Komodia's Redirector complete feature list

From Komodia
Jump to: navigation, search

This is a complete list of all the Redirector features, some of the features are in optional modules.

Basic version

Data save/load

Data is saved and loaded from an encrypted file.

Conrol mechanism

  • Can be controlled from a COM API.
  • Can distribute a ready made INI file.
  • can save/load plain text configuration file.

Interception

Protocol and direction

  • TCPv4 outgoing.
  • TCPv4 incoming (part of an optional module).
  • UDPv4 only via socks5 proxy (part of an optional module).

Basic rules

  • Intercepts applications based on name and name inside the version info.
  • Intercepts applications based on target IP, you can specify one IP or CIDR IP range.
  • Intercepts applications based on target port, you can specify one port or a port range.

Advanced rules

  • Can inverse the list and intercept everything but what's in the list.
  • Relationship between rules is logical OR, or logical AND.
  • Can enter application, port, IP that will never be intercepted what so ever.

Hard interception

  • Can intercept a service based on its name.
  • Can exclude application based on its name and make the LSP bypass itself.
  • Can set that applications that are not included will be automatically excluded with a LSP bypass.

Dynamic updates

  • Rules automatically propagate to the LSP every 60 seconds.
  • You can automatically decide to push current rules without waiting 60 seconds.

Proxy support

Supports the following proxy types:

  • HTTP Proxy
  • HTTP Proxy via SSL
  • HTTP Connect
  • HTTP Connect via SSL
  • Socks4
  • Socks5
  • Socks5+UDP
  • Auto switch between HTTP Proxy and HTTP Connect
  • Auto switch between HTTP Proxy and HTTP Connect via SSL

Inspection

Allows you inspect and modify every aspect of the connect:

  • Can change the IP, Port redirect to a proxy or even block new connection.
  • Can inspect and modify the TCP stream.
  • Can disconnect the connection while its working.

Statistics

Have build it statistics module to give statistics based on the following variables:

  • General traffic
  • Applications
  • Ports
  • IPs

HTTP Header filter

  • Allows to clear cache flags.
  • Allows to modify a HTTP header.
  • Allows to add a HTTP header.

Extending

Can be extended using the DLL Framework and COM framework.

Log control

Can enable a debug log that writes all traffic.

Optional modules

Firewall

Able to block TCP and UDP v4 traffic using the same rules for TCP interception.

DNS Interception

Allows to intercept the DNS requests and either resolve them at the Redirector level or at the proxy level.

HTTP Parser

Parses HTTP encodings and gives you cleartext results, this allows for development of parental control and ad injection apps.

Parental control

Allows to perform the following operations (without writing code):

  • Redirect a domain based on the exact name.
  • Redirect a domain based on a partial name.
  • Redirect a domain based on a regex.
  • Allows to visit only specific sites.
  • Can replace words inside HTML with XXXX.

SSL Digestor

Decrypts SSL so you can process SSL traffic, this is a transparent module, you process decrypted SSL (also inside proxied connections) just as you would normal HTTP.

The module support the five leading browsers, and also allows you to white/black list the sites being decrypted.

Watchdog

A component that protects the SDK against removal and tampering.

SSH

Allows for a redirect via a SSH forward channel.

Local proxy collaboration

The SDK can collaborate with a global proxy set in Windows that is at the localhost, there are three options (they are all set at compile time),this option is relevant to ad injection apps.

  • Don't intercept, any traffic that is proxied will not go via the SDK. If you inject a .js, you won't be able to do so on that traffic.
  • Intercept, any traffic that is proxied will go via the SDK and then sent to the proxy. If you inject a .js, the page will contain your .js and the proxy injected .js.
  • Bypass, any traffic that is proxied will go via the SDK and then will not be sent to the proxy (it will go directly to the original site). If you inject a .js, the page will contain only your .js and not the proxy injected .js.