ForkMaster/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2024-11-11 17:29:16 +05:00
Code Issues Actions Packages Projects Releases Wiki Activity

dvtws fix socket buffers

Browse Source
This commit is contained in:
bol-van 2024-03-08 14:01:24 +03:00
parent 70fa1dbea7
commit 48850b5f4e
4 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
binaries/freebsd-x64/dvtws
View File

Binary file not shown.

19
nfq/darkmagic.c
View File

@ -903,14 +903,8 @@ static int *rawsend_family_sock(sa_family_t family)
}
#ifdef BSD
int rawsend_socket_divert(sa_family_t family)
int socket_divert(sa_family_t family)
{
// HACK HACK HACK HACK HACK HACK HACK HACK
// FreeBSD doesnt allow IP_HDRINCL for IPV6
// OpenBSD doesnt allow rawsending tcp frames
// we either have to go to the link layer (its hard, possible problems arise, compat testing, ...) or use some HACKING
// from my point of view disabling direct ability to send ip frames is not security. its SHIT
int fd;
#ifdef __FreeBSD__
@ -921,6 +915,17 @@ int rawsend_socket_divert(sa_family_t family)
#endif
// freebsd13- or openbsd way
fd = socket(family, SOCK_RAW, IPPROTO_DIVERT);
return fd;
}
static int rawsend_socket_divert(sa_family_t family)
{
// HACK HACK HACK HACK HACK HACK HACK HACK
// FreeBSD doesnt allow IP_HDRINCL for IPV6
// OpenBSD doesnt allow rawsending tcp frames
// we either have to go to the link layer (its hard, possible problems arise, compat testing, ...) or use some HACKING
// from my point of view disabling direct ability to send ip frames is not security. its SHIT
int fd = socket_divert(family);
if (fd!=-1 && !set_socket_buffers(fd,4096,RAW_SNDBUF))
{
close(fd);

2
nfq/darkmagic.h
View File

@ -139,7 +139,7 @@ bool rawsend_preinit(bool bind_fix4, bool bind_fix6);
// cleans up socket autocreated by rawsend
void rawsend_cleanup(void);
int rawsend_socket_divert(sa_family_t family);
int socket_divert(sa_family_t family);
const char *proto_name(uint8_t proto);
uint16_t family_from_proto(uint8_t l3proto);

4
nfq/nfqws.c
View File

@ -353,7 +353,7 @@ static int dvt_main(void)
bp4.sin_addr.s_addr = INADDR_ANY;
printf("creating divert4 socket\n");
fd[0] = rawsend_socket_divert(AF_INET);
fd[0] = socket_divert(AF_INET);
if (fd[0] == -1) {
perror("socket (DIVERT4)");
goto exiterr;
@ -378,7 +378,7 @@ static int dvt_main(void)
bp6.sin6_port = htons(params.port);
printf("creating divert6 socket\n");
fd[1] = rawsend_socket_divert(AF_INET6);
fd[1] = socket_divert(AF_INET6);
if (fd[1] == -1) {
perror("socket (DIVERT6)");
goto exiterr;