mirror of
https://github.com/ValdikSS/GoodbyeDPI.git
synced 2024-12-22 14:26:08 +00:00
Block passive DPI packets only with "Connection: close". Fixes #17.
Some servers set "don't fragment" flag and never increase TCP ID field. If they send HTTP redirection to another website, it would be blocked by the program. This is a hack to block redirects only with "Connection: close" header as presumably legal redirects are most likely would use keep-alive.
This commit is contained in:
parent
c1ca4f9804
commit
96fb5f9516
@ -29,6 +29,7 @@ static const char *http_host_find = "\r\nHost: ";
|
||||
static const char *http_host_replace = "\r\nhoSt: ";
|
||||
static const char *http_useragent_find = "\r\nUser-Agent: ";
|
||||
static const char *location_http = "\r\nLocation: http://";
|
||||
static const char *connection_close = "\r\nConnection: close";
|
||||
static const char *http_methods[] = {
|
||||
"GET ",
|
||||
"HEAD ",
|
||||
@ -91,8 +92,9 @@ static int is_passivedpi_redirect(const char *pktdata, int pktlen) {
|
||||
if (memcmp(pktdata, http11_redirect_302, strlen(http11_redirect_302)) == 0 ||
|
||||
memcmp(pktdata, http10_redirect_302, strlen(http10_redirect_302)) == 0)
|
||||
{
|
||||
/* Then check if this is a redirect to new http site */
|
||||
if (dumb_memmem(pktdata, pktlen, location_http, strlen(location_http))) {
|
||||
/* Then check if this is a redirect to new http site with Connection: close */
|
||||
if (dumb_memmem(pktdata, pktlen, location_http, strlen(location_http)) &&
|
||||
dumb_memmem(pktdata, pktlen, connection_close, strlen(connection_close))) {
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user