Komodia's Redirector proxy guide

From Komodia
Jump to: navigation, search

Using external proxy per specific domain

Without DNS hijacker

HTTP traffic

This can be done only by using the Komodia's Redirector DLL framework guide:

  1. Make sure to inspect port 80, or for other ports, you'll need to verify when the data comes that it's actually HTTP.
  2. At the DLL NewConnection (Komodia's Redirector DLL framework guide#NewConnection) the data needs to be peeked, which will contain the HTTP request, in the request there will be the HOST field, this field is the domain of the request.
  3. If the domain is the one needed to redirect, then set the proxy to the right proxy.

Point to watch for:

  • It's important to make sure the data coming through is actually HTTP request.
  • The HOST field can be fragmented, so it's important to verify that there's the \r\n at the end of it, which means it's complete.
  • Browsers can create a request and just wait for 10-30 seconds before actually making a request, if at all. A way around this is to cache prior requests and keep a table that matches IP to HOSTS, it's not 100% since one IP can contains thousand web sites with different domains.

HTTPS traffic

This can be done only by using the Komodia's Redirector DLL framework guide:

  1. Make sure to inspect port 443, or for other ports, you'll need to verify when the data comes that it's actually HTTPS.
  2. At the DLL NewConnection (Komodia's Redirector DLL framework guide#NewConnection) the data needs to be peeked, which will contain the SSL request, the request usually contains the TLS domain name (SNI), the SNI is the host name (SNI will not be present when using Chrome/IE on XP, and with various ActiveX plugins, in that case there's no way of knowing what the domain is).
  3. If the domain is the one needed to redirect, then set the proxy to the right proxy.

With DNS hijacker

Any kind of traffic

This can be done by using the Komodia's Redirector DLL framework guide or Komodia's Redirector COM framework guide:

  1. At NewConnection (based on the framework) there will be the domain name inside the relevant flag.
  2. If the domain is the one needed to redirect, then set the proxy to the right proxy.