JohnS

Forum Replies Created

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • in reply to: Redirect packets thru another network adapter #11526
    JohnS
    Participant

      Thank you very much for the help. I got to the bottom of the problem. It was my receiving filter not set properly, I did check the checksum and that was correct on Wireshark.

      in reply to: Redirect packets thru another network adapter #11521
      JohnS
      Participant

        The server listens to 153 port. If I disable the packet filter going to the same address would lead to a hello world html page. The SYN-ACK appears when the filter is disabled.
        Firewall is also disabled om the server

        in reply to: Redirect packets thru another network adapter #11519
        JohnS
        Participant

          Thank you for the response, I did setup a HTTP server and checked with wireshark.
          The packets do get send but I am not sure what to do next.
          https://postimg.cc/z3vG5rTn
          Not sure what the following black lines mean, they have the info: “This frame is a (suspected) retransmission”

          in reply to: Redirect packets thru another network adapter #11517
          JohnS
          Participant

            Thank you very much for the help. I added the MAC change and also now I am calculating the IP and TCP checksums.
            I made a repository with the code here: https://github.com/maryus04/TrafficReddirect
            Not sure what I do wrong. The packets get sent but no response is coming back.

            The program is looking for firefox process that should already have a page opened. (for my tests I used to search “my ip” on google) and collects all opened sockets then based on them it will make the filters.

            in reply to: Redirect packets thru another network adapter #11515
            JohnS
            Participant

              I have a feeling that I started the wrong way. I used the dotNet example from the source code.
              From that, I took the packet filter and I make filters based on source and destination IP:port of what the application has opened. For example:

              My internal IP for the normal adapter would be: 192.168.1.6
              My internal IP for the VPN adapter would be: 10.128.19.222

              And I have an application that has a connection as following:
              Local address: 10.128.32.222:50449 -> Remote address: 54.210.0.167:443

              I would listen to the VPN adapter for all the packets that are sent from 10.128.32.222:50449 to 54.210.0.167:443.
              Then take the packets and parse with PacketDotNet and change the source address to my normal adapter address so the new packet has the following network data:
              Source 192.168.1.6:50449 ; Destination: 54.210.0.167:443
              The new packet is then sent downwards the network stack thru the normal adapter.

              In a separate thread, I listen to the normal adapter for all packets that are received from Source: 54.210.0.167:443 ; Destination: 192.168.1.6:50449
              Then take the packets and parse with PacketDotNet and change the source address to my VPN adapter address so the new packet has the following network data:
              Source: 54.210.0.167:443 ; Destination: 10.128.32.222:50449
              The new packet is then sent upwards to the network stack thru the VPN adapter.

              I have little network knowledge and most probably my terminology is disappointing for what I am sorry.

            Viewing 5 posts - 1 through 5 (of 5 total)