From 61e39bc095f02be6daf279e57f3038a3c17e9cc1 Mon Sep 17 00:00:00 2001 From: ValdikSS Date: Wed, 6 Dec 2017 03:05:09 +0300 Subject: [PATCH] New feature: additional processed TCP ports --- goodbyedpi.c | 58 ++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 47 insertions(+), 11 deletions(-) diff --git a/goodbyedpi.c b/goodbyedpi.c index 2faa5f0..d0c117d 100644 --- a/goodbyedpi.c +++ b/goodbyedpi.c @@ -8,7 +8,7 @@ #include #include #include -#include +#include #include "windivert.h" #define die() do { printf("Something went wrong!\n" \ @@ -56,6 +56,40 @@ static const char *http_methods[] = { "OPTIONS ", }; +static struct option long_options[] = { + {"port", required_argument, 0, 'z' }, + {0, 0, 0, 0 } +}; + +static char *filter_string = "(ip and tcp and " + "(inbound and ((" + "((ip.Id == 0x0001 or ip.Id == 0x0000) and tcp.SrcPort == 80 and tcp.Ack) or " + "((tcp.SrcPort == 80 or tcp.SrcPort == 443) and tcp.Ack and tcp.Syn)" + ") and " DIVERT_NO_LOCALNETS_SRC ") or " + "(outbound and " + "(tcp.DstPort == 80 or tcp.DstPort == 443) and tcp.Ack and " + DIVERT_NO_LOCALNETS_DST ")" + "))"; + +static void add_filter_str(int proto, int port) { + const char *udp = " or (ip and udp and (udp.SrcPort == %d or udp.DstPort == %d))"; + const char *tcp = " or (ip and tcp and (tcp.SrcPort == %d or tcp.DstPort == %d))"; + + char *current_filter = filter_string; + int new_filter_size = strlen(current_filter) + + (proto == IPPROTO_UDP ? strlen(udp) : strlen(tcp)) + 16; + char *new_filter = malloc(new_filter_size); + + strcpy(new_filter, current_filter); + if (proto == IPPROTO_UDP) + sprintf(&(new_filter[strlen(new_filter)]), udp, port, port); + else + sprintf(&(new_filter[strlen(new_filter)]), tcp, port, port); + + filter_string = new_filter; + free(current_filter); +} + static char* dumb_memmem(const char* haystack, int hlen, const char* needle, int nlen) { // naive implementation if (nlen > hlen) return NULL; @@ -271,6 +305,16 @@ int main(int argc, char *argv[]) { case 'w': do_http_allports = 1; break; + case 'z': + /* i is used as a temporary variable here */ + i = atoi(optarg); + if (i <= 0 || i > 65535) { + printf("Port parameter error!\n"); + exit(EXIT_FAILURE); + } + add_filter_str(IPPROTO_TCP, i); + i = 0; + break; default: printf("Usage: goodbyedpi.exe [OPTION...]\n" " -p block passive DPI\n" @@ -281,6 +325,7 @@ int main(int argc, char *argv[]) { " -f [value] set HTTP fragmentation to value\n" " -e [value] set HTTPS fragmentation to value\n" " -w try to find and parse HTTP traffic on all processed ports (not only on port 80)\n" + " --port additional TCP port to perform fragmentation on (and HTTP tricks with -w)\n" "\n" " -1 -p -r -s -f 2 -e 2 (most compatible mode, default)\n" " -2 -p -r -s -f 2 -e 40 (better speed yet still compatible)\n" @@ -323,16 +368,7 @@ int main(int argc, char *argv[]) { * IPv4 filter for inbound HTTP redirection packets and * active DPI circumvention */ - filters[filter_num] = init("ip and tcp and " - "(inbound and ((" - "((ip.Id == 0x0001 or ip.Id == 0x0000) and tcp.SrcPort == 80 and tcp.Ack) or " - "((tcp.SrcPort == 80 or tcp.SrcPort == 443) and tcp.Ack and tcp.Syn)" - ") and " DIVERT_NO_LOCALNETS_SRC ") or " - "(outbound and " - "(tcp.DstPort == 80 or tcp.DstPort == 443) and tcp.Ack and " - DIVERT_NO_LOCALNETS_DST ")" - ")", - 0); + filters[filter_num] = init(filter_string, 0); w_filter = filters[filter_num]; filter_num++;