问题
On Windows 7 I have an SSH tunnel running on my local 127.0.0.1:34567 address that I need to access so I can access 12.34.56.78:8080 with the help of SSH proxying for me as I cannot access that IP directly (due to not being on the whitelist).
My basic simple goal therefore is that on Windows whenever I request 12.34.56.78:8080 from anywhere (my browser for instance), I would like the request to instead be diverted to 127.0.0.1:34567 transparently, and I would like a software solution to this instead of a hardware one if possible. I think this is what's usually achieved in Linux by something called iptables, but I'm looking for something I can use on windows.
Does anyone know how this is possible? If I need to use any external Windows program for this, that is fine, but I prefer it to be free.
EDIT: please do not present me with reverse tunnel solutions. My goal is to request the same ip:port that I'm blocked from, but to be able to get to that ip:port successfully through the means of my existing SSH tunnel. Reverse tunnels involve requesting a different ip:port which is not what I'm looking for (I already have a forward tunnel I can use if I wanted to make requests to a different ip:port).
Example scenario: Pretend that you have an C-compiled .exe file whose source code you don't have access to that is hardcoded to request 12.34.56.78:8000 for SOAP webservices. The problem is, your IP is blocked from that ip:port, but you do have access to an SSH server which isn't blocked by 210.212.239.117:8080 and also have an SSH tunnel set up for that SSH server to access that ip:port... but your .exe has the original ip:port hardcoded, so you can't just tell it to request the SSH tunnel ip:port, as it's not possible to change the ip:port to be requested in any way due to it being hardcoded! You would have to have the request to 210.212.239.117:8080 on your computer somehow diverted to your SSH tunnel on the OS level. So how would you get that done?
EDIT 2: I'm not looking for routing tables either (I think). I don't want to modify the route my request goes through to reach target ip:port; I actually want to have the requested ip and port themselves silently changed. I kind of want to achieve something like the hosts file, except instead of resolving hostnames to ips, I want ip:ports to be reresolved to different ip:ports.
Bounty: Sorry, it appears this stackoverflow question of mine counts as Offtopic and isn't eligable for offering a bounty, so sorry to anyone who put in extra work and would have potentially received the bounty!
回答1:
I haven't found a ready executable, but WFPSampler seems to be promising. It uses the new Windows Filtering Platform API (available since Windows Vista) to manipulate packets.
To use it for redirecting outgoing packets, give a look at Q&A section, there are many examples.
回答2:
Check out BarbaTunnel: http://barbatunnel.codeplex.com/
TCP-Redirect mode is probably what you're looking for.
回答3:
You can use a reverse shell. It can mirror a remote port. Use ssh to connect with -R option. For example ssh -R xxxx:localhost:xxxx user:pass@www.server.com. Check this out:http://www.debianadmin.com/howto-use-ssh-local-and-remote-port-forwarding.html.
来源:https://stackoverflow.com/questions/19294700/capturing-and-redirecting-outgoing-traffic-from-given-ipport-to-target-ipport