Introduce -5 and -6 modes and make -5 default

Modern modesets (more stable, more compatible, faster):
 -5          -f 2 -e 2 --auto-ttl --reverse-frag (this is the default now)
 -6          -f 2 -e 2 --wrong-seq --reverse-frag
This commit is contained in:
ValdikSS 2021-12-25 13:10:58 +03:00
parent 11c322aaed
commit a5c2f9fac9
2 changed files with 38 additions and 9 deletions

View File

@ -48,10 +48,16 @@ Usage: goodbyedpi.exe [OPTION...]
reversed order. Works with the websites which could not handle segmented reversed order. Works with the websites which could not handle segmented
HTTPS TLS ClientHello (because they receive the TCP flow "combined"). HTTPS TLS ClientHello (because they receive the TCP flow "combined").
-1 -p -r -s -f 2 -k 2 -n -e 2 (most compatible mode, default)
LEGACY modesets:
-1 -p -r -s -f 2 -k 2 -n -e 2 (most compatible mode)
-2 -p -r -s -f 2 -k 2 -n -e 40 (better speed for HTTPS yet still compatible) -2 -p -r -s -f 2 -k 2 -n -e 40 (better speed for HTTPS yet still compatible)
-3 -p -r -s -e 40 (better speed for HTTP and HTTPS) -3 -p -r -s -e 40 (better speed for HTTP and HTTPS)
-4 -p -r -s (best speed) -4 -p -r -s (best speed)
Modern modesets (more stable, more compatible, faster):
-5 -f 2 -e 2 --auto-ttl --reverse-frag (this is the default)
-6 -f 2 -e 2 --wrong-seq --reverse-frag
``` ```
To check if your ISP's DPI could be circumvented, run `3_all_dnsredir_hardcore.cmd` first. This is the most hardcore mode which will show if this program is suitable for your ISP and DPI vendor at all. If you can open blocked websites with this mode, it means your ISP has DPI which can be circumvented. This is the slowest and prone to break websites mode, but suitable for most DPI. To check if your ISP's DPI could be circumvented, run `3_all_dnsredir_hardcore.cmd` first. This is the most hardcore mode which will show if this program is suitable for your ISP and DPI vendor at all. If you can open blocked websites with this mode, it means your ISP has DPI which can be circumvented. This is the slowest and prone to break websites mode, but suitable for most DPI.

View File

@ -572,15 +572,16 @@ int main(int argc, char *argv[]) {
); );
if (argc == 1) { if (argc == 1) {
/* enable mode -1 by default */ /* enable mode -5 by default */
do_fragment_http = do_fragment_https = 1;
do_reverse_frag = do_native_frag = 1;
http_fragment_size = https_fragment_size = 2; http_fragment_size = https_fragment_size = 2;
do_passivedpi = do_host = do_host_removespace \ do_fragment_http_persistent = do_fragment_http_persistent_nowait = 1;
= do_fragment_http = do_fragment_https \ do_fake_packet = 1;
= do_fragment_http_persistent \ do_auto_ttl = 2;
= do_fragment_http_persistent_nowait = 1;
} }
while ((opt = getopt_long(argc, argv, "1234prsaf:e:mwk:n", long_options, NULL)) != -1) { while ((opt = getopt_long(argc, argv, "123456prsaf:e:mwk:n", long_options, NULL)) != -1) {
switch (opt) { switch (opt) {
case '1': case '1':
do_passivedpi = do_host = do_host_removespace \ do_passivedpi = do_host = do_host_removespace \
@ -603,6 +604,22 @@ int main(int argc, char *argv[]) {
case '4': case '4':
do_passivedpi = do_host = do_host_removespace = 1; do_passivedpi = do_host = do_host_removespace = 1;
break; break;
case '5':
do_fragment_http = do_fragment_https = 1;
do_reverse_frag = do_native_frag = 1;
http_fragment_size = https_fragment_size = 2;
do_fragment_http_persistent = do_fragment_http_persistent_nowait = 1;
do_fake_packet = 1;
do_auto_ttl = 2;
break;
case '6':
do_fragment_http = do_fragment_https = 1;
do_reverse_frag = do_native_frag = 1;
http_fragment_size = https_fragment_size = 2;
do_fragment_http_persistent = do_fragment_http_persistent_nowait = 1;
do_fake_packet = 1;
do_wrong_seq = 1;
break;
case 'p': case 'p':
do_passivedpi = 1; do_passivedpi = 1;
break; break;
@ -795,10 +812,16 @@ int main(int argc, char *argv[]) {
" reversed order. Works with the websites which could not handle segmented\n" " reversed order. Works with the websites which could not handle segmented\n"
" HTTPS TLS ClientHello (because they receive the TCP flow \"combined\").\n" " HTTPS TLS ClientHello (because they receive the TCP flow \"combined\").\n"
"\n" "\n"
" -1 -p -r -s -f 2 -k 2 -n -e 2 (most compatible mode, default)\n" "\n"
"LEGACY modesets:\n"
" -1 -p -r -s -f 2 -k 2 -n -e 2 (most compatible mode)\n"
" -2 -p -r -s -f 2 -k 2 -n -e 40 (better speed for HTTPS yet still compatible)\n" " -2 -p -r -s -f 2 -k 2 -n -e 40 (better speed for HTTPS yet still compatible)\n"
" -3 -p -r -s -e 40 (better speed for HTTP and HTTPS)\n" " -3 -p -r -s -e 40 (better speed for HTTP and HTTPS)\n"
" -4 -p -r -s (best speed)"); " -4 -p -r -s (best speed)"
"\n"
"Modern modesets (more stable, more compatible, faster):\n"
" -5 -f 2 -e 2 --auto-ttl --reverse-frag (this is the default)\n"
" -6 -f 2 -e 2 --wrong-seq --reverse-frag\n");
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
} }