

    - Does the filtering framework permit inserting at this level (API call)? If so, how (briefly) might I do this?

    - Am I doomed to (1) writing a driver, or (2) writing a kernel driver?

    Basically I have an API that looks like my_socket(), my_accept(), my_write(), etc. that mirrors the "real" sockets API. I want to "face" it, if you get my meaning. 

    Beetle

    Friday, May 27, 2016 12:12 AM

All replies

  • Ok, so that was too complicated :-)

    Let me ask a simpler question: If I want to modify incoming and outgoing TCP/IP traffic - that is, if I want to munge packet payloads - am I *required* to write kernel mode code?

    There. That's better ....

    Beetle

    Friday, May 27, 2016 11:51 PM