mirrors/youtubeUnblock
1
0
Fork 0
mirror of https://github.com/Waujito/youtubeUnblock.git synced 2025-01-26 02:55:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #174 from Waujito/daemonize

Browse Source 
Daemonize youtubeUnblock with flags, without any overhead
This commit is contained in:
Vadim Vetrov 2024-11-29 23:24:50 +03:00 committed by GitHub
commit 7303abdaf2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
10 changed files with 266 additions and 188 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -241,6 +241,12 @@ Available flags:
- `--threads=<threads number>` Specifies the amount of threads you want to be running for your program. This defaults to **1** and shouldn't be edited for normal use. But if you really want multiple queue instances of youtubeUnblock, note that you should change --queue-num to --queue balance. For example, with 4 threads, use `--queue-balance 537:540` on iptables and `queue num 537-540` on nftables.
- `--daemonize` Daemonizes the youtubeUnblock (forks and detaches it from the shell). Terminate the program with `killall youtubeUnblock`. If you want to track the logs of youtubeUnblock in logread or journalctl, use **--syslog** flag.
- `--syslog` Redirects logs to the system log. You can read it with `journalctl` or `logread`.
- `--noclose` Usable only with `--daemonize`. Will not redirect io streams to /dev/null.
- `--packet-mark=<mark>` Use this option if youtubeUnblock conflicts with other systems rely on packet mark. Note that you may want to change accept rule for iptables to follow the mark.
- `--fbegin` and `--fend` flags: youtubeUnblock supports multiple sets of strategies for specific filters. You may want to initiate a new set after the default one, like: `--sni-domains=googlevideo.com --faking-strategy=md5sum --fbegin --sni-domains=youtube.com --faking-strategy=tcp_check --fend --fbegin --sni-domains=l.google.com --faking-strategy=pastseq --fend`. Note, that the priority of these sets goes backwards: last is first, default (one that does not start with --fbegin) is last. If you start the new section, the default settings are implemented just like youtubeUnblock without any parameters. Note that the config above is just an example and won't work for you.

