Routing traffic from a specific application - windows

Is there a way I can route traffic from an application to a diferent ip, let's say for instance route Firefox's traffic to localhost, for instance?
I'm using windows.

There is a wide variety of proxifer, firewall and port forwarding software that allows you to redirect traffic by IP address, protocol, internal port, and external port through a range of different packages for windows.
However, the only one I have found that allows you to specify rules (other than block) at the application level for Windows is the trialware package 'Proxifer' by Initex software.

Related

How do I route all traffic to my EC2's ip address to a specific port?

I have a basic web application running on a port in an EC2 instance. I have also created an A record in Route53 which points a domain name that I own towards the ip address of the EC2 instance.
When I directly access ip-address:port, it works fine, but because the a record does not point towards that specific port, the website cannot be accessed through the domain name.
How do I specify a port that all requests to that ip address should be routed to?
port is referenced by protocol you are using.
if you use http you will connect to port 80. https uses 443, ftp 21, smtp 25 and there are many others (they are called default ports for service but they may use every other defined).
You are probably running application, listening on some different port (but using protocol http) and that's why you can reach it by entering http://ip-address:port
what you can do to reach it by entering only http://ip-address is to set it to listen on port 80 (you will need root privileges to do this) or set redirect from port 80 to your applications port (you can use pure port redirection using iptables or (better) reverse proxy software. It can be apache as mentioned in comment above, or nginx or haproxy or something else (you haven't specified operating system anyway - those are mainly for linux).
Hope that helps

How can I force outgoing ip for specific applications? ForceBindIp doesn't seem to work

I have a dedicated windows 2012 server with 12 dedicated IPs.
I want to be able to make connections simultaneously from two different ips that I choose.
This will be used for two different browser applications.
I have tried the following:
ForceBindIP %IP_ADDRESS% %APP_EXE%
But the IP doesn't change, the browser always displays the lowest IP from my added range.
I have also experimented with a script that removes all the ips, and then just adds one.
netsh interface ipv4 delete address "Ethernet" 104.251.111.110
netsh interface ipv4 delete address "Ethernet" 104.251.111.111
netsh interface ipv4 delete address "Ethernet" 104.251.111.112
netsh interface ipv4 delete address "Ethernet" 104.251.111.114
....
netsh interface ipv4 add address "Ethernet" 104.251.111.115 255.255.255.0
This changes the address BUT I end up having only one IP for both applications.
If the applications you intend to use doesn't support binding to interfaces/ip (true, it's uncommon), you can use SOCKS or Proxy software (which is a lot more common, especially browsers).
For instance you could install WinGate or Squid http://www.squid-cache.org (which is the one I know most).
Squid-Cache have the ability to bind to different outgoing addresses based on rules (http://www.squid-cache.org/Doc/config/tcp_outgoing_address/ ).
Basically what you need to do is:
install Squid
add ACL for loopback IP mapping, such as:
acl IP110 src 127.0.0.1/32
acl IP111 src 127.0.0.2/32
[...]
tcp_outgoing_address 104.251.111.110 IP110
tcp_outgoing_address 104.251.111.111 IP111
[...]
And the default, which is just formally needed:
tcp_outgoing_address 104.251.111.110
Each application will then need to be configured with a Proxy (or SOCKS, if you go that way), which is a configuration option most commonly available. On the proxy configuration set the corresponding local IP:
for outgoing connection using IP .111, use proxy on 127.0.0.2
for outgoing connection using IP .110, use proxy on 127.0.0.1
.. and so on.
Make sure Squid (or WinGate) bind to localhost 127.0.0.1/24, so you shouldn't have big security concerns, but if this is exposed on internet you may want to proceed to security assessment anyway.
This way if you decide to offload some application remotely, to other server, you can still manage to use the same outgoing IP(s), you just need to change squid configuration to allow external connection, which could be a big plus for scaling.
It looks like you're searching for a fix involving little rework of the browser applications. Assuming that you're using IIS to serve the applications, you should:
Using File Explorer or command line, soft-link the application configuration in another root folder for each instance of the browser application.
Using IIS, recreate the application as a site for each of the above browser application folders.
Using IIS, bind each instance of the browser application to the IP address you wish to serve it with.
Caveat: It's tempting to use the same app pool for all instances, but evaluate your hardware before! Remember that (depending on the application requirements) you create a single point of failure when using a single app pool. Create separate app pools with identical parameters to reduce this risk.

