How to reroute all traffic using hosts file?

windows hosts hosts-file

15,916

Solution 1

The hosts file simply acts as a way to overwrite DNS results, based on Fully Qualified Domain Names. There is no wildcard and there is no way to do it using this method... unless you have a many TB big file that lists every domain... But I doubt you want to go down this route (and I am not sure it would even work).

Even considering this, people can still type in IP addresses, and they will reach the target as normal.

If you want to redirect traffic, the best you can do is custom routes.

I warn you that this is very dangerous, but the easiest way is to go to command prompt and type...

route delete *
route add 0.0.0.0 mask 0.0.0.0 x.x.x.x

where x.x.x.x is the ip you want to route traffic to, however, this must be an IP that is reachable within the network

edit---

Another solution, which is a lot better, and I am not sure why I didn't think of this at the time is to simply edit the DNS server of the machine. If you have got local access to edit the routes, you certainly will be able to do this. Simply host a DNS server somewhere that does support wildcards (which a lot do), and point the machine to that.

This is a much safer and better way to redirect traffic. That being said, this will only redirect traffic targeting FQDNs, if you want ALL IP traffic, the route is probably the only route(!) to go down.

Solution 2

Where would you want to reroute traffic through? I've set up a linux router that would act as a DHCP Server and Proxy to filter all traffic based on allowed/disallowed MAC Address lists.

15,916

Admin

Updated on September 18, 2022

Comments

Admin almost 2 years

Is there a way to redirect all traffic to one IP in the hosts file? If not, how else could i achieve this?
- jcrawfordor almost 13 years
  
  It's almost certain that you are doing something wrong. What exactly are you trying to achieve?
- Synetech almost 13 years
  
  Indeed. Rerouting all traffic to a single IP (which IP?) seems quite a strange thing to do without any context. If you are trying to use it as a means of security (eg processing, monitoring, logging, etc.), then you would be better off creating a separate system for use as a gateway.
Synetech almost 13 years

Nope, unfortunately the HOSTS file does indeed not support wildcards. Sadly that means you can’t use something like *.2o7.net. :-( And like William said, an overly large HOSTS file certainly does cause problems such as pegging the CPU at 100% if you have the DNSCache service running, making SPYBot, HiajackThis, and other apps that process it take forever to work, slowing down Internet access (because the browser/etc. keep reading the whole thing over and over again), and using a lot more memory.
Synetech almost 13 years

You could use that system as a gateway so that all traffic through it can be monitored, processed, logged, etc.
William Hilsum almost 13 years

@QRohlf using this method, you are actually faking/manipulating the routing table, but, your machine will need a route to that outside machine, so, it will not work. You may be able to manually manipulate ARP to forward certain IPs, however, unfortunately, it has been about a year since I last did something like that (Need a new job!) and I would be lying if I said that I remembered exactly.... However, I have another idea and updating answer.