We currently run windows on all of our machines due to software limitation.
Within this however, we are needing to redirect certain packets that come into an IP and Port to a different Port (same IP). We have software listening on the "Proxy Port".
This is achievable with IPTables on linux by doing something similar to:
iptables -t nat -I PREROUTING -p udp -d <DSTIP> --dport <DSTPORT> -m u32 --u32 '0>>22&0x3C@8=0xFFFFFFFF && 0>>22&0x3C@12=0x54536F75 && 0>>22&0x3C@16=0x72636520 && 0>>22&0x3C@20=0x456E6769 && 0>>22&0x3C@24=0x6E652051 && 0>>22&0x3C@28=0x75657279' -j REDIRECT --to-port <REDIRECT PORT>
This works great on linux and will redirect certain packets to our proxy software, however is it at all possible to do something such on windows without having to get a dedicated machine in-front of our windows machines?
I was thinking of writing something up with pcap.net but I'm guessing this will have to direct read from the NIC rather than windows?
From the MSDN:
Netsh is a command-line scripting utility that allows you to, either locally or remotely, display or modify the network configuration of a computer that is currently running.
You can redirect connections coming to any port to another local (or remote) port with the command:
netsh interface portproxy add v4tov4 listenaddress=localaddress listenport=localport connectaddress=destaddress connectport=destport
Also, as stated in this SO post, netsh is a good replacement for iptabes on Windows.