├── .gitignore
├── README.md
├── bin
└── release
│ ├── win32
│ ├── install_driver.bat
│ ├── netfilter2.sys
│ ├── nfapi.dll
│ ├── nfregdrv.exe
│ └── uninstall_driver.bat
│ └── x64
│ ├── install_driver.bat
│ ├── netfilter2.sys
│ ├── nfapi.dll
│ ├── nfregdrv.exe
│ └── uninstall_driver.bat
├── include
├── nfapi.h
├── nfdriver_data.h
├── nfevents.h
└── samples_config.h
├── lib
└── release
│ ├── win32
│ ├── nfapi.exp
│ └── nfapi.lib
│ └── x64
│ ├── nfapi.exp
│ └── nfapi.lib
├── license.rtf
└── src
├── SocksRedirector.cpp
├── SocksRedirector.vcxproj
├── UdpProxy.h
├── dbglogger.h
├── icmp.h
├── iocp.h
├── linkedlist.h
├── socksdefs.h
├── stdafx.cpp
├── stdafx.h
├── sync.h
├── tcpproxy.h
├── threadpool.h
└── utf8.h
/.gitignore:
--------------------------------------------------------------------------------
1 | *.filters
2 | *.user
3 | *.sln
4 | .vs/
5 | SocksRedirector.exe
6 | /src/Debug/
7 | /src/Release/
8 | /bin/Debug/
9 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # SocksRedirector
2 |
3 | Modified `SocksRedirector` demo from [Netfilter SDK](https://netfiltersdk.com/).
4 | It transparently redirects TCP/UDP traffic to a specified SOCKS5 proxy (`wfp2socks`).
5 | WFP level kernel driver is used to filter the transmitted packets.
6 |
7 | ## Usage
8 | See `SocksRedirector.exe --help`.
9 |
10 | Run `install_driver.bat` for installing and registering the network hooking driver.
11 | The driver starts immediately and reboot is not required.
12 | Run `uninstall_driver.bat` to remove the driver from system.
13 | Elevated administrative rights must be activated explicitly for registering the driver (run the scripts using "Run as administrator" context menu item in Windows Explorer).
14 |
15 | ## License
16 | All copyrights to NetFilter SDK are exclusively owned by the author - Vitaly Sidorov.
17 |
18 | ## Note
19 | The pre-built demo driver provided by [Netfilter SDK](https://netfiltersdk.com/) filters no more than 1000000 TCP connections and UDP sockets.
20 | After exceeding this limit the filtering continues again after system reboot.
21 | You may [order](http://www.netfiltersdk.com/buy_now.html) a license for full version or source code.
22 |
--------------------------------------------------------------------------------
/bin/release/win32/install_driver.bat:
--------------------------------------------------------------------------------
1 | cd /d %~dp0
2 |
3 | rem Installing the network hooking driver build for 32-bit systems
4 |
5 | rem Copy the driver to system folder
6 | copy netfilter2.sys %windir%\system32\drivers
7 |
8 | rem Register the driver
9 | nfregdrv.exe netfilter2
10 |
11 | pause
--------------------------------------------------------------------------------
/bin/release/win32/netfilter2.sys:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dyhkwong/SocksRedirector/7489085ca4f960f4a54f89346f2e2306212eb220/bin/release/win32/netfilter2.sys
--------------------------------------------------------------------------------
/bin/release/win32/nfapi.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dyhkwong/SocksRedirector/7489085ca4f960f4a54f89346f2e2306212eb220/bin/release/win32/nfapi.dll
--------------------------------------------------------------------------------
/bin/release/win32/nfregdrv.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dyhkwong/SocksRedirector/7489085ca4f960f4a54f89346f2e2306212eb220/bin/release/win32/nfregdrv.exe
--------------------------------------------------------------------------------
/bin/release/win32/uninstall_driver.bat:
--------------------------------------------------------------------------------
1 | cd /d %~dp0
2 |
3 | rem Uninstall the network hooking driver
4 |
5 | rem Try to unload the driver
6 | sc stop netfilter2
7 |
8 | rem Unregister the driver
9 | nfregdrv.exe -u netfilter2
10 |
11 | rem Delete driver file
12 | del %windir%\system32\drivers\netfilter2.sys
13 |
14 | pause
--------------------------------------------------------------------------------
/bin/release/x64/install_driver.bat:
--------------------------------------------------------------------------------
1 | cd /d %~dp0
2 |
3 | rem Installing the network hooking driver build for 64-bit systems
4 |
5 | rem Copy the driver to system folder
6 | copy netfilter2.sys %windir%\system32\drivers
7 |
8 | rem Register the driver
9 | nfregdrv.exe netfilter2
10 |
11 | pause
--------------------------------------------------------------------------------
/bin/release/x64/netfilter2.sys:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dyhkwong/SocksRedirector/7489085ca4f960f4a54f89346f2e2306212eb220/bin/release/x64/netfilter2.sys
--------------------------------------------------------------------------------
/bin/release/x64/nfapi.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dyhkwong/SocksRedirector/7489085ca4f960f4a54f89346f2e2306212eb220/bin/release/x64/nfapi.dll
--------------------------------------------------------------------------------
/bin/release/x64/nfregdrv.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dyhkwong/SocksRedirector/7489085ca4f960f4a54f89346f2e2306212eb220/bin/release/x64/nfregdrv.exe
--------------------------------------------------------------------------------
/bin/release/x64/uninstall_driver.bat:
--------------------------------------------------------------------------------
1 | cd /d %~dp0
2 |
3 | rem Uninstall the network hooking driver
4 |
5 | rem Try to unload the driver
6 | sc stop netfilter2
7 |
8 | rem Unregister the driver
9 | nfregdrv.exe -u netfilter2
10 |
11 | rem Delete driver file
12 | del %windir%\system32\drivers\netfilter2.sys
13 |
14 | pause
--------------------------------------------------------------------------------
/include/nfapi.h:
--------------------------------------------------------------------------------
1 | //
2 | // NetFilterSDK
3 | // Copyright (C) Vitaly Sidorov
4 | // All rights reserved.
5 | //
6 | // This file is a part of the NetFilter SDK.
7 | // The code and information is provided "as-is" without
8 | // warranty of any kind, either expressed or implied.
9 | //
10 |
11 |
12 | #ifndef _NFAPI_H
13 | #define _NFAPI_H
14 |
15 | #include "nfevents.h"
16 |
17 | #ifdef _NFAPI_STATIC_LIB
18 | #define NFAPI_API
19 | #else
20 | #ifdef NFAPI_EXPORTS
21 | #define NFAPI_API __declspec(dllexport)
22 | #else
23 | #define NFAPI_API __declspec(dllimport)
24 | #endif
25 | #endif
26 |
27 | // Flags for NF_UDP_OPTIONS.flags
28 |
29 | #define TDI_RECEIVE_BROADCAST 0x00000004 // received TSDU was broadcast.
30 | #define TDI_RECEIVE_MULTICAST 0x00000008 // received TSDU was multicast.
31 | #define TDI_RECEIVE_PARTIAL 0x00000010 // received TSDU is not fully presented.
32 | #define TDI_RECEIVE_NORMAL 0x00000020 // received TSDU is normal data
33 | #define TDI_RECEIVE_EXPEDITED 0x00000040 // received TSDU is expedited data
34 | #define TDI_RECEIVE_PEEK 0x00000080 // received TSDU is not released
35 | #define TDI_RECEIVE_NO_RESPONSE_EXP 0x00000100 // HINT: no back-traffic expected
36 | #define TDI_RECEIVE_COPY_LOOKAHEAD 0x00000200 // for kernel-mode indications
37 | #define TDI_RECEIVE_ENTIRE_MESSAGE 0x00000400 // opposite of RECEIVE_PARTIAL
38 | // (for kernel-mode indications)
39 | #define TDI_RECEIVE_AT_DISPATCH_LEVEL 0x00000800 // receive indication called
40 | // at dispatch level
41 | #define TDI_RECEIVE_CONTROL_INFO 0x00001000 // Control info is being passed up.
