Commit Graph

157 Commits

Author SHA1 Message Date
bol-van
148108785c syndata desync mode 2024-03-19 13:47:36 +03:00
bol-van
f4180847f4 tpws: improve debug printing 2024-03-10 09:43:28 +03:00
bol-van
3f9f1c36b8 tpws: support 'n' prefix in tamper-start and tamper-cutoff 2024-03-09 14:24:30 +03:00
bol-van
48850b5f4e dvtws fix socket buffers 2024-03-08 14:01:24 +03:00
bol-van
eaaa1a326c freebsd dvtws respect freebsd14+ PF_DIVERT 2024-03-08 11:09:14 +03:00
bol-van
663a2bb2a4 tpws: specify oob byte . tamper pos range limiter 2024-03-05 14:59:44 +03:00
bol-van
7ba1c28f94 auto ttl alog minor fix 2024-03-02 21:22:35 +03:00
bol-van
8a161f1f49 autottl, datanoack, oob, postnat 2024-03-02 17:53:37 +03:00
bol-van
8d56d02d1d nfqws: change default fake from w3.org to iana.org (NOT cloudflare) 2024-02-27 13:58:36 +03:00
bol-van
a33848b212 tls: respect tls record length 2023-12-19 13:40:28 +03:00
bol-van
62562bf727 freebsd bins clang 16 compiler 2023-11-19 16:15:53 +03:00
bol-van
a9a4cd5cb4 nfqws: tls client hello reassemble 2023-11-15 19:36:34 +03:00
bol-van
3559e1f2b8 autohostlist debug 2023-11-09 12:08:09 +03:00
bol-van
47cabddbd4 tpws: fix splice 2023-10-27 10:04:08 +03:00
bol-van
7ef7cbe554 recheck domain before adding to autohostlist 2023-10-26 16:27:52 +03:00
bol-van
ac574ce2ce autohostlist mode 2023-10-26 15:12:32 +03:00
bol-van
c4729c3006 nfqws,tpws: fix tls protocol bounds check 2023-10-12 14:46:32 +03:00
bol-van
508d11811d tpws: tlsrec preserve trailing bytes after ClientHello 2023-10-12 13:57:34 +03:00
bol-van
6dc413d0c9 tpws: --tlsrec 2023-10-12 12:35:06 +03:00
bol-van
274bb4b6da build mac64 universal x64+arm64 binaries 2023-10-06 11:21:20 +03:00
bol-van
67d2ec106b arm: compile binaries for older armv6 instruction set 2023-10-05 21:29:29 +03:00
bol-van
57486daa25 dvtws: do not fill excessive memory buffer 2023-09-21 14:16:28 +03:00
bol-van
905be06154 dvtws: FreeBSD 14 beta2 compat 2023-09-21 13:01:09 +03:00
bol-van
394c590a25 nfqws: tamper dht lex order 00 instead of aa 2023-09-07 21:02:29 +03:00
bol-van
15a31d53ed nfqws: tamper dht lex order aa instead of zz 2023-09-07 20:50:03 +03:00
bol-van
c91542d516 nfqws: DHT and tamper 2023-09-07 19:03:37 +03:00
bol-van
91ac09a8bd nfqws: udplen-pattern, hex string support 2023-09-07 13:41:25 +03:00
bol-van
bc6b683009 nfqws: wireguard protocol recognition 2023-08-12 09:56:19 +03:00
bol-van
d5b104d781 tpws: use accept4 instead of accept 2023-07-04 11:26:35 +03:00
bol-van
7f5fe99ad5 tpws --disorder 2023-07-03 15:28:42 +03:00
bol-van
657a08cafa mdig: resolved and failed domain logs 2023-01-05 17:32:06 +03:00
bol-van
109e3374d4 seccomp: more syscalls filter 2022-12-07 21:00:22 +03:00
bol-van
2dc13abb5d seccomp: more filtered syscalls 2022-12-05 14:38:39 +03:00
bol-van