144
args.c
View File

@ -8,6 +8,7 @@
#include <string.h>
#include "types.h"
#include "args.h"
#include "logging.h"
static char custom_fake_buf[MAX_FAKE_SIZE];
@ -21,40 +22,47 @@ struct config_t config = {
.use_gso = true,
.default_config = default_section_config,
.custom_configs_len = 0
.custom_configs_len = 0,
.daemonize = 0,
.noclose = 0,
.syslog = 0,
};
#define OPT_SNI_DOMAINS 1
#define OPT_EXCLUDE_DOMAINS 25
#define OPT_FAKE_SNI 2
#define OPT_FAKING_TTL 3
#define OPT_FAKING_STRATEGY 10
#define OPT_FAKE_SNI_SEQ_LEN 11
#define OPT_FAKE_SNI_TYPE 27
#define OPT_FAKE_CUSTOM_PAYLOAD 28
#define OPT_START_SECTION 29
#define OPT_END_SECTION 30
#define OPT_FRAG 4
#define OPT_FRAG_SNI_REVERSE 12
#define OPT_FRAG_SNI_FAKED 13
#define OPT_FRAG_MIDDLE_SNI 18
#define OPT_FRAG_SNI_POS 19
#define OPT_FK_WINSIZE 14
#define OPT_TRACE 15
#define OPT_QUIC_DROP 16
#define OPT_SNI_DETECTION 17
#define OPT_NO_IPV6 20
#define OPT_FAKE_SEQ_OFFSET 21
#define OPT_PACKET_MARK 22
#define OPT_SYNFAKE 23
#define OPT_SYNFAKE_LEN 24
#define OPT_SEG2DELAY 5
#define OPT_THREADS 6
#define OPT_SILENT 7
#define OPT_NO_GSO 8
#define OPT_QUEUE_NUM 9
#define OPT_MAX OPT_END_SECTION
enum {
OPT_SNI_DOMAINS,
OPT_EXCLUDE_DOMAINS,
OPT_FAKE_SNI,
OPT_FAKING_TTL,
OPT_FAKING_STRATEGY,
OPT_FAKE_SNI_SEQ_LEN,
OPT_FAKE_SNI_TYPE,
OPT_FAKE_CUSTOM_PAYLOAD,
OPT_START_SECTION,
OPT_END_SECTION,
OPT_DAEMONIZE,
OPT_NOCLOSE,
OPT_SYSLOG,
OPT_FRAG,
OPT_FRAG_SNI_REVERSE,
OPT_FRAG_SNI_FAKED,
OPT_FRAG_MIDDLE_SNI,
OPT_FRAG_SNI_POS,
OPT_FK_WINSIZE,
OPT_TRACE,
OPT_QUIC_DROP,
OPT_SNI_DETECTION,
OPT_NO_IPV6,
OPT_FAKE_SEQ_OFFSET,
OPT_PACKET_MARK,
OPT_SYNFAKE,
OPT_SYNFAKE_LEN,
OPT_SEG2DELAY,
OPT_THREADS,
OPT_SILENT,
OPT_NO_GSO,
OPT_QUEUE_NUM,
};
static struct option long_opt[] = {
{"help", 0, 0, 'h'},
@ -84,6 +92,9 @@ static struct option long_opt[] = {
{"trace", 0, 0, OPT_TRACE},
{"no-gso", 0, 0, OPT_NO_GSO},
{"no-ipv6", 0, 0, OPT_NO_IPV6},
{"daemonize", 0, 0, OPT_DAEMONIZE},
{"noclose", 0, 0, OPT_NOCLOSE},
{"syslog", 0, 0, OPT_SYSLOG},
{"queue-num", 1, 0, OPT_QUEUE_NUM},
{"packet-mark", 1, 0, OPT_PACKET_MARK},
{"fbegin", 0, 0, OPT_START_SECTION},
@ -152,6 +163,9 @@ void print_usage(const char *argv0) {
printf("\t--trace\n");
printf("\t--no-gso\n");
printf("\t--no-ipv6\n");
printf("\t--daemonize\n");
printf("\t--noclose\n");
printf("\t--syslog\n");
printf("\t--fbegin\n");
printf("\t--fend\n");
printf("\n");
@ -202,6 +216,15 @@ int parse_args(int argc, char *argv[]) {
config.use_ipv6 = 0;
break;
case OPT_DAEMONIZE:
config.daemonize = 1;
break;
case OPT_NOCLOSE:
config.noclose = 1;
break;
case OPT_SYSLOG:
config.syslog = 1;
break;
case OPT_THREADS:
if (section_iter != SECT_ITER_DEFAULT)
goto invalid_opt;
@ -471,96 +494,99 @@ error:
}
void print_welcome() {
if (config.syslog) {
printf("Logging to system log\n");
}
if (config.use_gso) {
printf("GSO is enabled\n");
lginfo("GSO is enabled\n");
}
if (config.use_ipv6) {
printf("IPv6 is enabled\n");
lginfo("IPv6 is enabled\n");
} else {
printf("IPv6 is disabled\n");
lginfo("IPv6 is disabled\n");
}
printf("Detected %d config sections\n", config.custom_configs_len + 1);
printf("The sections will be processed in order they goes in this output\n");
lginfo("Detected %d config sections\n", config.custom_configs_len + 1);
lginfo("The sections will be processed in order they goes in this output\n");
ITER_CONFIG_SECTIONS(section) {
int section_number = CONFIG_SECTION_NUMBER(section);