42 | #define TDI_RECEIVE_FORCE_INDICATION 0x00002000 // reindicate rejected data.
43 | #define TDI_RECEIVE_NO_PUSH 0x00004000 // complete only when full.
44 |
45 | typedef enum _NF_FLAGS
46 | {
47 | NFF_NONE = 0,
48 | NFF_DONT_DISABLE_TEREDO = 1,
49 | NFF_DONT_DISABLE_TCP_OFFLOADING = 2,
50 | NFF_DISABLE_AUTO_REGISTER = 4,
51 | NFF_DISABLE_AUTO_START = 8,
52 | } NF_FLAGS;
53 |
54 | #ifndef _C_API
55 | namespace nfapi
56 | {
57 | #define NFAPI_NS nfapi::
58 | #define NFAPI_CC
59 | #else // _C_API
60 | #define NFAPI_CC __cdecl
61 | #define NFAPI_NS
62 | #ifdef __cplusplus
63 | extern "C"
64 | {
65 | #endif
66 | #endif // _C_API
67 |
68 | /**
69 | * Initializes the internal data structures and starts the filtering thread.
70 | * @param driverName The name of hooking driver, without ".sys" extension.
71 | * @param pHandler Pointer to event handling object
72 | **/
73 | NFAPI_API NF_STATUS NFAPI_CC
74 | nf_init(const char * driverName, NF_EventHandler * pHandler);
75 |
76 | /**
77 | * Stops the filtering thread, breaks all filtered connections and closes
78 | * a connection with the hooking driver.
79 | **/
80 | NFAPI_API void NFAPI_CC
81 | nf_free();
82 |
83 | /**
84 | * Registers and starts a driver with specified name (without ".sys" extension)
85 | * @param driverName
86 | **/
87 | NFAPI_API NF_STATUS NFAPI_CC
88 | nf_registerDriver(const char * driverName);
89 |
90 | /**
91 | * Registers and starts a driver with specified name (without ".sys" extension) and path to driver folder
92 | * @param driverName
93 | * @param driverPath
94 | **/
95 | NFAPI_API NF_STATUS NFAPI_CC
96 | nf_registerDriverEx(const char * driverName, const char * driverPath);
97 |
98 | /**
99 | * Unregisters a driver with specified name (without ".sys" extension)
100 | * @param driverName
101 | **/
102 | NFAPI_API NF_STATUS NFAPI_CC
103 | nf_unRegisterDriver(const char * driverName);
104 |
105 |
106 | //
107 | // TCP control routines
108 | //
109 |
110 | /**
111 | * Suspends or resumes indicating of sends and receives for specified connection.
112 | * @param id Connection identifier
113 | * @param suspended TRUE(1) for suspend, FALSE(0) for resume
114 | **/
115 | NFAPI_API NF_STATUS NFAPI_CC
116 | nf_tcpSetConnectionState(ENDPOINT_ID id, int suspended);
117 |
118 | /**
119 | * Sends the buffer to remote server via specified connection.
120 | * @param id Connection identifier
121 | * @param buf Pointer to data buffer
122 | * @param len Buffer length
123 | **/
124 | NFAPI_API NF_STATUS NFAPI_CC
125 | nf_tcpPostSend(ENDPOINT_ID id, const char * buf, int len);
126 |
127 | /**
128 | * Indicates the buffer to local process via specified connection.
129 | * @param id Unique connection identifier
130 | * @param buf Pointer to data buffer
131 | * @param len Buffer length
132 | **/
133 | NFAPI_API NF_STATUS NFAPI_CC
134 | nf_tcpPostReceive(ENDPOINT_ID id, const char * buf, int len);
135 |
136 | /**
137 | * Breaks the connection with given id.
138 | * @param id Connection identifier
139 | **/
140 | NFAPI_API NF_STATUS NFAPI_CC
141 | nf_tcpClose(ENDPOINT_ID id);
142 |
143 | /**
144 | * Sets the timeout for TCP connections and returns old timeout.
145 | * @param timeout Timeout value in milliseconds. Specify zero value to disable timeouts.
146 | */
147 | NFAPI_API unsigned long NFAPI_CC
148 | nf_setTCPTimeout(unsigned long timeout);
149 |
150 | /**
151 | * Disables indicating TCP packets to user mode for the specified endpoint
152 | * @param id Socket identifier
153 | */
154 | NFAPI_API NF_STATUS NFAPI_CC
155 | nf_tcpDisableFiltering(ENDPOINT_ID id);
156 |
157 |
158 | //
159 | // UDP control routines
160 | //
161 |
162 | /**
163 | * Suspends or resumes indicating of sends and receives for specified socket.
164 | * @param id Socket identifier
165 | * @param suspended TRUE(1) for suspend, FALSE(0) for resume
166 | **/
167 | NFAPI_API NF_STATUS NFAPI_CC
168 | nf_udpSetConnectionState(ENDPOINT_ID id, int suspended);
169 |
170 | /**
171 | * Sends the buffer to remote server via specified socket.
172 | * @param id Socket identifier
173 | * @param options UDP options
174 | * @param remoteAddress Destination address
175 | * @param buf Pointer to data buffer
176 | * @param len Buffer length
177 | **/
178 | NFAPI_API NF_STATUS NFAPI_CC
179 | nf_udpPostSend(ENDPOINT_ID id, const unsigned char * remoteAddress, const char * buf, int len, PNF_UDP_OPTIONS options);
180 |
181 | /**
182 | * Indicates the buffer to local process via specified socket.
183 | * @param id Unique connection identifier
184 | * @param options UDP options
185 | * @param remoteAddress Source address
186 | * @param buf Pointer to data buffer
187 | * @param len Buffer length
188 | **/
189 | NFAPI_API NF_STATUS NFAPI_CC
190 | nf_udpPostReceive(ENDPOINT_ID id, const unsigned char * remoteAddress, const char * buf, int len, PNF_UDP_OPTIONS options);
191 |
192 | /**
193 | * Disables indicating UDP packets to user mode for the specified endpoint
194 | * @param id Socket identifier
195 | */
196 | NFAPI_API NF_STATUS NFAPI_CC
197 | nf_udpDisableFiltering(ENDPOINT_ID id);
198 |
199 |
200 | /**
201 | * Sends a packet to remote IP
202 | * @param buf Pointer to IP packet
203 | * @param len Buffer length
204 | * @param options IP options
205 | **/
206 | NFAPI_API NF_STATUS NFAPI_CC
207 | nf_ipPostSend(const char * buf, int len, PNF_IP_PACKET_OPTIONS options);
208 |
209 | /**
210 | * Indicates a packet to TCP/IP stack
211 | * @param buf Pointer to IP packet
212 | * @param len Buffer length
213 | * @param options IP options
214 | **/
215 | NFAPI_API NF_STATUS NFAPI_CC
216 | nf_ipPostReceive(const char * buf, int len, PNF_IP_PACKET_OPTIONS options);
217 |
218 | //
219 | // Filtering rules
220 | //
221 |
222 | /**
223 | * Add a rule to the head of rules list in driver.
224 | * @param pRule See NF_RULE
225 | * @param toHead TRUE (1) - add rule to list head, FALSE (0) - add rule to tail
226 | **/
227 | NFAPI_API NF_STATUS NFAPI_CC
228 | nf_addRule(PNF_RULE pRule, int toHead);
229 |
230 | /**
231 | * Removes all rules from driver.
