title | description | ms.date | author | ms.author | ms.reviewer | ms.subservice |
---|---|---|---|---|---|---|
Failed to redirect connected UDP traffic |
This article provides workarounds for the redirection failure problem that occurs when the connected UDP traffic is redirected to a local proxy using a WFP callout driver. |
04/20/2021 |
HaiyingYu |
haiyingyu |
jesweare, dev_triage |
general |
Applies to: Windows Driver Kit 10
Consider the following scenario:
- A local process sends User Datagram Protocol (UDP) packets by using the Windows Sockets (Winsock) API.
- An application Layer Enforcement (ALE) callout driver was developed using Windows Filtering Platform (WFP), which redirects traffic from the local process.
- A local proxy service receives the UDP packets that are redirected by the callout driver.
In this scenario, if the local process uses the connect and send functions to send UDP packets through a connected UDP protocol, the packets are dropped and the redirection to the local proxy service fails.
The issue occurs because the WFP redirect records are referenced incorrectly.
To redirect traffic successfully to the local proxy service, use the sendto function to send UDP packets through a connectionless UDP protocol.
To learn how to enable application layer enforcement (ALE) callout drivers to inspect and redirect connections, see Using Bind or Connect Redirection.