private static void DumpStaticFilters(NdisApiDotNet ndisapi) { // Query current filters and print the stats var currentFilters = ndisapi.GetPacketFilterTable(); if (currentFilters.Item1) { if (currentFilters.Item2.Count > 0) { Console.WriteLine($"{currentFilters.Item2.Count} static filters were loaded into the driver:"); Console.WriteLine(); foreach (var filter in currentFilters.Item2) { Console.WriteLine(filter); Console.WriteLine(); } } else { Console.WriteLine("No static filters were loaded into the driver"); } } else { Console.WriteLine("Failed to query filters stats from the driver"); } }
static void Main(string[] args) { NdisApiDotNet ndisapi = new NdisApiDotNet(null); Console.ResetColor(); Console.CancelKeyPress += HandleCancelKeyPress; if (!ndisapi.IsDriverLoaded()) { Console.WriteLine("WinpkFilter driver is not loaded. Exiting."); return; } var vpnAdapter = NetworkAdapterHelper.GetVpnAdapter(ndisapi); var normalAdapter = NetworkAdapterHelper.GetNormalAdapter(ndisapi); var tableList = IpHelperWrapper.GetTcpConnections("firefox"); foreach (var line in tableList) { Console.WriteLine($"Source: {line.Local.Address} Port: {line.Local.Port} -> Destination: {line.Remote.Address} Port: {line.Remote.Port}"); } Console.ReadLine(); LoadOutFilter(vpnAdapter.Handle, tableList); LoadInFilter(normalAdapter.Handle, tableList); LoadFilterEverythingElseFilter(vpnAdapter.Handle); LoadFilterEverythingElseFilter(normalAdapter.Handle); var loaded = ndisapi.SetPacketFilterTable(filterList); outWorker.DoWork += (s, e) => { TreatOUTPacketsVPNtoNormal(ndisapi, vpnAdapter, normalAdapter); }; inWorker.DoWork += (s, e) => { TreatINPacketsNormaltoVPN(ndisapi, normalAdapter, vpnAdapter); }; Console.WriteLine("-- Filtering started"); outWorker.RunWorkerAsync(); inWorker.RunWorkerAsync(); Console.ReadLine(); Console.WriteLine("-- Filtering stopped"); DumpStaticFilters(ndisapi); Console.WriteLine("Stopped!"); Console.ReadLine(); }
public static NetworkAdapter GetNormalAdapter(NdisApiDotNet ndisapi) { var adapterList = ndisapi.GetTcpipBoundAdaptersInfo(); foreach (var adapter in adapterList.Item2) { if (adapter.Name.Contains("{BEC37E55-8901-46E8-BF94-5A30879F30AF}", StringComparison.InvariantCultureIgnoreCase)) { return(adapter); } } return(null); }
public static NetworkAdapter GetVpnAdapter(NdisApiDotNet ndisapi) { var adapterList = ndisapi.GetTcpipBoundAdaptersInfo(); foreach (var adapter in adapterList.Item2) { if (adapter.Name.Contains("{45518F1E-1644-4CE0-8267-D4FC37690B17}", StringComparison.InvariantCultureIgnoreCase)) { return(adapter); } } return(null); }
public static NetworkAdapter GetAdapterById(NdisApiDotNet ndisapi, string id) { var adapterList = ndisapi.GetTcpipBoundAdaptersInfo(); foreach (var adapter in adapterList.Item2) { if (adapter.Name.Contains(id, StringComparison.InvariantCultureIgnoreCase)) { return(adapter); } } return(null); }
// LISTENS TO VPN ADAPTER AND SENDS THE SPECIFIC PACKETS OUT THE NORMAL ADAPTER private static void TreatOUTPacketsVPNtoNormal(NdisApiDotNet outNdisapi, NetworkAdapter vpnAdapter, NetworkAdapter normalAdapter) { // Lists for re-injecting packets List <RawPacket> toAdapter = new List <RawPacket>(); List <RawPacket> toMstcp = new List <RawPacket>(); // Unmanaged memory resource for sending receiving bulk of packets // Maximum number of packets to send/receive = 64 NdisBufferResource buffer = new NdisBufferResource(64); outNdisapi.SetAdapterMode(vpnAdapter.Handle, MSTCP_FLAGS.MSTCP_FLAG_TUNNEL); outNdisapi.SetPacketEvent(vpnAdapter.Handle, outPacketEvent); do { outPacketEvent.WaitOne(); var