232 | **/
233 | NFAPI_API NF_STATUS NFAPI_CC
234 | nf_deleteRules();
235 |
236 | /**
237 | * Replace the rules in driver with the specified array.
238 | * @param pRules Array of NF_RULE structures
239 | * @param count Number of items in array
240 | **/
241 | NFAPI_API NF_STATUS NFAPI_CC
242 | nf_setRules(PNF_RULE pRules, int count);
243 |
244 | /**
245 | * Add a rule to the head of rules list in driver.
246 | * @param pRule See NF_RULE_EX
247 | * @param toHead TRUE (1) - add rule to list head, FALSE (0) - add rule to tail
248 | **/
249 | NFAPI_API NF_STATUS NFAPI_CC
250 | nf_addRuleEx(PNF_RULE_EX pRule, int toHead);
251 |
252 | /**
253 | * Replace the rules in driver with the specified array.
254 | * @param pRules Array of NF_RULE_EX structures
255 | * @param count Number of items in array
256 | **/
257 | NFAPI_API NF_STATUS NFAPI_CC
258 | nf_setRulesEx(PNF_RULE_EX pRules, int count);
259 |
260 | //
261 | // Debug routine
262 | //
263 |
264 | NFAPI_API unsigned long NFAPI_CC
265 | nf_getConnCount();
266 |
267 | NFAPI_API NF_STATUS NFAPI_CC
268 | nf_tcpSetSockOpt(ENDPOINT_ID id, int optname, const char* optval, int optlen);
269 |
270 | /**
271 | * Returns the process name for given process id
272 | * @param processId Process identifier
273 | * @param buf Buffer
274 | * @param len Buffer length
275 | **/
276 | NFAPI_API BOOL NFAPI_CC
277 | nf_getProcessNameA(DWORD processId, char * buf, DWORD len);
278 |
279 | NFAPI_API BOOL NFAPI_CC
280 | nf_getProcessNameW(DWORD processId, wchar_t * buf, DWORD len);
281 |
282 | #ifdef UNICODE
283 | #define nf_getProcessName nf_getProcessNameW
284 | #else
285 | #define nf_getProcessName nf_getProcessNameA
286 | #endif
287 |
288 | NFAPI_API BOOL NFAPI_CC
289 | nf_getProcessNameFromKernel(DWORD processId, wchar_t * buf, DWORD len);
290 |
291 | /**
292 | * Allows the current process to see the names of all processes in system
293 | **/
294 | NFAPI_API void NFAPI_CC
295 | nf_adjustProcessPriviledges();
296 |
297 | /**
298 | * Returns TRUE if the specified process acts as a local proxy, accepting the redirected TCP connections.
299 | **/
300 | NFAPI_API BOOL NFAPI_CC
301 | nf_tcpIsProxy(DWORD processId);
302 |
303 | /**
304 | * Set the number of worker threads and initialization flags.
305 | * The function should be called before nf_init.
306 | * By default nThreads = 1 and flags = 0
307 | * @param nThreads Number of worker threads for NF_EventHandler events
308 | * @param flags A combination of flags from NF_FLAGS
309 | **/
310 | NFAPI_API void NFAPI_CC
311 | nf_setOptions(DWORD nThreads, DWORD flags);
312 |
313 | /**
314 | * Complete TCP connect request pended using flag NF_PEND_CONNECT_REQUEST.
315 | **/
316 | NFAPI_API NF_STATUS NFAPI_CC
317 | nf_completeTCPConnectRequest(ENDPOINT_ID id, PNF_TCP_CONN_INFO pConnInfo);
318 |
319 | /**
320 | * Complete UDP connect request pended using flag NF_PEND_CONNECT_REQUEST.
321 | **/
322 | NFAPI_API NF_STATUS NFAPI_CC
323 | nf_completeUDPConnectRequest(ENDPOINT_ID id, PNF_UDP_CONN_REQUEST pConnInfo);
324 |
325 | /**
326 | * Returns in pConnInfo the properties of TCP connection with specified id.
327 | **/
328 | NFAPI_API NF_STATUS NFAPI_CC
329 | nf_getTCPConnInfo(ENDPOINT_ID id, PNF_TCP_CONN_INFO pConnInfo);
330 |
331 | /**
332 | * Returns in pConnInfo the properties of UDP socket with specified id.
333 | **/
334 | NFAPI_API NF_STATUS NFAPI_CC
335 | nf_getUDPConnInfo(ENDPOINT_ID id, PNF_UDP_CONN_INFO pConnInfo);
336 |
337 | /**
338 | * Set the event handler for IP filtering events
339 | */
340 | NFAPI_API void NFAPI_CC
341 | nf_setIPEventHandler(NF_IPEventHandler * pHandler);
342 |
343 | /**
344 | * Add flow control context
345 | */
346 | NFAPI_API NF_STATUS NFAPI_CC
347 | nf_addFlowCtl(PNF_FLOWCTL_DATA pData, unsigned int * pFcHandle);
348 |
349 | /**
350 | * Delete flow control context
351 | */
352 | NFAPI_API NF_STATUS NFAPI_CC
353 | nf_deleteFlowCtl(unsigned int fcHandle);
354 |
355 | /**
356 | * Associate flow control context with TCP connection
357 | */
358 | NFAPI_API NF_STATUS NFAPI_CC
359 | nf_setTCPFlowCtl(ENDPOINT_ID id, unsigned int fcHandle);
360 |
361 | /**
362 | * Associate flow control context with UDP socket
363 | */
364 | NFAPI_API NF_STATUS NFAPI_CC
365 | nf_setUDPFlowCtl(ENDPOINT_ID id, unsigned int fcHandle);
366 |
367 | /**
368 | * Modify flow control context limits
369 | */
370 | NFAPI_API NF_STATUS NFAPI_CC
371 | nf_modifyFlowCtl(unsigned int fcHandle, PNF_FLOWCTL_DATA pData);
372 |
373 | /**
374 | * Get flow control context statistics as the numbers of in/out bytes
375 | */
376 | NFAPI_API NF_STATUS NFAPI_CC
377 | nf_getFlowCtlStat(unsigned int fcHandle, PNF_FLOWCTL_STAT pStat);
378 |
379 | /**
380 | * Get TCP connection statistics as the numbers of in/out bytes.
381 | * The function can be called only from tcpClosed handler!
382 | */
383 | NFAPI_API NF_STATUS NFAPI_CC
384 | nf_getTCPStat(ENDPOINT_ID id, PNF_FLOWCTL_STAT pStat);
385 |
386 | /**
387 | * Get UDP socket statistics as the numbers of in/out bytes.
388 | * The function can be called only from udpClosed handler!
389 | */
390 | NFAPI_API NF_STATUS NFAPI_CC
391 | nf_getUDPStat(ENDPOINT_ID id, PNF_FLOWCTL_STAT pStat);
392 |
393 | /**
394 | * Add binding rule to driver
395 | */
396 | NFAPI_API NF_STATUS NFAPI_CC
397 | nf_addBindingRule(PNF_BINDING_RULE pRule, int toHead);
398 |
399 | /**
400 | * Delete all binding rules from driver
401 | */
402 | NFAPI_API NF_STATUS NFAPI_CC
403 | nf_deleteBindingRules();
404 |
405 | /**
406 | * Returns the type of attached driver (DT_WFP, DT_TDI or DT_UNKNOWN)
407 | */
408 | NFAPI_API unsigned long NFAPI_CC
409 | nf_getDriverType();
410 |
411 | #ifdef __cplusplus
412 | }
413 | #endif
414 |
415 | #endif
--------------------------------------------------------------------------------
/include/nfdriver_data.h:
--------------------------------------------------------------------------------
1 | //
2 | // NetFilterSDK
3 | // Copyright (C) Vitaly Sidorov
4 | // All rights reserved.
