Redirect TCP traffic only for specific applications RRS feed

  • Question

  • Hi,

    I am using FWPM_LAYER_ALE_CONNECT_REDIRECT_V4 to redirect traffic destined at server 'x' to server 'y'. This works perfectly fine. However now I need to modify the application where in the user can choose if a particular application is allowed to send traffic to the server. I can make use of FWPM_CONDITION_ALE_APP_ID to specify the list of applications for which FWPM_LAYER_ALE_CONNECT_REDIRECT_V4 can take effect. However I need to know at runtime which application is trying to access server 'x' and then prompt the user to determine if this application is allowed to access the server or not. Is there any way this could be achieved runtime? Any design thoughts around this?

    On a similar note, is it possible to get the process id or app id of the application in user level that generates a connection request which has been now redirected using FWPM_LAYER_ALE_CONNECT_REDIRECT_V4 (may be some ioctl similar to SIO_QUERY_WFP_CONNECTION_REDIRECT_RECORDS)



    • Edited by AKarnil Monday, December 2, 2019 1:33 PM
    Monday, December 2, 2019 1:27 PM