从Windows上的特定应用程序捕获和转发网络流量
[英]Capture and forwarding of network traffic from a particular application on Windows
问题描述
I need to capture network traffic that is going in/out of a particular application. 
我需要捕获进入/离开特定应用程序的网络流量。 The main issue is that I would like to do this in a blocking fashion -- ie capture the traffic, perform some analysis and encryption/decryption on it and then forward it along its regular route. 主要问题是我想以阻止方式进行操作-即捕获流量,对其进行一些分析和加密/解密,然后沿其常规路径转发。 So, it must use some sort of a blocking mechanism. 因此,它必须使用某种阻止机制。
Is there some code or a library that makes this easy to do on Windows (Server 2008 or Win7 will do)? 是否有一些代码或库可以使它在Windows上轻松实现(Server 2008或Win7可以做到)? Any C++ (or Python/Java) classes or libraries that already exist? 是否已存在任何C ++(或Python / Java)类或库?
I intend for the solution to also execute on the same machine as the target app and have administrative privileges. 我希望该解决方案也能与目标应用程序在同一台计算机上执行,并具有管理特权。
Any pointers to code samples would be greatly appreciated. 任何指向代码样本的指针将不胜感激。
Thanks for your help. 谢谢你的帮助。
ps: I have been looking at WinPcap but from my (limited) understanding, it can't filter/block based on specific applications. ps:我一直在查看WinPcap,但从我的(有限的)理解来看,它无法根据特定的应用程序进行过滤/阻止。 Is that right, or did I miss something? 是这样吗,还是我错过了什么? Any other solutions out there? 还有其他解决方案吗?
1 个解决方案
解决方案1
0 2013-06-07 11:54:19
For this you should look at WinDivert . 为此,您应该查看WinDivert 。 Unlike regular packet sniffers (like winpcap), WinDivert also has the ability to block/filter packets, so it might be what you are looking for. 与常规的数据包嗅探器(如winpcap)不同,WinDivert还具有阻止/过滤数据包的功能,因此它可能正是您所需要的。 Disclosure: WinDivert is my own project. 披露:WinDivert是我自己的项目。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.