Merge pull request #66 from xvzc/chunk-size

Chunk size
This commit is contained in:
xvzc 2024-07-27 11:02:12 +09:00 committed by GitHub
commit 4b06b75f79
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 95 additions and 56 deletions

1
.gitignore vendored
View File

@ -3,3 +3,4 @@ spoof-dpi-*
spoof-dpi.* spoof-dpi.*
!*/spoof-dpi/ !*/spoof-dpi/
.DS_Store .DS_Store
out/**

6
build
View File

@ -2,7 +2,7 @@
docker run --rm \ docker run --rm \
-it \ -it \
--workdir /app/ \ --workdir /app/out \
-v $(pwd):/app \ -v ./:/app \
golang:1.21-alpine \ golang:1.21-alpine \
sh make-releases.sh sh /app/make-releases.sh

View File

@ -89,6 +89,9 @@ func (pxy *Proxy) splitInChunks(bytes []byte, size int) [][]byte {
var chunks [][]byte var chunks [][]byte
var raw []byte = bytes var raw []byte = bytes
if pxy.windowSize > 0 {
log.Debug("[HTTPS] Chunking client hello.")
for { for {
if len(raw) == 0 { if len(raw) == 0 {
break break
@ -107,6 +110,17 @@ func (pxy *Proxy) splitInChunks(bytes []byte, size int) [][]byte {
return chunks return chunks
} }
// When the given window-size <= 0
if len(raw) < 1 {
return [][]byte{raw}
}
log.Debug("[HTTPS] Using legacy fragmentation.")
return [][]byte{raw[:1], raw[1:]}
}
func (pxy *Proxy) patternExists() bool { func (pxy *Proxy) patternExists() bool {
return pxy.allowedPattern != nil || pxy.allowedUrls != nil return pxy.allowedPattern != nil || pxy.allowedUrls != nil
} }

View File

@ -51,25 +51,31 @@ You can also build your own
``` ```
Usage: spoof-dpi [options...] Usage: spoof-dpi [options...]
-addr string -addr string
Listen addr (default "127.0.0.1") listen address (default "127.0.0.1")
-debug -debug
Enable debug output enable debug output
-dns-addr string -dns-addr string
DNS addr (default "8.8.8.8") dns address (default "8.8.8.8")
-dns-port int -dns-port int
DNS port (default 53) port number for dns (default 53)
-enable-doh -enable-doh
Enable DOH enable 'dns over https'
-no-banner -no-banner
Disable banner disable banner
-pattern string -pattern string
Bypass DPI only on packets matching this regex pattern bypass DPI only on packets matching this regex pattern
-port int -port int
port (default 8080) port (default 8080)
-timeout int -timeout int
timeout in milliseconds (default 2000) timeout in milliseconds (default 2000)
-url value -url value
Bypass DPI only on this url, can be passed multiple times Bypass DPI only on this url, can be passed multiple times
-v print spoof-dpi's version. this may contain some other relevant information
-window-size int
chunk size, in number of bytes, for fragmented client hello,
try lower values if the default value doesn't bypass the DPI;
set to 0 to use old (pre v0.10.0) client hello splitting method:
fragmentation for the first data packet and the rest (default 50)
``` ```
> If you are using any vpn extensions such as Hotspot Shield in Chrome browser, > If you are using any vpn extensions such as Hotspot Shield in Chrome browser,

View File

@ -51,26 +51,31 @@ wget -O - https://raw.githubusercontent.com/xvzc/SpoofDPI/main/install.sh | bash
``` ```
Usage: spoof-dpi [options...] Usage: spoof-dpi [options...]
-addr string -addr string
Listen addr (default "127.0.0.1") listen address (default "127.0.0.1")
-debug -debug
Enable debug output enable debug output
-dns-addr string -dns-addr string
DNS addr (default "8.8.8.8") dns address (default "8.8.8.8")
-dns-port int -dns-port int
DNS port (default 53) port number for dns (default 53)
-enable-doh -enable-doh
Enable DOH enable 'dns over https'
-no-banner -no-banner
Disable banner disable banner
-pattern string -pattern string
Bypass DPI only on packets matching this regex pattern bypass DPI only on packets matching this regex pattern
-port int -port int
port (default 8080) port (default 8080)
-timeout int -timeout int
timeout in milliseconds (default 2000) timeout in milliseconds (default 2000)
-url value -url value
Bypass DPI only on this url, can be passed multiple times Bypass DPI only on this url, can be passed multiple times
-v print spoof-dpi's version. this may contain some other relevant information
-window-size int
chunk size, in number of bytes, for fragmented client hello,
try lower values if the default value doesn't bypass the DPI;
set to 0 to use old (pre v0.10.0) client hello splitting method:
fragmentation for the first data packet and the rest (default 50)
``` ```
> 만약 브라우저에서 Hotspot Shield와 같은 크롬 VPN 확장프로그램을 사용중이라면 > 만약 브라우저에서 Hotspot Shield와 같은 크롬 VPN 확장프로그램을 사용중이라면
Settings > Extension 으로 이동해 비활성화 해주시기바랍니다. Settings > Extension 으로 이동해 비활성화 해주시기바랍니다.

