ForkMaster/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2024-11-14 10:48:32 +05:00
Code Issues Actions Packages Projects Releases Wiki Activity

blockcheck: wssize least priority

Browse Source
This commit is contained in:
bol-van 2021-12-13 17:01:50 +03:00
parent e2d5d5c18b
commit 089dccf278
1 changed files with 22 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
blockcheck.sh
View File

@ -23,7 +23,7 @@ HDRTEMP=/tmp/zapret-hdr.txt
ECHON="echo -n" ECHON="echo -n"
DNSCHECK_DNS="8.8.8.8 1.1.1.1 77.88.8.8" DNSCHECK_DNS="8.8.8.8 1.1.1.1 77.88.8.8"
DNSCHECK_DOM="pornhub.com putinhuylo.com rutracker.org nnmclub.to protonmail.com" DNSCHECK_DOM="pornhub.com putinhuylo.com rutracker.org nnmclub.to startmail.com"
DNSCHECK_DIG1=/tmp/dig1.txt DNSCHECK_DIG1=/tmp/dig1.txt
DNSCHECK_DIG2=/tmp/dig2.txt DNSCHECK_DIG2=/tmp/dig2.txt
DNSCHECK_DIGS=/tmp/digs.txt DNSCHECK_DIGS=/tmp/digs.txt
@ -402,7 +402,7 @@ pktws_check_domain_bypass()
# $2 - encrypted test : 1/0 # $2 - encrypted test : 1/0
# $3 - domain # $3 - domain
local strategy tests='fake' ttls s sec="$2" found local strategy tests='fake' ttls s sec="$2"
[ "$sec" = 0 ] && { [ "$sec" = 0 ] && {
for s in '--hostcase' '--hostspell=hoSt' '--hostnospace' '--domcase'; do for s in '--hostcase' '--hostspell=hoSt' '--hostnospace' '--domcase'; do
@ -441,47 +441,33 @@ pktws_check_domain_bypass()
fi fi
ttls=$(seq -s ' ' $MIN_TTL $MAX_TTL) ttls=$(seq -s ' ' $MIN_TTL $MAX_TTL)
for e in '' '--wssize 1:6'; do
[ -n "$e" ] && {
pktws_curl_test $1 $3 $e && strategy="${strategy:-$e}"
for desync in split2 disorder2; do
s="--dpi-desync=$desync $e"
pktws_curl_test $1 $3 $s && strategy="${strategy:-$s}"
done
}
for desync in $tests; do for desync in $tests; do
found=0
for ttl in $ttls; do for ttl in $ttls; do
s="--dpi-desync=$desync --dpi-desync-ttl=$ttl" s="--dpi-desync=$desync --dpi-desync-ttl=$ttl $e"
pktws_curl_test $1 $3 $s && { pktws_curl_test $1 $3 $s && {
found=1
strategy="${strategy:-$s}" strategy="${strategy:-$s}"
break break
} }
done done
[ "$sec" = 1 ] && [ "$found" = 0 ] && {
for ttl in $ttls; do
s="--dpi-desync=$desync --dpi-desync-ttl=$ttl --wssize 1:6"
pktws_curl_test $1 $3 $s && {
found=1
strategy="${strategy:-$s}"
break
}
done
}
for fooling in badsum md5sig badseq; do for fooling in badsum md5sig badseq; do
s="--dpi-desync=$desync --dpi-desync-fooling=$fooling" s="--dpi-desync=$desync --dpi-desync-fooling=$fooling $e"
if pktws_curl_test $1 $3 $s ; then if pktws_curl_test $1 $3 $s ; then
strategy="${strategy:-$s}" strategy="${strategy:-$s}"
[ "$fooling" = "md5sig" ] && echo 'WARNING ! although md5sig fooling worked it will not work on all sites. it typically works only on linux servers.' [ "$fooling" = "md5sig" ] && echo 'WARNING ! although md5sig fooling worked it will not work on all sites. it typically works only on linux servers.'
else
[ "$sec" = 1 ] && {
s="$s --wssize 1:6"
pktws_curl_test $1 $3 $s && {
strategy="${strategy:-$s}"
[ "$fooling" = "md5sig" ] && echo 'WARNING ! although md5sig fooling worked it will not work on all sites. it typically works only on linux servers.'
}
}
fi fi
done done
done done
# do not do wssize test for http. it's useless
[ "$sec" = 1 ] && { [ "$sec" = 1 ] || break
s="--wssize 1:6" done
pktws_curl_test $1 $3 $s && strategy="${strategy:-$s}"
}
echo echo
if [ -n "$strategy" ]; then if [ -n "$strategy" ]; then
@ -660,6 +646,7 @@ ask_params()
ask_yes_no_var IGNORE_CA "do not verify server certificate" ask_yes_no_var IGNORE_CA "do not verify server certificate"
[ "$IGNORE_CA" = 1 ] && CURL_OPT=-k [ "$IGNORE_CA" = 1 ] && CURL_OPT=-k
} }
echo
} }