87a77c5932 seccomp: fix jump offset 2022-11-23 18:56:10 +03:00
bol-van
619222b86e seecomp : fix x86 __X32_SYSCALL_BIT 2022-11-23 12:11:37 +03:00
bol-van
80a6ba9a8a seccomp optimize 2022-11-23 11:58:06 +03:00
bol-van
7af2d43d5f tpws,nfqws: seccomp hardening 2022-11-22 17:49:53 +03:00
bol-van
b9840364a6 binaries: upx 4.0 2022-11-02 00:01:11 +03:00
bol-van
04f8f7774d nfqws: do not complain if IPV6_FREEBIND not available 2022-07-29 08:20:57 +03:00
bol-van
895af0f629 nfqws: allow to decrease udp length 2022-07-27 12:00:36 +03:00
bol-van
403dc1a204 nfqws,tpws: multiple hostlist support, exclude hostlist support 2022-07-26 19:15:28 +03:00
bol-van
c2754cc347 ip2net: fix comparision 2022-06-17 10:39:09 +03:00
bol-van
76ae74eedd ip2net: some more optimize ipv6 sort 2022-06-17 10:35:20 +03:00
bol-van
732cb7f2d6 ip2net: some more optimize ipv6 sort 2022-06-17 10:19:45 +03:00
bol-van
9cf2e3f1de ip2net: optimize ipv6 sort for all endianness 2022-06-16 19:45:01 +03:00
bol-van
9529953594 ip2net: improve performance on big endian systems 2022-06-16 15:43:20 +03:00
bol-van
3842cbbca5 ip2net: i hate strict aliasing 2022-06-13 17:51:07 +03:00
bol-van
e2418531af nfqws: default quic fake to bypass russian TSPU 2022-05-30 14:48:29 +03:00
bol-van
bcb7abc830 complex TSPU hack is overkill 2022-05-30 09:31:57 +03:00
bol-van
01ec94806d nfqws: fix running on ipv6 disabled system 2022-05-20 11:21:38 +03:00
bol-van
877adbd6f6 nfqws: preserve fwmark. bind-fix 2022-05-15 15:54:35 +03:00
bol-van
7f7badb2af update bins 2022-05-03 12:32:14 +03:00
bol-van
a15de18b33 tpws: deny connections to 0.0.0.0 2022-04-21 13:41:43 +03:00
bol-van
dd1ba8218d tpws: check for sock4a protocol 2022-04-21 09:42:06 +03:00
bol-van
ffda684a43 nfqws: fakeknown, udplen desync modes 2022-04-12 15:52:06 +03:00
bol-van
2eec88c2bf nfqws: verify quic auth tag. improve initial packet detection 2022-03-26 21:00:58 +03:00
bol-van
3753349058 nfqws: quic protocol code optimizations 2022-03-26 10:08:10 +03:00
bol-van
f7c0c35670 nfqws: handle QUIC decrypt failed case during desync 2022-03-25 22:34:37 +03:00
bol-van
64406960aa nfqws: prevent out-of-band access in IsQUICCryptoHello 2022-03-25 20:08:05 +03:00
bol-van
dce5b4c6f0 nfqws: QUIC initial dissection support 2022-03-25 16:59:58 +03:00
bol-van
49771f160d nfqws: QUIC protocol recognition 2022-03-20 20:50:16 +03:00
bol-van
0a5ffc1a54 nfqws: QUIC protocol recognition 2022-03-20 20:46:39 +03:00
bol-van
190b4e367f nfqws: ipfrag1 desync mode 2022-02-05 15:39:58 +03:00
bol-van
6151afe727 nfqws: destopt desync mode 2022-02-05 13:36:32 +03:00
bol-van
8becc2ce18 binaries: toolchain update gcc 11.2 2022-02-04 14:05:28 +03:00
bol-van
81b25bfc85 Revert "binaries: update toolchain to gcc 11.2"
This reverts commit 7429bd3b98.