5 | //
6 | // This file is a part of the NetFilter SDK.
7 | // The code and information is provided "as-is" without
8 | // warranty of any kind, either expressed or implied.
9 | //
10 |
11 |
12 | #ifndef _NFDRIVER_DATA_H
13 | #define _NFDRIVER_DATA_H
14 |
15 | #define NF_TCP_PACKET_BUF_SIZE 8192
16 | #define NF_UDP_PACKET_BUF_SIZE 2 * 65536
17 |
18 | typedef enum _NF_DIRECTION
19 | {
20 | NF_D_IN = 1, // Incoming TCP connection or UDP packet
21 | NF_D_OUT = 2, // Outgoing TCP connection or UDP packet
22 | NF_D_BOTH = 3 // Any direction
23 | } NF_DIRECTION;
24 |
25 | typedef enum _NF_FILTERING_FLAG
26 | {
27 | NF_ALLOW = 0, // Allow the activity without filtering transmitted packets
28 | NF_BLOCK = 1, // Block the activity
29 | NF_FILTER = 2, // Filter the transmitted packets
30 | NF_SUSPENDED = 4, // Suspend receives from server and sends from client
31 | NF_OFFLINE = 8, // Emulate establishing a TCP connection with remote server
32 | NF_INDICATE_CONNECT_REQUESTS = 16, // Indicate outgoing connect requests to API
33 | NF_DISABLE_REDIRECT_PROTECTION = 32, // Disable blocking indicating connect requests for outgoing connections of local proxies
34 | NF_PEND_CONNECT_REQUEST = 64, // Pend outgoing connect request to complete it later using nf_complete(TCP|UDP)ConnectRequest
35 | NF_FILTER_AS_IP_PACKETS = 128, // Indicate the traffic as IP packets via ipSend/ipReceive
36 | NF_READONLY = 256, // Don't block the IP packets and indicate them to ipSend/ipReceive only for monitoring
37 | NF_CONTROL_FLOW = 512, // Use the flow limit rules even without NF_FILTER flag
38 | NF_REDIRECT = 1024, // Redirect the outgoing TCP connections to address specified in redirectTo
39 | NF_BYPASS_IP_PACKETS = 2048, // Bypass the traffic as IP packets, when used with NF_FILTER_AS_IP_PACKETS flag
40 | } NF_FILTERING_FLAG;
41 |
42 | #pragma pack(push, 1)
43 |
44 | #define NF_MAX_ADDRESS_LENGTH 28
45 | #define NF_MAX_IP_ADDRESS_LENGTH 16
46 |
47 | #ifndef AF_INET
48 | #define AF_INET 2 /* internetwork: UDP, TCP, etc. */
49 | #endif
50 |
51 | #ifndef AF_INET6
52 | #define AF_INET6 23 /* Internetwork Version 6 */
53 | #endif
54 |
55 | // Protocols
56 |
57 | #ifndef IPPROTO_TCP
58 | #define IPPROTO_TCP 6
59 | #endif
60 |
61 | #ifndef IPPROTO_UDP
62 | #define IPPROTO_UDP 17
63 | #endif
64 |
65 | /**
66 | * Filtering rule
67 | **/
68 | typedef UNALIGNED struct _NF_RULE
69 | {
70 | int protocol; // IPPROTO_TCP or IPPROTO_UDP
71 | unsigned long processId; // Process identifier
72 | unsigned char direction; // See NF_DIRECTION
73 | unsigned short localPort; // Local port
74 | unsigned short remotePort; // Remote port
75 | unsigned short ip_family; // AF_INET for IPv4 and AF_INET6 for IPv6
76 |
77 | // Local IP (or network if localIpAddressMask is not zero)
78 | unsigned char localIpAddress[NF_MAX_IP_ADDRESS_LENGTH];
79 |
80 | // Local IP mask
81 | unsigned char localIpAddressMask[NF_MAX_IP_ADDRESS_LENGTH];
82 |
83 | // Remote IP (or network if remoteIpAddressMask is not zero)
84 | unsigned char remoteIpAddress[NF_MAX_IP_ADDRESS_LENGTH];
85 |
86 | // Remote IP mask
87 | unsigned char remoteIpAddressMask[NF_MAX_IP_ADDRESS_LENGTH];
88 |
89 | unsigned long filteringFlag; // See NF_FILTERING_FLAG
90 | } NF_RULE, *PNF_RULE;
91 |
92 |
93 | typedef struct _NF_PORT_RANGE
94 | {
95 | unsigned short valueLow;
96 | unsigned short valueHigh;
97 | } NF_PORT_RANGE, *PNF_PORT_RANGE;
98 |
99 |
100 | /**
101 | * Filtering rule with additional fields
102 | **/
103 | typedef UNALIGNED struct _NF_RULE_EX
104 | {
105 | int protocol; // IPPROTO_TCP or IPPROTO_UDP
106 | unsigned long processId; // Process identifier
107 | unsigned char direction; // See NF_DIRECTION
108 | unsigned short localPort; // Local port
109 | unsigned short remotePort; // Remote port
110 | unsigned short ip_family; // AF_INET for IPv4 and AF_INET6 for IPv6
111 |
112 | // Local IP (or network if localIpAddressMask is not zero)
113 | unsigned char localIpAddress[NF_MAX_IP_ADDRESS_LENGTH];
114 |
115 | // Local IP mask
116 | unsigned char localIpAddressMask[NF_MAX_IP_ADDRESS_LENGTH];
117 |
118 | // Remote IP (or network if remoteIpAddressMask is not zero)
119 | unsigned char remoteIpAddress[NF_MAX_IP_ADDRESS_LENGTH];
120 |
121 | // Remote IP mask
122 | unsigned char remoteIpAddressMask[NF_MAX_IP_ADDRESS_LENGTH];
123 |
124 | unsigned long filteringFlag; // See NF_FILTERING_FLAG
125 |
126 | // Process name tail mask (supports * as 0 or more symbols)
127 | wchar_t processName[_MAX_PATH];
128 |
129 | NF_PORT_RANGE localPortRange; // Local port(s)
130 | NF_PORT_RANGE remotePortRange; // Remote port(s)
131 |
132 | // Remote address for redirection as sockaddr_in for IPv4 and sockaddr_in6 for IPv6
133 | unsigned char redirectTo[NF_MAX_ADDRESS_LENGTH];
134 | // Process identifier of a local proxy
135 | unsigned long localProxyProcessId;
136 |
137 | } NF_RULE_EX, *PNF_RULE_EX;
138 |
139 | typedef unsigned __int64 ENDPOINT_ID;
140 |
141 |
142 | /**
143 | * TCP connection properties
144 | **/
145 | typedef UNALIGNED struct _NF_TCP_CONN_INFO
146 | {
147 | unsigned long filteringFlag; // See NF_FILTERING_FLAG
148 | unsigned long processId; // Process identifier
149 | unsigned char direction; // See NF_DIRECTION
150 | unsigned short ip_family; // AF_INET for IPv4 and AF_INET6 for IPv6
151 |
152 | // Local address as sockaddr_in for IPv4 and sockaddr_in6 for IPv6
153 | unsigned char localAddress[NF_MAX_ADDRESS_LENGTH];
154 |
155 | // Remote address as sockaddr_in for IPv4 and sockaddr_in6 for IPv6
156 | unsigned char remoteAddress[NF_MAX_ADDRESS_LENGTH];
157 |
158 | } NF_TCP_CONN_INFO, *PNF_TCP_CONN_INFO;
159 |
160 | /**
161 | * UDP endpoint properties
162 | **/
163 | typedef UNALIGNED struct _NF_UDP_CONN_INFO
164 | {
165 | unsigned long processId; // Process identifier
166 | unsigned short ip_family; // AF_INET for IPv4 and AF_INET6 for IPv6
167 |
168 | // Local address as sockaddr_in for IPv4 and sockaddr_in6 for IPv6
169 | unsigned char localAddress[NF_MAX_ADDRESS_LENGTH];
170 |
171 | } NF_UDP_CONN_INFO, *PNF_UDP_CONN_INFO;
172 |
173 | /**
174 | * UDP TDI_CONNECT request properties
175 | **/
176 | typedef UNALIGNED struct _NF_UDP_CONN_REQUEST
177 | {
178 | unsigned long filteringFlag; // See NF_FILTERING_FLAG
179 | unsigned long processId; // Process identifier
180 | unsigned short ip_family; // AF_INET for IPv4 and AF_INET6 for IPv6
181 |
182 | // Local address as sockaddr_in for IPv4 and sockaddr_in6 for IPv6
183 | unsigned char localAddress[NF_MAX_ADDRESS_LENGTH];
184 |
185 | // Remote address as sockaddr_in for IPv4 and sockaddr_in6 for IPv6
186 | unsigned char remoteAddress[NF_MAX_ADDRESS_LENGTH];
187 |
188 | } NF_UDP_CONN_REQUEST, *PNF_UDP_CONN_REQUEST;
189 |
190 | /**
191 | * UDP options
192 | **/
193 | typedef UNALIGNED struct _NF_UDP_OPTIONS
194 | {
195 | unsigned long flags; // Datagram flags
196 | long optionsLength; // Length of options buffer
197 | unsigned char options[1]; // Options of variable size
198 | } NF_UDP_OPTIONS, *PNF_UDP_OPTIONS;
199 |
200 | typedef enum _NF_IP_FLAG
201 | {
202 | NFIF_NONE = 0, // No flags
203 | NFIF_READONLY = 1, // The packet was not blocked and indicated only for monitoring in read-only mode
204 | // (see NF_READ_ONLY flags from NF_FILTERING_FLAG).
