locked
Redirecting Traffkic to a local proxy using ALE Connect Redirect Layer (win7 and win8) RRS feed

  • Question

  • Hi All,

    I am trying to redirect all packets from port 80 to a local proxy using ALE Connect Redirect Layer. Following is my code:

    FwpsAcquireClassifyHandle0(
                classifyContext,
                flags,
                &classifyHandle
                );

            FwpsAcquireWritableLayerDataPointer0(
                classifyHandle,
                filter->filterId,
                flags,
                &writableData,
                classifyOut
                );

            //modify the data here
            connectData = (FWPS_CONNECT_REQUEST0*) writableData;
            inAddr = (SOCKADDR_IN*) &(connectData->localAddressAndPort);
            outAddr = (SOCKADDR_IN*) &(connectData->remoteAddressAndPort);

            addr = &(inAddr->sin_addr);
            Log(LOGLEVEL_DEBUG,"src Addr = %hu.%hu.%hu.%hu\n",
                addr->S_un.S_un_b.s_b1,addr->S_un.S_un_b.s_b2,addr->S_un.S_un_b.s_b3,addr->S_un.S_un_b.s_b4);
            addr = &(outAddr->sin_addr);
            Log(LOGLEVEL_DEBUG,"dest Addr = %hu.%hu.%hu.%hu\n",
                addr->S_un.S_un_b.s_b1,addr->S_un.S_un_b.s_b2,addr->S_un.S_un_b.s_b3,addr->S_un.S_un_b.s_b4);

            Log(LOGLEVEL_DEBUG,"src Port = %hu\n",RtlUshortByteSwap(inAddr->sin_port));
            Log(LOGLEVEL_DEBUG,"dest Port = %hu\n",RtlUshortByteSwap(outAddr->sin_port));

            if(RtlUshortByteSwap(outAddr->sin_port) == 80)
            {
                Log(LOGLEVEL_DEBUG,"MobicipAleConnectRedirectClassify redirecting connection\n");

                /* Assign the filter server address and port */
                //addr->S_un.S_addr = RtlUlongByteSwap(user->filterServerAddress);

                /* modify dest port */
                //outAddr->sin_port = RtlUshortByteSwap(60443);
                //outAddr->sin_port = RtlUshortByteSwap(user->filterServerPort);

                //TESTING - redirects to f1
                /*addr->S_un.S_un_b.s_b1 = 174;
                addr->S_un.S_un_b.s_b2 = 129;
                addr->S_un.S_un_b.s_b3 = 199;
                addr->S_un.S_un_b.s_b4 = 168;*/

                //TESTING - redirects to local squid
                /*addr->S_un.S_un_b.s_b1 = 127;
                addr->S_un.S_un_b.s_b2 = 0;
                addr->S_un.S_un_b.s_b3 = 0;
                addr->S_un.S_un_b.s_b4 = 1;*/
                

                outAddr->sin_addr = inAddr->sin_addr;

                outAddr->sin_port = RtlUshortByteSwap(3128);            

                Log(LOGLEVEL_DEBUG,"NEW dest Addr = %hu.%hu.%hu.%hu\n",
                    addr->S_un.S_un_b.s_b1,addr->S_un.S_un_b.s_b2,addr->S_un.S_un_b.s_b3,
                    addr->S_un.S_un_b.s_b4);
                Log(LOGLEVEL_DEBUG,"NEW dest Port = %hu\n",RtlUshortByteSwap(outAddr->sin_port));
            }

            FwpsApplyModifiedLayerData0(
                classifyHandle,
                (PVOID)writableData,
                FWPS_CLASSIFY_FLAG_REAUTHORIZE_IF_MODIFIED_BY_OTHERS
                );

            FwpsReleaseClassifyHandle0(
                classifyHandle
                );

            Log(LOGLEVEL_DEBUG,"called out Connect Redirect\n");

            /* add to flowId-childId map for stream modification */
            if (FWPS_IS_METADATA_FIELD_PRESENT(inMetaValues, FWPS_METADATA_FIELD_FLOW_HANDLE))
            {
                Log(LOGLEVEL_DEBUG,"MobicipAleConnectRedirectClassify childId %d processid %lu flowId %lu\n",
                    childId,inMetaValues->processId,inMetaValues->flowHandle);
                //AddToPortChildMap(0,childId,inMetaValues->flowHandle);
            }

            if(FWPS_IS_METADATA_FIELD_PRESENT(inMetaValues,FWPS_METADATA_FIELD_PROCESS_ID))
            {
                AddToPidChildMap(inMetaValues->processId,childId);
                Log(LOGLEVEL_DEBUG,"MobicipAleConnectRedirectClassify processid %lu\n",inMetaValues->processId);
            }
        }
        //#### New code - End

        if(classifyOut)
        {
            classifyOut->actionType = FWP_ACTION_PERMIT;
        }

    Same technique when i used to redirect to a proxy in remote host works! but fails for a local redirection. I tried with 3 i/ps (1) 127.0.0.1 (2) 0.0.0.0 (3)i/p of the host system. I am  not getting any error but browser says "Problem loading Page" as soon as i hit connect. Please let me know what i am doing wrong and also any techniues available to detect error in ALE Connect Redirect Server.

    NOTE: The proxy i am trying to use is SQUID and i have a written my own minimal proxy too. Both works fine when proxy is set in browser.

    Aravind


    Life is short. Make it worth...

    Monday, December 10, 2012 12:21 PM

Answers

  • What OS is this?  I don't see you setting connectData->localRedirectTargetPID.

    localRedirectTargetPID

    The process identifier of the local host process that will be handling traffic to the address specified in localAddressAndPort. This value must be set for loopback redirect changes to be accepted by the engine.

    Hope this helps,


    Dusty Harper [MSFT]
    Microsoft Corporation
    ------------------------------------------------------------
    This posting is provided "AS IS", with NO warranties and confers NO rights
    ------------------------------------------------------------

    Tuesday, December 11, 2012 1:09 AM
    Moderator

All replies

  • What OS is this?  I don't see you setting connectData->localRedirectTargetPID.

    localRedirectTargetPID

    The process identifier of the local host process that will be handling traffic to the address specified in localAddressAndPort. This value must be set for loopback redirect changes to be accepted by the engine.

    Hope this helps,


    Dusty Harper [MSFT]
    Microsoft Corporation
    ------------------------------------------------------------
    This posting is provided "AS IS", with NO warranties and confers NO rights
    ------------------------------------------------------------

    Tuesday, December 11, 2012 1:09 AM
    Moderator
  • Hi,

    I managed to redirect all packets from port 80 to a local proxy using ALE Connect Redirect Layer. My code is working fine on Win7 (I've omitted the steps for win8+ like FwpsRedirectHandleCreate) but I'm having problems for win8+. Shouldn't the code and the steps for win7 be compatible with later OS's?

    Thank you,

    Daniel

    Thursday, February 19, 2015 6:56 AM
  • For Windows 8 and + you must acquire RedirectHandle which inturn requires a provider to be created.

    That shall fix it,pretty much.


    ___________ Regards Umar Yaqoob ___________

    Sunday, February 22, 2015 4:57 PM