Can I change the current network interface in Windows CMD? - windows

In my current setup I have two interfaces, one is my normal connection and the other for my VPN, which is the default interface.
My VPN isn't nearly as fast as my connection so for some heavier load I use my normal connection. The problem I am having is that I want to send files to Google Drive by using their api via CMD, but googleapis.com simply resolves to too many IP's to route them all. Currently I am solving this issue by connecting through a proxy so I only have to route that proxy to my normal interface.
What I would rather do is just set the interface of my normal connection to the CMD session like I do with the proxy. I have tried playing around with netsh but so far with no success.
Does anyone have an idea on how to solve this problem?

It isn;t that your VPN is your "Default Interface" it's that it has a Lower Route Metric for Traffic because whoever set it up made it so that all traffic routes t the VPN instead of only internal traffic.
If this is intentional, and you don;t want to change it then your only real option is to use a Proxy as you need to be able to sniff the packet headers to match the API URL, and it's it's HTTPS traffic, that is encrypted, and only passing through a proxy will be able to get around that.

Related

How to create a vpn connection on a port and only use it selectively

This feels like a basic question, I'm sure other people needed something like this at some point however I couldn't find anything clear on this topic and I'm not very familiar to networking so I hope following makes sense (and sorry if I am butchering the terminology)
I often need to connect to a VPN server at work. At the moment I am using Cisco AnyConnect, which upon connection asks me the host server, my username, my password and routes all my traffic through the VPN afterwards.
The problem is, depending on what I'm doing I often need to jump back and forth to VPN (some applications need local network and others dont)
What would be perfect is to create one VPN connection and just keep it on a port without routing anything to it. Then I can use it as a proxy to selectively route my traffic through VPN (eg. I override http_proxy locally on one terminal instance and run applications that require VPN through there without having to jump back and forth). Furthermore if I create this connection from the terminal I can automate most of the process, with something like:
function callExecutableThroughVPN() {
if ! is_connected_to_vpn then
echo "coulnt find the vpn connection, will attempt to connect. enter password:"
# get password input here
setup_vpn_on_port_9876 # pass password input here
echo "setting proxy to 127.0.0.1:9876"
http_proxy=127.0.0.1:9876/
https_proxy=127.0.0.1:9876/
fi
./executable_that_need_vpn
}
Then I can simply stay on my network and use a wrapper like above for few processes that require their traffic re-routed.
So in summary, my question is: Is it possible to create a single VPN process through terminal to listen a local port, so I dont have to route all my traffic at once, and I can simply kill this process when I'm done
I recommend using SSH tunnel/Socks Proxy (see ssh -D) and tsocks wrapper. For http(s) proxies I recommend the proxychains tool.

Using FTP Programs with Automatic Proxy Configuration URL

I've literally searched the internet for the last 5 hours and I have tried every suggestion out there and I'm starting to wonder if what I want to do is simply not possible....
Most webservers only allow X simultaneous connections for uploading/downloading. I simply want to upload my many files faster, by connecting/uploading through various proxies. However, no program I can find has anything for automatic proxy configuration, and only for a specific proxy IP. I have an account with a proxy service that gives you a different IP address for every request/connection made through it. I can connect to this fine from any FTP program but it appears that the servers are confused when they see different IP's connecting, and there's no way to manually whitelist/authenticate them on the server side, so it simply closes all connections. I even have a list of IP addresses with port/user/pass that I am willing to use, but I can't figure out how to do anything other than use a specific proxy to upload/download from servers.... Is this even possible????
ANY HELP/INPUT IS GREATLY APPRECIATED!!