205 | } NF_IP_FLAG;
206 |
207 | /**
208 | * IP options
209 | **/
210 | typedef struct _NF_IP_PACKET_OPTIONS
211 | {
212 | unsigned short ip_family; // AF_INET for IPv4 and AF_INET6 for IPv6
213 | unsigned int ipHeaderSize; // Size in bytes of IP header
214 | unsigned long compartmentId; // Network routing compartment identifier (can be zero)
215 | unsigned long interfaceIndex; // Index of the interface on which the original packet data was received (irrelevant to outgoing packets)
216 | unsigned long subInterfaceIndex; // Index of the subinterface on which the original packet data was received (irrelevant to outgoing packets)
217 | unsigned long flags; // Can be a combination of flags from NF_IP_FLAG enumeration
218 | } NF_IP_PACKET_OPTIONS, *PNF_IP_PACKET_OPTIONS;
219 |
220 | /**
221 | * Internal IO structure
222 | **/
223 | typedef UNALIGNED struct _NF_DATA
224 | {
225 | int code;
226 | ENDPOINT_ID id;
227 | unsigned long bufferSize;
228 | char buffer[1];
229 | } NF_DATA, *PNF_DATA;
230 |
231 | typedef UNALIGNED struct _NF_BUFFERS
232 | {
233 | unsigned __int64 inBuf;
234 | unsigned __int64 inBufLen;
235 | unsigned __int64 outBuf;
236 | unsigned __int64 outBufLen;
237 | } NF_BUFFERS, *PNF_BUFFERS;
238 |
239 | typedef UNALIGNED struct _NF_READ_RESULT
240 | {
241 | unsigned __int64 length;
242 | } NF_READ_RESULT, *PNF_READ_RESULT;
243 |
244 | typedef UNALIGNED struct _NF_FLOWCTL_DATA
245 | {
246 | unsigned __int64 inLimit;
247 | unsigned __int64 outLimit;
248 | } NF_FLOWCTL_DATA, *PNF_FLOWCTL_DATA;
249 |
250 | typedef UNALIGNED struct _NF_FLOWCTL_MODIFY_DATA
251 | {
252 | unsigned int fcHandle;
253 | NF_FLOWCTL_DATA data;
254 | } NF_FLOWCTL_MODIFY_DATA, *PNF_FLOWCTL_MODIFY_DATA;
255 |
256 | typedef UNALIGNED struct _NF_FLOWCTL_STAT
257 | {
258 | unsigned __int64 inBytes;
259 | unsigned __int64 outBytes;
260 | } NF_FLOWCTL_STAT, *PNF_FLOWCTL_STAT;
261 |
262 | typedef UNALIGNED struct _NF_FLOWCTL_SET_DATA
263 | {
264 | unsigned __int64 endpointId;
265 | unsigned int fcHandle;
266 | } NF_FLOWCTL_SET_DATA, *PNF_FLOWCTL_SET_DATA;
267 |
268 |
269 | /**
270 | * Binding rule
271 | **/
272 | typedef UNALIGNED struct _NF_BINDING_RULE
273 | {
274 | int protocol; // IPPROTO_TCP or IPPROTO_UDP
275 |
276 | unsigned long processId; // Process identifier
277 |
278 | // Process name tail mask (supports * as 0 or more symbols)
279 | wchar_t processName[_MAX_PATH];
280 |
281 | unsigned short localPort; // Local port
282 |
283 | unsigned short ip_family; // AF_INET for IPv4 and AF_INET6 for IPv6
284 |
285 | // Local IP (or network if localIpAddressMask is not zero)
286 | unsigned char localIpAddress[NF_MAX_IP_ADDRESS_LENGTH];
287 |
288 | // Local IP mask
289 | unsigned char localIpAddressMask[NF_MAX_IP_ADDRESS_LENGTH];
290 |
291 | // Redirect bind request to this IP
292 | unsigned char newLocalIpAddress[NF_MAX_IP_ADDRESS_LENGTH];
293 |
294 | // Redirect bind request to this port, if it is not zero
295 | unsigned short newLocalPort;
296 |
297 | unsigned long filteringFlag; // See NF_FILTERING_FLAG, NF_ALLOW or NF_FILTER
298 |
299 | } NF_BINDING_RULE, *PNF_BINDING_RULE;
300 |
301 |
302 | #pragma pack(pop)
303 |
304 | #ifdef WIN32
305 |
306 | typedef enum _NF_DRIVER_TYPE
307 | {
308 | DT_UNKNOWN = 0,
309 | DT_TDI = 1,
310 | DT_WFP = 2,
311 | DT_SOCK = 3,
312 | } NF_DRIVER_TYPE;
313 |
314 | #endif
315 |
316 | #endif // _NFDRIVER_DATA_H
--------------------------------------------------------------------------------
/include/nfevents.h:
--------------------------------------------------------------------------------
1 | //
2 | // NetFilterSDK
3 | // Copyright (C) Vitaly Sidorov
4 | // All rights reserved.
5 | //
6 | // This file is a part of the NetFilter SDK.
7 | // The code and information is provided "as-is" without
8 | // warranty of any kind, either expressed or implied.