Access a local machine form outside the LAN

Is there a way to access a machine from outside the LAN without port forwarding?
I have two scenarios in my current setup port forwarding is complicating:
I have two FTP servers on the same router I want to access from outside
I want to Remote Control/Access files on Windows computers on the network
Right now, the first option is possible, but it needs reconfiguring the router, while other one seems impossible outside the LAN.
Is there something like [global IP address]/[machine name] or [global IP address]/[Local IP address]?
We need more information. Are these addresses IPv4 RFC 1918 addresses, publicly routed addresses, or IPv6?
If they are in the RFC1918 (10.x.x.x, 172.16.x.x, 192.168.x.x) address space then, simply no. Those addresses are not publicly routed and therefore must be translated to a non-RFC 1918 address.
Otherwise, yes, you can.
If your servers should be available to the public - the answer will be "no".
If you plan to give a limited number of users (for example, only you) access to this servers then you have some options:
Use SSH tunnels with, for example, PuTTY and set up a Forwarding for each service you want to expose to your computer and access it over localhost:port.
localhost:21001 --> 192.168.1.3:21 (FTP1)
localhost:21002 --> 192.168.1.4:21 (FTP2)
Advantage: you can setup your "port-forwardings" at clinet-side
Disadvantage: you need a router or another computer running the SSH server
Use a VPN (for example, OpenVPN, PPTP, etc.) to get access to your LAN from outside. Then you can act like you are in your LAN.
Advantages:
easy to use if setup properly
you can use almost every protocol
Disadvantage: Need to setup VPN Service/Gateway

Changing device web management port on Billion 7800NXL

Does anyone know how (or even if it's possible) to change the port on a Billion BiPac 7800NXL?
I can't find anything about it in the documentation or web management.
I want to be able to forward port 80 through to a machine on my network, but it doesn't seem to allow me to do that.
It appears you can forward port 80 without having to change the management port, any external requests to the port are forwarded through and internal requests are redirected through to the web management.
A dyndns on the external IP always seems to redirect through to the correct machine, even from the internal network.

Setting up a server

One of my real weak points in programming is networking, so I admit that I may be a little over my head with this project. Please feel free to tell me if what I'm trying to do doesn't make any sense
What I am trying to do, basically, is run a program on my laptop (Node.JS, probably) that handles requests from a website, does some functions, and serves data back to a client running on the website. (Research tells me this is called an RPC server)
When you listen for requests in Node.JS, you specify a port and optionally an IP Address- localhost, 127.0.0.1, is what all the tutorials I've read have used, but that's not sufficient for what I'm trying to do
I've read that I'll need to set up a static IP Address? But I think those are relative to my LAN, so they'll be like 192.168.0.X. So then what would I specify for the IP for the server and the client? (I don't think the port particularly matters). Do I need a DNS?
I hope this makes sense, sorry for so many questions, thank you for your help
You can run a server on your local machine, and you will specify your local IP address for the script, like 192.168.0.x. But for this server to ever receive a connection, your client must connect to your external IP address. It is the IP address that you get from your Internet provider when you connect to Internet. If your external IP is static, i.e. it does not change, then you can use it in your client script. If the external IP changes, you must setup a DNS record that would resolve the name of your computer. DynDNS can be used for that purpose.
If you have a router, it must be setup so that it forwards connections to your laptop where the server runs. And your firewall must be configured to allow connections.

Resources