printf("Section #%d\n", section_number);
lginfo("Section #%d\n", section_number);
switch (section->fragmentation_strategy) {
case FRAG_STRAT_TCP:
printf("Using TCP segmentation\n");
lginfo("Using TCP segmentation\n");
break;
case FRAG_STRAT_IP:
printf("Using IP fragmentation\n");
lginfo("Using IP fragmentation\n");
break;
default:
printf("SNI fragmentation is disabled\n");
lginfo("SNI fragmentation is disabled\n");
break;
}
if (section->seg2_delay) {
printf("Some outgoing googlevideo request segments will be delayed for %d ms as of seg2_delay define\n", section->seg2_delay);
lginfo("Some outgoing googlevideo request segments will be delayed for %d ms as of seg2_delay define\n", section->seg2_delay);
}
if (section->fake_sni) {
printf("Fake SNI will be sent before each target client hello\n");
lginfo("Fake SNI will be sent before each target client hello\n");
} else {
printf("Fake SNI is disabled\n");
lginfo("Fake SNI is disabled\n");
}
if (section->frag_sni_reverse) {
printf("Fragmentation Client Hello will be reversed\n");
lginfo("Fragmentation Client Hello will be reversed\n");
}
if (section->frag_sni_faked) {
printf("Fooling packets will be sent near the original Client Hello\n");
lginfo("Fooling packets will be sent near the original Client Hello\n");
}
if (section->fake_sni_seq_len > 1) {
printf("Faking sequence of length %d will be built as fake sni\n", section->fake_sni_seq_len);
lginfo("Faking sequence of length %d will be built as fake sni\n", section->fake_sni_seq_len);
}
switch (section->faking_strategy) {
case FAKE_STRAT_TTL:
printf("TTL faking strategy will be used with TTL %d\n", section->faking_ttl);
lginfo("TTL faking strategy will be used with TTL %d\n", section->faking_ttl);
break;
case FAKE_STRAT_RAND_SEQ:
printf("Random seq faking strategy will be used\n");
printf("Fake seq offset set to %u\n", section->fakeseq_offset);
lginfo("Random seq faking strategy will be used\n");
lginfo("Fake seq offset set to %u\n", section->fakeseq_offset);
break;
case FAKE_STRAT_TCP_CHECK:
printf("TCP checksum faking strategy will be used\n");
lginfo("TCP checksum faking strategy will be used\n");
break;
case FAKE_STRAT_PAST_SEQ:
printf("Past seq faking strategy will be used\n");
lginfo("Past seq faking strategy will be used\n");
break;
case FAKE_STRAT_TCP_MD5SUM:
printf("md5sum faking strategy will be used\n");
lginfo("md5sum faking strategy will be used\n");
break;
}
if (section->fk_winsize) {
printf("Response TCP window will be set to %d with the appropriate scale\n", section->fk_winsize);
lginfo("Response TCP window will be set to %d with the appropriate scale\n", section->fk_winsize);
}
if (section->synfake) {
printf("Fake SYN payload will be sent with each TCP request SYN packet\n");
lginfo("Fake SYN payload will be sent with each TCP request SYN packet\n");
}
if (section->quic_drop) {
printf("All QUIC packets will be dropped\n");
lginfo("All QUIC packets will be dropped\n");
}
if (section->sni_detection == SNI_DETECTION_BRUTE) {
printf("Server Name Extension will be parsed in the bruteforce mode\n");
lginfo("Server Name Extension will be parsed in the bruteforce mode\n");
}
if (section->all_domains) {
printf("All Client Hello will be targeted by youtubeUnblock!\n");
lginfo("All Client Hello will be targeted by youtubeUnblock!\n");
} else {
printf("Target sni domains: %s\n", section->domains_str);
lginfo("Target sni domains: %s\n", section->domains_str);
}
}
}