9 | //
10 |
11 |
12 | #ifndef _NFEVENTS_H
13 | #define _NFEVENTS_H
14 |
15 | /**
16 | * Return status codes
17 | **/
18 | typedef enum _NF_STATUS
19 | {
20 | NF_STATUS_SUCCESS = 0,
21 | NF_STATUS_FAIL = -1,
22 | NF_STATUS_INVALID_ENDPOINT_ID = -2,
23 | NF_STATUS_NOT_INITIALIZED = -3,
24 | NF_STATUS_IO_ERROR = -4,
25 | NF_STATUS_REBOOT_REQUIRED = -5
26 | } NF_STATUS;
27 |
28 | #ifndef _C_API
29 |
30 | #define NFAPI_NS nfapi::
31 | #define NFAPI_CC
32 |
33 | /////////////////////////////////////////////////////////////////////////////////////
34 | // C++ API
35 | /////////////////////////////////////////////////////////////////////////////////////
36 |
37 | namespace nfapi
38 | {
39 | #include "nfdriver_data.h"
40 |
41 | /**
42 | * Filtering events
43 | **/
44 | class NF_EventHandler
45 | {
46 | public:
47 |
48 | /**
49 | * Called immediately after starting the filtering thread.
50 | * Use this event for thread-specific initialization, e.g. calling
51 | * CoInitialize() etc.
52 | **/
53 | virtual void threadStart() = 0;
54 |
55 | /**
56 | * Called before stopping the thread.
57 | **/
58 | virtual void threadEnd() = 0;
59 |
60 | //
61 | // TCP events
62 | //
63 |
64 | /**
65 | * Called before establishing an outgoing TCP connection,
66 | * when NF_INDICATE_CONNECT_REQUESTS flag is specified in an appropriate rule.
67 | * It is possible to change pConnInfo->filteringFlag and pConnInfo->remoteAddress
68 | * in this handler. The changes will be applied to connection.
69 | * @param id Unique connection identifier
70 | * @param pConnInfo Connection parameters, see NF_TCP_CONN_INFO
71 | **/
72 | virtual void tcpConnectRequest(ENDPOINT_ID id, PNF_TCP_CONN_INFO pConnInfo) = 0;
73 |
74 | /**
75 | * Called after successful establishing the incoming or outgoing TCP connection.
76 | * @param id Unique connection identifier
77 | * @param pConnInfo Connection parameters, see NF_TCP_CONN_INFO
78 | **/
79 | virtual void tcpConnected(ENDPOINT_ID id, PNF_TCP_CONN_INFO pConnInfo) = 0;
80 |
81 | /**
82 | * Called after closing the connection identified by id.
83 | * @param id Unique connection identifier
84 | * @param pConnInfo Connection parameters, see NF_TCP_CONN_INFO
85 | **/
86 | virtual void tcpClosed(ENDPOINT_ID id, PNF_TCP_CONN_INFO pConnInfo) = 0;
87 |
88 | /**
89 | * Indicates the buffer received from server.
90 | * @param id Unique connection identifier
91 | * @param buf Pointer to data buffer
92 | * @param len Buffer length
93 | **/
94 | virtual void tcpReceive(ENDPOINT_ID id, const char * buf, int len) = 0;
95 |
96 | /**
97 | * Indicates the buffer sent from the local socket.
98 | * @param id Unique connection identifier
99 | * @param buf Pointer to data buffer
100 | * @param len Buffer length
101 | **/
102 | virtual void tcpSend(ENDPOINT_ID id, const char * buf, int len) = 0;
103 |
104 | /**
105 | * Informs that the internal buffer for receives is empty and
106 | * it is possible to call nf_tcpPostReceive for pushing receives
107 | * via specified connection.
108 | * @param id Unique connection identifier
109 | **/
110 | virtual void tcpCanReceive(ENDPOINT_ID id) = 0;
111 |
112 | /**
113 | * Informs that the internal buffer for sends is empty and
114 | * it is possible to call nf_tcpPostSend for pushing sends
115 | * via specified connection.
116 | * @param id Unique connection identifier
117 | **/
118 | virtual void tcpCanSend(ENDPOINT_ID id) = 0;
119 |
120 |
121 | //
122 | // UDP events
123 | //
124 |
125 | /**
126 | * Called after creating UDP socket.
127 | * @param id Unique socket identifier
128 | * @param pConnInfo Socket parameters, see NF_UDP_CONN_INFO
129 | **/
130 | virtual void udpCreated(ENDPOINT_ID id, PNF_UDP_CONN_INFO pConnInfo) = 0;
131 |
132 | /**
133 | * Called before establishing an outgoing UDP connection,
134 | * when NF_INDICATE_CONNECT_REQUESTS flag is specified in an appropriate rule.
135 | * It is possible to change pConnReq->filteringFlag and pConnReq->remoteAddress
136 | * in this handler. The changes will be applied to connection.
137 | * @param id Unique connection identifier
138 | * @param pConnInfo Connection parameters, see NF_UDP_CONN_REQUEST
139 | **/
140 | virtual void udpConnectRequest(ENDPOINT_ID id, PNF_UDP_CONN_REQUEST pConnReq) = 0;
141 |
142 | /**
143 | * Called after closing UDP socket identified by id.
144 | * @param id Unique socket identifier
145 | * @param pConnInfo Socket parameters, see NF_UDP_CONN_INFO
146 | **/
147 | virtual void udpClosed(ENDPOINT_ID id, PNF_UDP_CONN_INFO pConnInfo) = 0;
148 |
149 | /**
150 | * Indicates the buffer received from server.
151 | * @param id Unique socket identifier
152 | * @param options UDP options
153 | * @param remoteAddress Source address
154 | * @param buf Pointer to data buffer
155 | * @param len Buffer length
156 | **/
157 | virtual void udpReceive(ENDPOINT_ID id, const unsigned char * remoteAddress, const char * buf, int len, PNF_UDP_OPTIONS options) = 0;
158 |
159 | /**
160 | * Indicates the buffer sent from the local socket.
161 | * @param id Unique socket identifier
162 | * @param options UDP options
163 | * @param remoteAddress Destination address
164 | * @param buf Pointer to data buffer
165 | * @param len Buffer length
166 | **/
167 | virtual void udpSend(ENDPOINT_ID id, const unsigned char * remoteAddress, const char * buf, int len, PNF_UDP_OPTIONS options) = 0;
168 |
169 | /**
170 | * Informs that the internal buffer for receives is empty and
171 | * it is possible to call nf_udpPostReceive for pushing receives
172 | * via specified socket.
173 | * @param id Unique socket identifier
174 | **/
175 | virtual void udpCanReceive(ENDPOINT_ID id) = 0;
176 |
177 | /**
178 | * Informs that the internal buffer for sends is empty and
179 | * it is possible to call nf_udpPostSend for pushing sends
180 | * via specified socket.
181 | * @param id Unique socket identifier
182 | **/
183 | virtual void udpCanSend(ENDPOINT_ID id) = 0;
184 | };
185 |
186 | /**
187 | * IP level filtering events
188 | **/
189 | class NF_IPEventHandler
190 | {
191 | public:
192 | /**
193 | * Indicates a packet received from server.
194 | * @param buf Pointer to data buffer
195 | * @param len Buffer length
196 | * @param options IP options
197 | **/
198 | virtual void ipReceive(const char * buf, int len, PNF_IP_PACKET_OPTIONS options) = 0;
199 |
200 | /**
201 | * Indicates a packet sent to server.