packetList = outNdisapi.ReadPackets(vpnAdapter.Handle, buffer); while (packetList.Item1) { foreach (var packet in packetList.Item2) { Packet p = null; EthernetPacket ethernetPacket = null; TcpPacket tcpPacket = null; IPv4Packet ipv4Packet = null; ushort sport = 0; ushort dport = 0; try { p = Packet.ParsePacket(LinkLayers.Ethernet, packet.Data); ethernetPacket = (EthernetPacket)p; tcpPacket = (TcpPacket)((IPPacket)((EthernetPacket)p).PayloadPacket).PayloadPacket; ipv4Packet = (IPv4Packet)((EthernetPacket)p).PayloadPacket; sport = tcpPacket.SourcePort; dport = tcpPacket.DestinationPort; } catch (Exception ex) { if (packet.DeviceFlags == PACKET_FLAG.PACKET_FLAG_ON_RECEIVE) { toMstcp.Add(packet); } else { toAdapter.Add(packet); } Console.WriteLine($"An exeption {ex.Message} occured while trying to parse network packet. Packet will be let thru without any changes"); continue; } DumpSourceChangingFilteredPacket(packet.DeviceFlags, ipv4Packet.SourceAddress.ToString(), sport.ToString(), ipv4Packet.DestinationAddress.ToString(), dport.ToString(), p.Bytes.Length, packet.DeviceFlags == PACKET_FLAG.PACKET_FLAG_ON_RECEIVE); if (packet.DeviceFlags == PACKET_FLAG.PACKET_FLAG_ON_RECEIVE) { // Packet was received on VPN adapter, leave it as it is toMstcp.Add(packet); } else { if (ipv4Packet.SourceAddress.Equals(vpnIP)) { // Change the Source for outgoing packets that will later be sent thru normal adapter ipv4Packet.SourceAddress = localIp; ethernetPacket.SourceHardwareAddress = localMacAddress; ipv4Packet.UpdateIPChecksum(); tcpPacket.UpdateTcpChecksum(); ethernetPacket.UpdateCalculatedValues(); var newPackage = new RawPacket() { Data = p.Bytes, FilterId = packet.FilterId, Dot1q = packet.Dot1q, NdisFlags = packet.NdisFlags, DeviceFlags = packet.DeviceFlags }; toAdapter.Add(newPackage); } else { toAdapter.Add(packet); } } } if (toMstcp.Count > 0) { // If we have packets to forward upwards the network stack then do it here // RECEIVED SHOULD BE TREATED BY VPN ADAPTER outNdisapi.SendPacketsToMstcp(vpnAdapter.Handle, buffer, toMstcp); toMstcp.Clear(); } if (toAdapter.Count > 0) { // If we have packets to forward downwards the network stack then do it here // SENT SHOULD BE TREATED BY NORMAL ADAPTER outNdisapi.SendPacketsToAdapter(normalAdapter.Handle, buffer, toAdapter); toAdapter.Clear(); } packetList = outNdisapi.ReadPackets(vpnAdapter.Handle, buffer); } ; outPacketEvent.Reset(); } while (!stopCapturing); // // Release driver and associated resources // buffer.Dispose(); outNdisapi.SetPacketEvent(vpnAdapter.Handle, null); outNdisapi.SetAdapterMode(vpnAdapter.Handle, 0); }
static void Main(string[] args) { NdisApiDotNet ndisapi = new NdisApiDotNet(null); Console.ResetColor(); Console.CancelKeyPress += HandleCancelKeyPress; if (!ndisapi.IsDriverLoaded()) { Console.WriteLine("WinpkFilter driver is not loaded. Exiting."); return; } var vpnAdapter = NetworkAdapterHelper.GetAdapterById(ndisapi, vpnAdapterID); vpnIP = NetworkAdapterHelper.GetAdapterLocalIP(vpnAdapterID); vpnMacAddress = NetworkAdapterHelper.GetAdapterPhisicalAddress(vpnAdapterID); var normalAdapter = NetworkAdapterHelper.GetAdapterById(ndisapi, normalAdapterID); localIp = NetworkAdapterHelper.GetAdapterLocalIP(normalAdapterID); localMacAddress = NetworkAdapterHelper.GetAdapterPhisicalAddress(normalAdapterID); Console.WriteLine($"======================================================================================"); Console.WriteLine($"Found Ethernet Adapter MAC: {localMacAddress} IP: {localIp}"); Console.WriteLine($"Found VPN Adapter MAC: {vpnMacAddress} IP: {vpnIP}"); Console.WriteLine($"======================================================================================"); if (vpnIP == null) { throw new Exception("VPN not connected"); } var tableList = IpHelperWrapper.GetTcpConnections("firefox"); Console.WriteLine(); Console.WriteLine($"==============================FireFox sockets========================================="); Console.WriteLine($"======================================================================================"); foreach (var line in tableList) { Console.WriteLine($"Source: {line.Local.Address} Port: {line.Local.Port} -> Destination: {line.Remote.Address} Port: {line.Remote.Port}"); } Console.WriteLine($"======================================================================================"); Console.ReadLine(); LoadOutFilter(vpnAdapter.Handle, tableList); LoadInFilter(normalAdapter.Handle, tableList); //LoadTESTInFilter(normalAdapter.Handle, tableList); //LoadTESTOutFilter(normalAdapter.Handle, tableList); //LoadTESTInFilter(vpnAdapter.Handle, tableList); LoadFilterEverythingElseFilter(vpnAdapter.Handle); LoadFilterEverythingElseFilter(normalAdapter.Handle); var loaded = ndisapi.SetPacketFilterTable(filterList); outWorker.DoWork += (s, e) => { TreatOUTPacketsVPNtoNormal(ndisapi, vpnAdapter, normalAdapter); }; inWorker.DoWork += (s, e) => { TreatINPacketsNormaltoVPN(ndisapi, normalAdapter, vpnAdapter); }; Console.WriteLine("-- Filtering started"); outWorker.RunWorkerAsync(); inWorker.RunWorkerAsync(); Console.ReadLine(); Console.WriteLine("-- Filtering stopped"); DumpStaticFilters(ndisapi); Console.WriteLine("Stopped!"); Console.ReadLine(); }
public static NetworkAdapter GetAdapter(NdisApiDotNet ndisapi) { var adapterList = ndisapi.GetTcpipBoundAdaptersInfo(); if (!adapterList.Item1) { Console.WriteLine("WinpkFilter failed to query active interfaces. Exiting."); return(null); } if (adapterList.Item2.Count > 0) { Console.WriteLine("Available network interfaces: "); } Console.WriteLine(); int counter = 0; foreach (var adapter in adapterList.Item2) { Console.WriteLine($"{++counter}) {adapter.FriendlyName}"); Console.WriteLine($"\t Internal name: {adapter.Name}"); Console.WriteLine($"\t Handle: {adapter.Handle.ToString("x")}"); Console.WriteLine($"\t MAC: {adapter.CurrentAddress}"); Console.WriteLine($"\t Medium: {adapter.Medium}"); Console.WriteLine($"\t MTU: {adapter.Mtu}"); if (adapter.Medium == NDIS_MEDIUM.NdisMediumWan) { var rasLinkInfoList = ndisapi.GetRasLinks(adapter.Handle); if (rasLinkInfoList.Item1 && (rasLinkInfoList.Item2.Count > 0)) { foreach (var e in rasLinkInfoList.Item2) { Console.WriteLine($"----------------------------------------------------------------"); Console.WriteLine($"\t\tLinkSpeed = {e.LinkSpeed}"); Console.WriteLine($"\t\tMTU: {e.MaximumTotalSize}"); Console.WriteLine($"\t\tLocalAddress: {e.LocalAddress}"); Console.WriteLine($"\t\tRemoteAddress: {e.RemoteAddress}"); Byte[] ipAddress = new Byte[4]; Array.Copy(e.ProtocolBuffer, 584, ipAddress, 0, 4); IPAddress ipV4 = new IPAddress(ipAddress); Array.Copy(e.ProtocolBuffer, 588, ipAddress, 0, 4); IPAddress ipMaskV4 = new IPAddress(ipAddress); Console.WriteLine($"\t\tIPv4: {ipV4} Mask: {ipMaskV4}"); Console.WriteLine($"----------------------------------------------------------------"); } } } Console.WriteLine(); } Console.Write("Select network interface: "); int index = Convert.ToInt32(Console.ReadLine()); if (index > adapterList.Item2.Count) { Console.WriteLine($"Wrong interface index {index}"); return(null); } return(adapterList.Item2[index - 1]); }