2 lxf20054658 lxf20054658 于 2015.06.05 10:45 提问

应用层代理如何获取wfp实现的连接重定向的原始的连接地址 5C

any helps will be thanks!

I have searched a lot of question,but still can't find a real answer,my goal is to get the original connect address.Some body suggest to walk previousVersion in FWPS_CONNECT_REQUEST0 structure,but not point how to walk and how to make it work,also how to access it in user mode or proxy service.I have known how to query the original connect address in windows 8,but I have no idea about windows 7.I have made the code like this:

 #if(NTDDI_VERSION >= NTDDI_WIN8)

    //SOCKADDR_STORAGE*     pSockAddrStorage = 0;

    if((*ppRedirectData)->redirectHandle)
        pConnectRequest->localRedirectHandle = (*ppRedirectData)->redirectHandle;

    HLPR_NEW_ARRAY(pSockAddrStorage,
        SOCKADDR_STORAGE,
        2,
        TUNNEL_CALLOUT_DRIVER_TAG);
    HLPR_BAIL_ON_ALLOC_FAILURE(pSockAddrStorage,
        status);

    /// Pass original remote destination values to query them in user mode
    RtlCopyMemory(&(pSockAddrStorage[0]),
        &(pConnectRequest->remoteAddressAndPort),
        sizeof(SOCKADDR_STORAGE));

    RtlCopyMemory(&(pSockAddrStorage[1]),
        &(pConnectRequest->localAddressAndPort),
        sizeof(SOCKADDR_STORAGE));

    /// WFP will take ownership of this memory and free it when the flow / redirection terminates
    pConnectRequest->localRedirectContext     = pSockAddrStorage;
    pConnectRequest->localRedirectContextSize = sizeof(SOCKADDR_STORAGE) * 2;

#endif

But I don't know how to coding on windows 7,because everybody knows on windows 7,the code of pConnectRequest->localRedirectContext is unaccessable.Is any body have any idea?thanks very much!

Also,I want to show my idea,on windows 7,I solve this question like this:store the original address by myself in drivers,after the proxy accept a connect from drivers redirect,I get the tcp source port,and I use the tcp source port to query in drivers by using DeviceControl function,but if the system have kaspersky software working,the tcp source port will be changed by kaspersky,so I can't get the right tcp source port,and ofcourse the proxy can't work correct.

2个回答

lxf20054658
lxf20054658   2015.06.05 14:43
lxf20054658
lxf20054658   2015.06.05 14:44

Csdn user default icon
上传中...
上传图片
插入图片
准确详细的回答,更有利于被提问者采纳,从而获得C币。复制、灌水、广告等回答会被删除,是时候展现真正的技术了!