202 | * @param buf Pointer to data buffer
203 | * @param len Buffer length
204 | * @param options IP options
205 | **/
206 | virtual void ipSend(const char * buf, int len, PNF_IP_PACKET_OPTIONS options) = 0;
207 | };
208 |
209 | #else
210 |
211 | #ifdef WIN32
212 | #define NFAPI_CC __cdecl
213 | #else
214 | #define NFAPI_CC
215 | #endif
216 | #define NFAPI_NS
217 |
218 | /////////////////////////////////////////////////////////////////////////////////////
219 | // C API
220 | /////////////////////////////////////////////////////////////////////////////////////
221 |
222 | #ifdef __cplusplus
223 | extern "C"
224 | {
225 | #endif
226 |
227 | #include "nfdriver_data.h"
228 |
229 | #pragma pack(push, 1)
230 |
231 | // C analogue of the class NF_EventHandler (see the definition above)
232 | typedef struct _NF_EventHandler
233 | {
234 | void (NFAPI_CC *threadStart)();
235 | void (NFAPI_CC *threadEnd)();
236 | void (NFAPI_CC *tcpConnectRequest)(ENDPOINT_ID id, PNF_TCP_CONN_INFO pConnInfo);
237 | void (NFAPI_CC *tcpConnected)(ENDPOINT_ID id, PNF_TCP_CONN_INFO pConnInfo);
238 | void (NFAPI_CC *tcpClosed)(ENDPOINT_ID id, PNF_TCP_CONN_INFO pConnInfo);
239 | void (NFAPI_CC *tcpReceive)(ENDPOINT_ID id, const char * buf, int len);
240 | void (NFAPI_CC *tcpSend)(ENDPOINT_ID id, const char * buf, int len);
241 | void (NFAPI_CC *tcpCanReceive)(ENDPOINT_ID id);
242 | void (NFAPI_CC *tcpCanSend)(ENDPOINT_ID id);
243 | void (NFAPI_CC *udpCreated)(ENDPOINT_ID id, PNF_UDP_CONN_INFO pConnInfo);
244 | void (NFAPI_CC *udpConnectRequest)(ENDPOINT_ID id, PNF_UDP_CONN_REQUEST pConnReq);
245 | void (NFAPI_CC *udpClosed)(ENDPOINT_ID id, PNF_UDP_CONN_INFO pConnInfo);
246 | void (NFAPI_CC *udpReceive)(ENDPOINT_ID id, const unsigned char * remoteAddress, const char * buf, int len, PNF_UDP_OPTIONS options);
247 | void (NFAPI_CC *udpSend)(ENDPOINT_ID id, const unsigned char * remoteAddress, const char * buf, int len, PNF_UDP_OPTIONS options);
248 | void (NFAPI_CC *udpCanReceive)(ENDPOINT_ID id);
249 | void (NFAPI_CC *udpCanSend)(ENDPOINT_ID id);
250 | } NF_EventHandler, *PNF_EventHandler;
251 |
252 | // C analogue of the class NF_IPEventHandler (see the definition above)
253 | typedef struct _NF_IPEventHandler
254 | {
255 | void (NFAPI_CC *ipReceive)(const char * buf, int len, PNF_IP_PACKET_OPTIONS options);
256 | void (NFAPI_CC *ipSend)(const char * buf, int len, PNF_IP_PACKET_OPTIONS options);
257 | } NF_IPEventHandler, *PNF_IPEventHandler;
258 |
259 | #pragma pack(pop)
260 |
261 | #endif
262 |
263 |
264 | #ifdef __cplusplus
265 | }
266 | #endif
267 |
268 | #endif
--------------------------------------------------------------------------------
/include/samples_config.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | // Driver name for using in samples
4 | #define NFDRIVER_NAME "netfilter2"
5 |
--------------------------------------------------------------------------------
/lib/release/win32/nfapi.exp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dyhkwong/SocksRedirector/7489085ca4f960f4a54f89346f2e2306212eb220/lib/release/win32/nfapi.exp
--------------------------------------------------------------------------------
/lib/release/win32/nfapi.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dyhkwong/SocksRedirector/7489085ca4f960f4a54f89346f2e2306212eb220/lib/release/win32/nfapi.lib
--------------------------------------------------------------------------------
/lib/release/x64/nfapi.exp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dyhkwong/SocksRedirector/7489085ca4f960f4a54f89346f2e2306212eb220/lib/release/x64/nfapi.exp
--------------------------------------------------------------------------------
/lib/release/x64/nfapi.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dyhkwong/SocksRedirector/7489085ca4f960f4a54f89346f2e2306212eb220/lib/release/x64/nfapi.lib
--------------------------------------------------------------------------------
/license.rtf:
--------------------------------------------------------------------------------
1 | {\rtf1\ansi\ansicpg1251\uc1\deff0\stshfdbch0\stshfloch0\stshfhich0\stshfbi0\deflang1049\deflangfe1049{\fonttbl{\f0\froman\fcharset204\fprq2{\*\panose 02020603050405020304}Times New Roman;}
2 | {\f37\fswiss\fcharset204\fprq2{\*\panose 020b0604020202020204}Arial CYR;}{\f57\froman\fcharset0\fprq2 Times New Roman;}{\f55\froman\fcharset238\fprq2 Times New Roman CE;}{\f58\froman\fcharset161\fprq2 Times New Roman Greek;}
3 | {\f59\froman\fcharset162\fprq2 Times New Roman Tur;}{\f60\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f61\froman\fcharset178\fprq2 Times New Roman (Arabic);}{\f62\froman\fcharset186\fprq2 Times New Roman Baltic;}
4 | {\f63\froman\fcharset163\fprq2 Times New Roman (Vietnamese);}{\f427\fswiss\fcharset0\fprq2 Arial CYR;}{\f425\fswiss\fcharset238\fprq2 Arial CYR CE;}{\f428\fswiss\fcharset161\fprq2 Arial CYR Greek;}{\f429\fswiss\fcharset162\fprq2 Arial CYR Tur;}
5 | {\f430\fswiss\fcharset177\fprq2 Arial CYR (Hebrew);}{\f431\fswiss\fcharset178\fprq2 Arial CYR (Arabic);}{\f432\fswiss\fcharset186\fprq2 Arial CYR Baltic;}{\f433\fswiss\fcharset163\fprq2 Arial CYR (Vietnamese);}}{\colortbl;\red0\green0\blue0;
6 | \red0\green0\blue255;\red0\green255\blue255;\red0\green255\blue0;\red255\green0\blue255;\red255\green0\blue0;\red255\green255\blue0;\red255\green255\blue255;\red0\green0\blue128;\red0\green128\blue128;\red0\green128\blue0;\red128\green0\blue128;
7 | \red128\green0\blue0;\red128\green128\blue0;\red128\green128\blue128;\red192\green192\blue192;}{\stylesheet{\ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1049\langfe1049\cgrid\langnp1049\langfenp1049 \snext0 Normal;}
8 | {\*\cs10 \additive \ssemihidden Default Paragraph Font;}{\*
9 | \ts11\tsrowd\trftsWidthB3\trpaddl108\trpaddr108\trpaddfl3\trpaddft3\trpaddfb3\trpaddfr3\trcbpat1\trcfpat1\tscellwidthfts0\tsvertalt\tsbrdrt\tsbrdrl\tsbrdrb\tsbrdrr\tsbrdrdgl\tsbrdrdgr\tsbrdrh\tsbrdrv
10 | \ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs20\lang1024\langfe1024\cgrid\langnp1024\langfenp1024 \snext11 \ssemihidden Normal Table;}}{\*\latentstyles\lsdstimax156\lsdlockeddef0}{\*\rsidtbl \rsid8089115\rsid13644200
11 | \rsid14500568\rsid15738103}{\*\generator Microsoft Word 11.0.5604;}{\info{\author vetal}{\operator vetal}{\creatim\yr2009\mo8\dy11\hr9\min18}{\revtim\yr2009\mo8\dy12\hr6\min58}{\version4}{\edmins3}{\nofpages2}{\nofwords587}{\nofchars3347}{\*\company gv}
12 | {\nofcharsws3927}{\vern24689}}\margl1701\margr850\margt1134\margb1134 \widowctrl\ftnbj\aenddoc\noxlattoyen\expshrtn\noultrlspc\dntblnsbdb\nospaceforul\hyphcaps0\horzdoc\dghspace120\dgvspace120\dghorigin1701\dgvorigin1984\dghshow0\dgvshow3
13 | \jcompress\viewkind4\viewscale100\nolnhtadjtbl\rsidroot8089115 \fet0\sectd \linex0\sectdefaultcl\sftnbj {\*\pnseclvl1\pnucrm\pnstart1\pnindent720\pnhang {\pntxta .}}{\*\pnseclvl2\pnucltr\pnstart1\pnindent720\pnhang {\pntxta .}}{\*\pnseclvl3
14 | \pndec\pnstart1\pnindent720\pnhang {\pntxta .}}{\*\pnseclvl4\pnlcltr\pnstart1\pnindent720\pnhang {\pntxta )}}{\*\pnseclvl5\pndec\pnstart1\pnindent720\pnhang {\pntxtb (}{\pntxta )}}{\*\pnseclvl6\pnlcltr\pnstart1\pnindent720\pnhang {\pntxtb (}{\pntxta )}}
