Windows 7 – Bind application to a specific network interface

I have tried ForceBindIP, but it has a significant downside – it doesn’t affect the children of the application I’m trying to bind, it only affects the application itself. It also can’t force an application to always run through a specified interface, it has to be run through forcebindip.exe every time. It becomes a problem with applications like League of Legends where the process tree looks like that:

screenshot

The launcher runs the patcher, the patcher run the client, etc. I can only affect the parent of all these processes in the tree, so the actual game is not bound to the interface I want, making this whole venture pointless.

Is there a more modern alternative to ForceBindIP for Windows 7? There are many questions similar to this one on this site, but they are mostly old. Maybe there is now a better way to solve this problem?

My current idea is to do the following:

  1. Set up local 3proxy server bound to the desired interface.

  2. Run the game through Proxifier or similar software configured to run through that local proxy.

I’m not sure if that will work, but even if it will, it seems like a sub-optimal solution. Do you guys have any better ideas?

Edit: My idea didn’t work 🙁

Edit 2: Basically, what I’m trying to achieve is bind a few applications to a regular interface, while VPN is running. The reason is that I need to connect through VPN most of the time, but some applications (such as games) don’t work properly this way, because of higher ping and other issues.

Solution:

###UpdateI’ve found that ForceBindIp in fact is passing parameters to the called executables. It just omits first parameter. So I’ve modified my script to use ForceBindIp.exe instead of custom injector and now it looks like all issues with injectory exceptions are gone and everything works.

Here is modified steps and BindIp.cmd script:

  1. Install ForceBindIp as usual

  2. Put BindIp.cmd anywhere on your drive (e.g. C:BindIpBindIp.cmd)

BindIp.cmd script:

setlocal:: IP to bind toset IP=192.168.128.85:: Common variablesset RegIFEO=HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options%~nx1set Injector=ForceBindIp.exe:: ForceBindIp swallows first parameter passed to target exe,:: so we inject dummy parameter just before itset AllParams=%*set FirstParam=%1call set TargetParams=%%AllParams:*%FirstParam%=%FirstParam% Dummy%%:: Delete debugger for the target exe in registry,:: or we'll end in an endless loop of the batch filesreg delete "%RegIFEO%%" /v Debugger /f:: Start target exe via ForceBindIp%Injector% %IP% %TargetParams%:: Restore this script as debugger for the target exe in registryreg add "%RegIFEO%" /v Debugger /t REG_SZ /d "%~dpnx0" /f:: Debug, uncomment if neededrem pauseendlocal

Then follow steps 2-6 from below.


###Introduction[ForceBindIp][0] can’t automatically inject `BindIp.dll` to child processes and doesn’t pass parameters to the called executables. But I was able to circumvent this by using [Image File Execution Options in registry][1], batch script and [third-party dll injector][2]. Details are below.

###TheoryTo use BindIp.dll without ForceBindIp.exe we need to find out how they communicate (ForceBindIp.exe has to pass IP-address to dll somehow).

I’ve used IDA free and found that ForceBindIp.exe creates environment variable with name FORCEDIP that holds IP-address and BindIp.dll reads IP-address from this variable when it injected and executed in target process.

To detect target application launch, we can add a Debugger key in the Image File Execution Options in registry for this executable:

Kernel32!CreateProcess when called without the DEBUG_PROCESS orDEBUG_ONLY_THIS_PROCESS creation flags, checks the registry to see ifIFEO has been set on the executable that it is launching. If yes, thenit simply prepends the debugger path to the executable name,effectively getting the executable to launch under the debugger.

The "Debugger" in our case, will be a batch script, that will set FORCEDIP variable and launch the injectory dll-injector. Injectory then will start process, pass command-line arguments and inject BindIp.dll.

###Practice

  1. Create folder somewhere (C:BindIp for example) and put those three files in it:
  • BindIp.dll
  • injectory.x86.exe
  • BindIp.cmd

BindIp.cmd script:

setlocal:: IP to bind to. This env.var is used by BindIp.dllset FORCEDIP=192.168.1.23:: Common variablesset RegIFEO=HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options%~nx1set Injector=%~dp0injectory.x86.exeset BindIpDll=%~dp0BindIp.dll:: Extract target's parameters, if anyset AllParams=%*set FirstParam=%1call set TargetParams=%%AllParams:*%FirstParam% =%%:: Delete debugger for the target exe in registry,:: or we'll end in an endless loop of the batch filesreg delete "%RegIFEO%%" /v Debugger /f:: Start target exe and inject BindIp.dllif not [%2] == [] (    :: If there were parameters for target exe, pass them on    "%Injector%" --launch %1 --inject "%BindIpDll%" --args "%TargetParams%") else (    :: No parameters were specified    "%Injector%" --launch %1 --inject "%BindIpDll%"):: Restore this script as debugger for the target exe in registryreg add "%RegIFEO%" /v Debugger /t REG_SZ /d "%~dpnx0" /f:: Debug, uncomment if neededrem pauseendlocal
  1. Create registry key (e.g. LolClient.exe) for target executable in HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options
  2. Add String Value to this key:
  • Name: Debugger
  • Value: C:BindIpBindIp.cmd
  1. Grant Users Full permissions on this key (the script will have to modify it at every launch). It should look like this: IFEO registry key

  2. Set required IP-address in BindIp.cmd

  3. Repeat steps 3 and 4 for every executable you wish to bind (rad_user_kernel.exe, LolLauncher.exe, LolPatcher.exe, etc.).

Now, every time when you launch executable that has corresponding registry entry, the BindIp.cmd script will launch instead and bind this program to desired IP-address.

###Conclusion

I’ve tested this on my laptop running Windows 8.1 x64 and was able to successfully bind various programs (AIMP 2, BersIRC, Opera 12.4) to Ethernet or WiFi adapter using this technique. Unfortunately BindIp.dll is 32-bit, so it wouldn’t work with 64-bit processes.