Socket connection rerouting

Most proxy servers perform the job of forwarding data to an appropriate "real" server. However, I am in the process of designing a distributed system in which when the "proxy" receives a TCP/IP socket connection, the remote system actually connects with a real server which the proxy nominates. All subsequent data flows from remote to the real server.
So is it possible to "forward" the socket connection request so that the remote system connects with the real server?
(I am assuming for the moment that nothing further can be done with the remote system. Ie the proxy can't respond to the connection by sending the IP address of the actual server and the remote connections with that. )
This will be under vanilla Windows (not Server), so can't use cunning stuff like TCPCP.
I assume your "remote system" is the one that initiates connection attempts, i.e. client of the proxy.
If I get this right: when the "remote system" wants to connect somewhere, you want the "proxy server" to decide where the connection will really go ("real server"). When the decision is made, you don't want to involve the proxy server any further - the data of the connection should not pass the proxy, but go directly between the "remote system" and the "real server".
Problem is, if you want the connection to be truly direct, the "remote system" must know the IP address of of the "real server", and vice versa.
(I am assuming for the moment that nothing further can be done with
the remote system. Ie the proxy can't respond to the connection by
sending the IP address of the actual server and the remote connections
with that. )
Like I said, not possible. Why is it a problem to have the "proxy" send back the actual IP address?
Is it security - you want to make sure the connection really goes where the proxy wanted? If that's the case, you don't have an option - you have to compromise. Either the proxy forwards all the data, and it knows where the data is going, or let the client connect itself, but you don't have control where it connects.
Most networking problems can be solved as long as you have complete control over the entire network. Here, for instance, you could involve routers on the path between the "remote system" and the "real client", to make sure the connection is direct and that it goes where the proxy wanted. But this is complex, and probably not an option in practice (since you may not have control over those routers).
A compromise may be to have several "relay servers" distributed around the network that will forward the connections instead of having the actual proxy server forward them. When a proxy makes a decision, it finds the best (closest) relay server, tells it about the connection, then orders the client to connect to the relay server, which makes sure the connection goes where the proxy intended it to go.
There might be a way of doing this but you need to use a Windows driver to achieve it. I've not tried this when the connection comes from an IP other than localhost, but it might work.
Take a look at NetFilter SDK. There's a trial version which is fully functional up to 100000 TCP and UDP connections. The other possibility is to write a Windows driver yourself, but this is non-trivial.
http://www.netfiltersdk.com
Basically it works as follows:
1) You create a class which inherits from NF_EventHandler. In there you can provide your own implementation of methods like tcpConnectRequest to allow you to redirect TCP connections somewhere else.
2) You initialize the library with a call to nf_init. This provides the link between the driver and your proxy, as you provide an instance of your NF_EventHandler implementation to it.
There are also some example programs for you to see the redirection happening. For example, to redirect a connection on port 80 from process id 214 to 127.0.0.0:8081, you can run:
TcpRedirector.exe -p 80 -pid 214 -r 127.0.0.1:8081
For your proxy, this would be used as follows:
1) Connect from your client application to the proxy.
2) The connection request is intercepted by NetFilterSDK (tcpConnectRequest) and the connection endpoint is modified to connect to the server the proxy chooses. This is the crucial bit because your connection is coming from outside and this is the part that may not work.
Sounds like routing problem, one layer lower than TCP/IP;
You're actually looking for ARP like proxy:
I'd say you need to manage ARP packets, chekcing the ARP requests:
CLIENT -> WHOIS PROXY.MAC
PROXY -> PROXY.IP is SERVER.IP
Then normal socket connection via TCP/IP from client to server.

Ipv6 Packet Rewriting and Caching

I have a router running Linux that acts as the central gateway to the Internet for a network of embedded devices that use IPv6 to communicate. I would like to intercept, inspect, and rewrite every packet that goes in and out from the Internet to this subnetwork. The reason I need to do this is that I want to create a transparent (to both ends) proxy service that will redirect packets, ingoing and outgoing, to a cache that lives elsewhere depending on the packet content.
These devices communicate using their own application protocol that runs over UDP so I can't re-use something like Squid straight out of the box. Is the best place to start somewhere like libpcap? Or should I start from the top and rewrite Squid? This is the first time I've had to really dive deep into networking, and I'm unsure where to begin.
You are probably better off rewriting the DNS responses to point to your Linux gateway instead. Something similar to this has been done to allow IPv6 only nodes to talk to the IPv4 internet. You can inspire yourself from that.
See for ideas for your Linux gateway box
http://www.ietf.org/id/draft-ietf-behave-v6v4-xlate-stateful-08.txt
and ideas for your DNS box
http://www.ietf.org/id/draft-ietf-behave-dns64-06.txt

How to forward the TCP/IP traffic of a process in Windows XP?

alt text http://img440.imageshack.us/img440/6950/problemyd1.png
(The curly lines with dots represent a network route.)
Having a process called "foo.exe", is there a way to forward everything it communicates over TCP/IP to a forwarding proxy located elsewhere? This forwarding should not reflect to other processes.
Another question: if there are multiple network adapters, is it possible to force a process to use one specific adapter.
Since in this example the targethost.com is known, I could just edit "system32\drivers\etc\hosts" to map targethost.com's IP to localhost, where on port 8765 would be the first forwarder waiting for an incoming connection and pass everything forward to proxy.foo.com. I was wondering if there's a more elegant way of doing this.
This is not for malware, I'm doing some network testing with my complex home network. Thank you for warning us.
Some free software for this would be perfect, alternatively a code idea (native or .net). Thank you very much.
It's not too hard if you make your own computer a firewall, then your app connects to a port on your own computer, and that port is forwarded to both the original destination and logged or forwarded on to your spying computer.
Alternatively you can make your other computer the firwall and have it log/forward the info.
Finally you could use a sniffer.
SocksCap will probably do the job (if you're OK with establishing a SOCKS proxy at proxy.foo.com).
You could hook into the TCP stack, for example, by using the Windows Filtering Platform or its predecessors, or you could substitute the network libraries/calls of that particular process.

Resources