15 | {\*\pnseclvl7\pnlcrm\pnstart1\pnindent720\pnhang {\pntxtb (}{\pntxta )}}{\*\pnseclvl8\pnlcltr\pnstart1\pnindent720\pnhang {\pntxtb (}{\pntxta )}}{\*\pnseclvl9\pnlcrm\pnstart1\pnindent720\pnhang {\pntxtb (}{\pntxta )}}\pard\plain
16 | \ql \li0\ri0\nowidctlpar\faauto\rin0\lin0\itap0 \fs24\lang1049\langfe1049\cgrid\langnp1049\langfenp1049 {\b\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115 LICENSE STATEMENT
17 | \par }{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115
18 | \par All copyrights to NetFilter SDK are exclusively owned by the author - Vitaly Sidorov
19 | \par
20 | \par }{\b\f37\fs20\insrsid13644200 Using NetFilter SDK}{\f37\fs20\insrsid13644200
21 | \par
22 | \par }{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115 The sources provided as part of the NetFilter SDK product are intended to be incorporated into your own programs. }{
23 | \f37\fs20\lang1033\langfe1049\langnp1033\insrsid8089115\charrsid15738103 You may modify the source code of the }{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid8089115 NetFilter SDK}{
24 | \f37\fs20\lang1033\langfe1049\langnp1033\insrsid8089115\charrsid15738103 to adapt it to your needs.}{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid8089115 }{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115
25 | Nevertheless, the original NetFilter SDK sou}{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid8089115 r}{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115 ces, samples and documentation are the property of author a
26 | nd author provides you with only specific and limited rights to their use. }{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid14500568 Subject to the foregoing rights of the author and subject to the paragraph below entitled \'93Distribution in Source Form
27 | \'94, you may own the source code modified by you. }{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115 Any rights not specifically granted in this statement are reserved by author.
28 | \par
29 | \par }{\b\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115 Distribution In Executable Form
30 | \par }{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115
31 | \par }\pard \ql \li0\ri0\nowidctlpar\faauto\rin0\lin0\itap0\pararsid8089115 {\f37\fs20\lang1033\langfe1049\langnp1033\insrsid8089115\charrsid15738103 Author grants you the right to }{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid8089115 copy}{
32 | \f37\fs20\lang1033\langfe1049\langnp1033\insrsid8089115\charrsid15738103 the NetFilter SDK }{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid8089115 and incorporate it }{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid8089115\charrsid15738103
33 | into your own programs as long as your program adds substantial functionality beyond that provided in the original sources. You may distribute programs that you create and which contain elements of the original NetFilter SDK, in executable form only,
34 | without restriction or fee provided that all copies of your programs bear a valid copyright notice. By \'93copyright notice\'94
35 | , we mean your own copyright notice. You, of course, shall remain solely responsible for, and will hold author harmless from, all claims, liability and damages arising from your own products which may include elements of the NetFilter SDK code. }{
36 | \f37\fs20\lang1033\langfe1049\langnp1033\insrsid8089115 The right of users to use the program into which the NetFilter SDK has been incorporated is perpetual even if this License Statement is terminated.}{
37 | \f37\fs20\lang1033\langfe1049\langnp1033\insrsid8089115\charrsid15738103
38 | \par }\pard \ql \li0\ri0\nowidctlpar\faauto\rin0\lin0\itap0 {\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115
39 | \par }{\b\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115 Distribution In Source Form}{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115
40 | \par
41 | \par Author does not grant you the right to give away, sell, license or otherwise distribute source code derived substantially from the NetFilter SDK unless the recipient of your source code obtains their own license to the NetFi
42 | lter SDK, identical to this license and at the same cost that you paid for this license.
43 | \par
44 | \par }{\b\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115 LIMITED WARRANTY}{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115
45 | \par
46 | \par }{\b\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115 Warranty Disclaimer
47 | \par }{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115
48 | \par AUTHOR SHALL PROVIDE THE SOFTWARE TO YOU WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES OF ANY KIND, INCLUDING, BUT NOT LIMITED TO,
49 | ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. AUTHOR MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO ANY SUPPORT SERVICES IT MAY RENDER TO YOU. AUTHOR DOES NOT WARRANT THAT THE SOFTWARE WILL MEET YOUR R
50 | EQUIREMENTS OR THAT THE OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR\_
51 | FREE OR THAT THE SOFTWARE CONTAINS NO DEFECTS OR ERRORS. YOU ASSUME FULL RESPONSIBILITY FOR THE SELECTION, POSSESSION, PERFORMANCE AND PROPER INSTALLATION AND USE OF THE SOFTWARE AND FOR VERIFYING THE RESULTS OBTAINED THEREFROM.
52 | \par
53 | \par }{\b\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115 Damage Disclaimer}{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115
54 | \par
55 | \par THE LIABILITY OF AUTHOR, SUCCESSORS OR ASSIGNS FOR DAMAGES, WHETHER FOR BREACH OF THIS LICENSE AND LIMITED WARRANTY OR OTHERWISE SHALL NOT EXCEED THE AMOUNT OF THE LICENSE FEE, WHETHER THE LIABILITY ARISES FROM CONTRACT, TORT OR OTHER CLAIMS. AUTHOR SPECI
56 | F
57 | ICALLY DISCLAIMS ANY INCIDENTAL, CONSEQUENTIAL OR SPECIAL DAMAGES WHICH MAY ARISE FROM THIS LICENSE AND LIMITED WARRANTY OR THE POSSESSION OR USE OF ALL OR ANY PORTION OF THE SOFTWARE, EVEN TO THE EXTENT AUTHOR IS AWARE OF THE RISK OF SUCH DAMAGES. AUTHOR
58 | SHALL NOT BE LIABLE FOR COSTS OR PROCUREMENT OF SUBSTITUTE PRODUCTS NOR FOR ANY LOST PROFITS, LOST BUSINESS, LOSS OF USE OR DATA OR INTERRUPTION OF BUSINESS ARISING OUT OF ANY USE OR FAILURE OF ALL OR ANY PORTION OF THE SOFTWARE
59 | \par
60 | \par }{\b\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115 Amendments
61 | \par }{\f37\fs20\lang1033\langfe1049\langnp1033\insrsid13644200\charrsid8089115
62 | \par No amendment,
63 | change, or modification of this License and Limited Warranty or any of the terms, conditions or provisions hereof, and no waiver of a right, remedy, privilege or power, or discharge of an obligation or liability, conferred upon, vested in, or imposed upo
64 | n either Party, and no consent to any act or omission pertaining hereto shall be effective unless duly embodied in a written instrument signed by the duly authorized representatives of both Parties.
65 | \par }}
--------------------------------------------------------------------------------
/src/SocksRedirector.cpp:
--------------------------------------------------------------------------------
1 | /**
2 | * This sample redirects TCP/UDP traffic to the specified SOCKS5 proxy.
3 | **/
4 |
5 | #include "stdafx.h"
6 | #include
7 | #include
8 | #include
9 | #include