Closed DynixDynix closed 1 year ago
DynixDynix
commented
1 year ago I found normal data packets using Wireshark, but I couldn't see them in WinDivert. It was the first time I saw this situation, and of course, he was very good at handling local data packets
basil00
commented
1 year ago Some protocols are layer 2, so would not be visible to WinDivert.
There is an experimental version of WinDivert with Layer 2 support here: https://github.com/basil00/Divert/tree/eth_layer However, this version has an issue where networking will pause each time a filter is added/removed, so this version has not been released. I understand that the same issue would exist for NDIS LWF drivers.
DynixDynix
commented
1 year ago Some protocols are layer 2, so would not be visible to WinDivert.
There is an experimental version of WinDivert with Layer 2 support here: https://github.com/basil00/Divert/tree/eth_layer However, this version has an issue where networking will pause each time a filter is added/removed, so this version has not been released. I understand that the same issue would exist for NDIS LWF drivers.
Can the current version be injected at the forward layer?My current computer is a soft router, and after opening the ICS service, my phone shares the network through the computer. After I opened the WINDIVERT_LAYER_NETWORK_FORWARD handle,I can see more data packets, I can see that the connected device requests the target server, but redirecting the IP to its own proxy server seems to have no effect, I don't know where I did something wrong,If you could provide some ideas,I would greatly appreciate it!
Why not let WinDivert be written based on NDIS LWF and based on WFP I had a project before that could not intercept ICS data under any circumstances (when Windows was doing soft routing NAT). Will it be implemented in a future version?