2022-02-04 13:44:23 +03:00
bol-van
7429bd3b98 binaries: update toolchain to gcc 11.2 2022-02-04 13:37:03 +03:00
bol-van
707e86bd90 nfqws: allow hopbyhop with 2nd phase desync 2022-02-02 15:18:35 +03:00
bol-van
a66aa7777a nfqws: do not drop packet in case of hopbyhop desync and ipv4 2022-02-02 09:39:48 +03:00
bol-van
87970b984b nfqws: hop-by-hop ipv6 fooling and desync 2022-02-01 20:38:00 +03:00
bol-van
cc5f0af5a8 tpws: always compile PF support, use --enable-pf flag in FreeBSD 2022-01-23 23:11:11 +03:00
bol-van
d619f1b99d tpws: fc00::/7 private range. PF convert ipv4 to ipv6 mapped address 2022-01-23 17:36:57 +03:00
bol-van
013f3996df tpws: fc00::/7 private range. PF convert ipv4 to ipv6 mapped address 2022-01-23 17:33:37 +03:00
bol-van
17d161267e tpws_pf chmod 2022-01-23 15:10:28 +03:00
bol-van
3d0feaf738 tpws: FreeBSD pf-enabled version 2022-01-23 14:45:12 +03:00
bol-van
8b0bb3c7d1 FreeBSD: x64 bins 2022-01-23 11:37:40 +03:00
bol-van
6b39411454 nfqws: ipv6 fragment at transport header 2022-01-05 15:34:57 +03:00
bol-van
1221626b1d nfqws: IP_NODEFRAG not working for ipv6 2022-01-03 22:16:11 +03:00
bol-van
94433e3279 nfqws: set IP_NODEFRAG sockopt 2022-01-03 21:14:55 +03:00
bol-van
690d458ec7 nfqws: ipfrag 2022-01-03 12:38:18 +03:00
bol-van
65830eb665 nfqws: udp protocol desync 2022-01-01 20:22:04 +03:00
bol-van
6af82ec97d nfqws: change default badack increment -65000=>-66000 2021-12-28 12:50:04 +03:00
bol-van
ff24920999 update bins 2021-12-27 16:51:42 +03:00
bol-van
606063dd48 nfqws: --dpi-desync-fake-unknown 2021-12-26 20:43:16 +03:00
bol-van
d1618faf40 nfqws: tunable badseq/badack increment, changed defaults 2021-12-26 17:11:21 +03:00
root
f2d083499e nfqws: change default split-pos from 3 to 2 2021-12-22 11:21:47 +03:00
bol-van
545c9a4730 nfqws: separate ipv4/6 ttl setting 2021-12-10 22:08:52 +03:00
bol-van
03886dda88 bin cosmetics 2021-11-12 12:53:01 +03:00
bol-van
cc85c1b489 nfqws, tpws : fix tls1.1, tls1.2, tls1.3 header recognition 2021-10-12 23:26:52 +03:00
bol-van
45f6838059 nfqws, tpws : fix tls1.1, tls1.2, tls1.3 header recognition 2021-10-12 23:24:38 +03:00
bol-van
6fc9031944 ip2net : precompute ipv6 masks 2021-09-18 21:26:50 +03:00
bol-van
0b8072840b ip2net : precompute ipv6 masks 2021-09-18 21:22:29 +03:00
bol-van
9402cd2cf0 ip2net : zero less significant bits in ip4/ip6 addresses, workaround GCC bug 2021-09-12 13:58:13 +03:00
bol-van
fe8cada8ae nfqws: synack desync mode 2021-04-07 12:13:46 +03:00
bol-van
5c0dbbaf7d update tpws bin for mac 2021-03-21 22:15:35 +03:00
bol-van
96cbd2fd5e nfqws: --dpi-desync-cutoff 2021-03-21 21:55:26 +03:00
bol-van
a9292cf4c2 nfqws: do not reset conntrack entry in SYN state 2021-03-21 10:58:59 +03:00
bol-van
17867c25b7 nfqws: allow resetting conntrack entry in any state on SYN 2021-03-20 11:38:00 +03:00
bol-van
5e1adaa348 tpws: block connections to ::ffff:127.0.0.0/104 2021-03-19 11:33:42 +03:00
bol-van
94405e89c3 tpws: block connections to 127.0.0.0/8 2021-03-19 10:55:20 +03:00