View File

@ -52,26 +52,31 @@ wget -O - https://raw.githubusercontent.com/xvzc/SpoofDPI/main/install.sh | bash
``` ```
Usage: spoof-dpi [options...] Usage: spoof-dpi [options...]
-addr string -addr string
Listen addr (default "127.0.0.1") listen address (default "127.0.0.1")
-debug -debug
Enable debug output enable debug output
-dns-addr string -dns-addr string
DNS addr (default "8.8.8.8") dns address (default "8.8.8.8")
-dns-port int -dns-port int
DNS port (default 53) port number for dns (default 53)
-enable-doh -enable-doh
Enable DOH enable 'dns over https'
-no-banner -no-banner
Disable banner disable banner
-pattern string -pattern string
Bypass DPI only on packets matching this regex pattern bypass DPI only on packets matching this regex pattern
-port int -port int
port (default 8080) port (default 8080)
-timeout int -timeout int
timeout in milliseconds (default 2000) timeout in milliseconds (default 2000)
-url value -url value
Bypass DPI only on this url, can be passed multiple times Bypass DPI only on this url, can be passed multiple times
-v print spoof-dpi's version. this may contain some other relevant information
-window-size int
chunk size, in number of bytes, for fragmented client hello,
try lower values if the default value doesn't bypass the DPI;
set to 0 to use old (pre v0.10.0) client hello splitting method:
fragmentation for the first data packet and the rest (default 50)
``` ```
**Перевод:** **Перевод:**
``` ```

View File

@ -58,26 +58,31 @@ You can also build your own
``` ```
Usage: spoof-dpi [options...] Usage: spoof-dpi [options...]
-addr string -addr string
Listen addr (default "127.0.0.1") listen address (default "127.0.0.1")
-debug -debug
Enable debug output enable debug output
-dns-addr string -dns-addr string
DNS addr (default "8.8.8.8") dns address (default "8.8.8.8")
-dns-port int -dns-port int
DNS port (default 53) port number for dns (default 53)
-enable-doh -enable-doh
Enable DOH enable 'dns over https'
-no-banner -no-banner
Disable banner disable banner
-pattern string -pattern string
Bypass DPI only on packets matching this regex pattern bypass DPI only on packets matching this regex pattern
-port int -port int
port (default 8080) port (default 8080)
-timeout int -timeout int
timeout in milliseconds (default 2000) timeout in milliseconds (default 2000)
-url value -url value
Bypass DPI only on this url, can be passed multiple times Bypass DPI only on this url, can be passed multiple times
-v print spoof-dpi's version. this may contain some other relevant information
-window-size int
chunk size, in number of bytes, for fragmented client hello,
try lower values if the default value doesn't bypass the DPI;
set to 0 to use old (pre v0.10.0) client hello splitting method:
fragmentation for the first data packet and the rest (default 50)
``` ```
> 如果你在 Chrome 浏览器使用其他 VPN 扩展比如 Hotspot Shield 请去 设置 > 扩展程序禁用它们 > 如果你在 Chrome 浏览器使用其他 VPN 扩展比如 Hotspot Shield 请去 设置 > 扩展程序禁用它们

View File

@ -47,23 +47,26 @@ func GetConfig() *Config {
func ParseArgs() { func ParseArgs() {
config = &Config{} config = &Config{}
config.Addr = flag.String("addr", "127.0.0.1", "Listen addr") config.Addr = flag.String("addr", "127.0.0.1", "listen address")
config.Port = flag.Int("port", 8080, "port") config.Port = flag.Int("port", 8080, "port")
config.DnsAddr = flag.String("dns-addr", "8.8.8.8", "DNS addr") config.DnsAddr = flag.String("dns-addr", "8.8.8.8", "dns address")
config.DnsPort = flag.Int("dns-port", 53, "DNS port") config.DnsPort = flag.Int("dns-port", 53, "port number for dns")
config.EnableDoh = flag.Bool("enable-doh", false, "Enable DOH") config.EnableDoh = flag.Bool("enable-doh", false, "enable 'dns over https'")
config.Debug = flag.Bool("debug", false, "Enable debug output") config.Debug = flag.Bool("debug", false, "enable debug output")
config.NoBanner = flag.Bool("no-banner", false, "Disable banner") config.NoBanner = flag.Bool("no-banner", false, "disable banner")
config.Timeout = flag.Int("timeout", 2000, "timeout in milliseconds") config.Timeout = flag.Int("timeout", 2000, "timeout in milliseconds")
config.WindowSize = flag.Int("window-size", 50, "window-size for fragmented client hello") config.WindowSize = flag.Int("window-size", 50, `chunk size, in number of bytes, for fragmented client hello,
config.Version = flag.Bool("v", false, "print version") try lower values if the default value doesn't bypass the DPI;
set to 0 to use old (pre v0.10.0) client hello splitting method:
fragmentation for the first data packet and the rest`)
flag.Var(&allowedHosts, "url", "Bypass DPI only on this url, can be passed multiple times") flag.Var(&allowedHosts, "url", "Bypass DPI only on this url, can be passed multiple times")
allowedPattern = flag.String( allowedPattern = flag.String(
"pattern", "pattern",
"", "",
"Bypass DPI only on packets matching this regex pattern", "bypass DPI only on packets matching this regex pattern",
) )
config.Version = flag.Bool("v", false, "print spoof-dpi's version. this may contain some other relevant information")
flag.Parse() flag.Parse()