mirror of
https://github.com/ValdikSS/GoodbyeDPI.git
synced 2024-12-22 14:26:08 +00:00
Do not print DNS warnings by default and drop duplicate requests.
Windows is known to use all available interfaces for DNS requests, which is handled as a duplicate (retransmission) in dns redirector. It's safe to just drop these duplicates.
This commit is contained in:
parent
30bb1a665a
commit
dd4d6bc5c6
@ -24,6 +24,7 @@ Usage: goodbyedpi.exe [OPTION...]
|
||||
--port additional TCP port to perform fragmentation on (and HTTP tricks with -w)
|
||||
--dns-addr redirect UDP DNS requests to the supplied IP address (experimental)
|
||||
--dns-port redirect UDP DNS requests to the supplied port (53 by default)
|
||||
--dns-verb print verbose DNS redirection messages
|
||||
|
||||
-1 -p -r -s -f 2 -e 2 (most compatible mode, default)
|
||||
-2 -p -r -s -f 2 -e 40 (better speed yet still compatible)
|
||||
|
21
dnsredir.c
21
dnsredir.c
@ -23,9 +23,7 @@
|
||||
|
||||
#ifndef debug
|
||||
#define debug(...) do {} while (0)
|
||||
#endif
|
||||
|
||||
#ifndef debug
|
||||
#else
|
||||
#define debug(...) printf(...)
|
||||
#endif
|
||||
|
||||
@ -146,6 +144,18 @@ void dns_cleanup() {
|
||||
}
|
||||
}
|
||||
|
||||
int dns_is_dns_packet(const char *packet_data, const UINT packet_dataLen, const int outgoing) {
|
||||
if (outgoing && (ntohs(*(const uint16_t*)(packet_data + 2)) & 0xFA00) == 0 &&
|
||||
(ntohs(*(const uint32_t*)(packet_data + 6))) == 0) {
|
||||
return TRUE;
|
||||
}
|
||||
else if (!outgoing &&
|
||||
(ntohs(*(const uint16_t*)(packet_data + 2)) & 0xF800) == 0x8000) {
|
||||
return TRUE;
|
||||
}
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
int dns_handle_outgoing(const uint32_t srcip, const uint16_t srcport,
|
||||
const uint32_t dstip, const uint16_t dstport,
|
||||
const char *packet_data, const UINT packet_dataLen) {
|
||||
@ -155,8 +165,7 @@ int dns_handle_outgoing(const uint32_t srcip, const uint16_t srcport,
|
||||
|
||||
dns_cleanup();
|
||||
|
||||
if ((ntohs(*(const uint16_t*)(packet_data + 2)) & 0xFA00) == 0 &&
|
||||
(ntohs(*(const uint32_t*)(packet_data + 6))) == 0) {
|
||||
if (dns_is_dns_packet(packet_data, packet_dataLen, 1)) {
|
||||
/* Looks like DNS request */
|
||||
debug("trying to add srcport = %hu, dstport = %hu\n", ntohs(srcport), ntohs(dstport));
|
||||
return add_udp_conntrack(srcip, srcport, dstip, dstport);
|
||||
@ -178,7 +187,7 @@ int dns_handle_incoming(const uint32_t srcip, const uint16_t srcport,
|
||||
|
||||
dns_cleanup();
|
||||
|
||||
if ((ntohs(*(const uint16_t*)(packet_data + 2)) & 0xF800) == 0x8000) {
|
||||
if (dns_is_dns_packet(packet_data, packet_dataLen, 0)) {
|
||||
/* Looks like DNS response */
|
||||
construct_key(srcip, srcport, key);
|
||||
if (check_get_udp_conntrack_key(key, &tmp_connrecord) && tmp_connrecord) {
|
||||
|
@ -17,3 +17,4 @@ int dns_handle_outgoing(const uint32_t srcip, const uint16_t srcport,
|
||||
const char *packet_data, const UINT packet_dataLen);
|
||||
|
||||
void flush_dns_cache();
|
||||
int dns_is_dns_packet(const char *packet_data, const UINT packet_dataLen, const int outgoing);
|
||||
|
23
goodbyedpi.c
23
goodbyedpi.c
@ -62,6 +62,7 @@ static struct option long_options[] = {
|
||||
{"port", required_argument, 0, 'z' },
|
||||
{"dns-addr", required_argument, 0, 'd' },
|
||||
{"dns-port", required_argument, 0, 'g' },
|
||||
{"dns-verb", no_argument, 0, 'v' },
|
||||
{0, 0, 0, 0 }
|
||||
};
|
||||
|
||||
@ -242,7 +243,8 @@ int main(int argc, char *argv[]) {
|
||||
do_fragment_https = 0, do_host = 0,
|
||||
do_host_removespace = 0, do_additional_space = 0,
|
||||
do_http_allports = 0,
|
||||
do_host_mixedcase = 0, do_dns_redirect = 0;
|
||||
do_host_mixedcase = 0, do_dns_redirect = 0,
|
||||
do_dns_verb = 0;
|
||||
int http_fragment_size = 2;
|
||||
int https_fragment_size = 2;
|
||||
uint32_t dns_addr = 0;
|
||||
@ -359,6 +361,9 @@ int main(int argc, char *argv[]) {
|
||||
}
|
||||
dns_port = ntohs(dns_port);
|
||||
break;
|
||||
case 'v':
|
||||
do_dns_verb = 1;
|
||||
break;
|
||||
default:
|
||||
printf("Usage: goodbyedpi.exe [OPTION...]\n"
|
||||
" -p block passive DPI\n"
|
||||
@ -578,7 +583,13 @@ int main(int argc, char *argv[]) {
|
||||
should_recalc_checksum = 1;
|
||||
}
|
||||
else {
|
||||
printf("[DNS] Error handling incoming packet!\n");
|
||||
if (dns_is_dns_packet(packet_data, packet_dataLen, 0))
|
||||
should_reinject = 0;
|
||||
|
||||
if (do_dns_verb && !should_reinject) {
|
||||
printf("[DNS] Error handling incoming packet: srcport = %hu, dstport = %hu\n",
|
||||
ntohs(ppUdpHdr->SrcPort), ntohs(ppUdpHdr->DstPort));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -594,7 +605,13 @@ int main(int argc, char *argv[]) {
|
||||
should_recalc_checksum = 1;
|
||||
}
|
||||
else {
|
||||
printf("[DNS] Error handling outgoing packet!\n");
|
||||
if (dns_is_dns_packet(packet_data, packet_dataLen, 1))
|
||||
should_reinject = 0;
|
||||
|
||||
if (do_dns_verb && !should_reinject) {
|
||||
printf("[DNS] Error handling outgoing packet: srcport = %hu, dstport = %hu\n",
|
||||
ntohs(ppUdpHdr->SrcPort), ntohs(ppUdpHdr->DstPort));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user