5
config.h
View File

@ -64,7 +64,6 @@ struct section_config_t {
#define SNI_DETECTION_BRUTE 1
int sni_detection;
};
#define MAX_CONFIGLIST_LEN 64
@ -75,6 +74,10 @@ struct config_t {
int use_gso;
int use_ipv6;
unsigned int mark;
int daemonize;
// Same as daemon() noclose
int noclose;
int syslog;
#define VERBOSE_INFO 0
#define VERBOSE_DEBUG 1

72
kytunblock.c
View File

@ -38,7 +38,7 @@ static int open_raw_socket(void) {
ret = sock_create(AF_INET, SOCK_RAW, IPPROTO_RAW, &rawsocket);
if (ret < 0) {
pr_alert("Unable to create raw socket\n");
lgerror(ret, "Unable to create raw socket\n");
goto err;
}
@ -100,7 +100,7 @@ static int open_raw6_socket(void) {
ret = sock_create(AF_INET6, SOCK_RAW, IPPROTO_RAW, &raw6socket);
if (ret < 0) {
pr_alert("Unable to create raw socket\n");
lgerror(ret, "Unable to create raw socket\n");
goto err;
}
@ -162,12 +162,12 @@ static int send_raw_socket(const uint8_t *pkt, uint32_t pktlen) {
NETBUF_ALLOC(buff1, MAX_PACKET_SIZE);
if (!NETBUF_CHECK(buff1)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
return -ENOMEM;
}
NETBUF_ALLOC(buff2, MAX_PACKET_SIZE);
if (!NETBUF_CHECK(buff2)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
NETBUF_FREE(buff2);
return -ENOMEM;
}
@ -219,7 +219,7 @@ erret_lc:
}
static int delay_packet_send(const unsigned char *data, unsigned int data_len, unsigned int delay_ms) {
pr_info("delay_packet_send won't work on current youtubeUnblock version");
lginfo("delay_packet_send won't work on current youtubeUnblock version");
return send_raw_socket(data, data_len);
}
@ -309,7 +309,7 @@ static NF_CALLBACK(ykb_nf_hook, skb) {
ret = skb_linearize(skb);
if (ret < 0) {
lgerror("Cannot linearize", ret);
lgerror(ret, "Cannot linearize");
goto accept;
}
@ -350,41 +350,51 @@ static int __init ykb_init(void) {
ret = open_raw_socket();
if (ret < 0) goto err;
if (config.use_ipv6) {
ret = open_raw6_socket();
if (ret < 0) goto close_rawsocket;
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,13,0)
struct net *n;
for_each_net(n) {
ret = nf_register_net_hook(n, &ykb6_nf_reg);
if (ret < 0)
lgerror("bad rat",ret);
}
#else
nf_register_hook(&ykb6_nf_reg);
#endif
}
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,13,0)
struct net *n;
for_each_net(n) {
ret = nf_register_net_hook(n, &ykb_nf_reg);
if (ret < 0)
lgerror("bad rat",ret);
if (ret < 0) {
lgerror(ret, "register net_hook");
}
}
#else
nf_register_hook(&ykb_nf_reg);
ret = nf_register_hook(&ykb_nf_reg);
if (ret < 0) {
lgerror(ret, "register net_hook");
}
#endif
pr_info("youtubeUnblock kernel module started.\n");
if (config.use_ipv6) {
ret = open_raw6_socket();
if (ret < 0) {
config.use_ipv6 = 0;
lgwarning("ipv6 disabled!");
goto ipv6_fallback;
}
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,13,0)
struct net *n;
for_each_net(n) {
ret = nf_register_net_hook(n, &ykb6_nf_reg);
if (ret < 0) {
lgerror(ret, "register net6_hook");
}
}
#else
ret = nf_register_hook(&ykb6_nf_reg);
if (ret < 0) {
lgerror(ret, "register net6_hook");
}
#endif
}
ipv6_fallback:
lginfo("youtubeUnblock kernel module started.\n");
return 0;
close_rawsocket:
close_raw_socket();
err:
return ret;
}
@ -410,7 +420,7 @@ static void __exit ykb_destroy(void) {
#endif
close_raw_socket();
pr_info("youtubeUnblock kernel module destroyed.\n");
lginfo("youtubeUnblock kernel module destroyed.\n");
}
module_init(ykb_init);

46
logging.h
View File

@ -9,36 +9,62 @@
#include <linux/module.h>
#define printf pr_info
#define perror pr_err
#define lgerror(msg, ret, ...) __extension__ ({ \
pr_err(msg ": %d\n", ##__VA_ARGS__, ret); \
})
#define LOG_ERR KERN_ERR
#define LOG_INFO KERN_INFO
#define LOG_WARN KERN_WARNING
#define log_message(level, msg, ...) \
(printk(level msg, ##__VA_ARGS__))
#define lgerror(ret, msg, ...) \
(log_message(LOG_ERR, msg ": %d\n", ##__VA_ARGS__, ret))
#else
#include <stdio.h> // IWYU pragma: export
#include <errno.h>
#define lgerror(msg, ret, ...) __extension__ ({ \
#include <syslog.h>
#define log_message(level, msg, ...) \
(config.syslog ? (void)(syslog((level), msg, ##__VA_ARGS__)) : (void)(printf(msg, ##__VA_ARGS__)))
#define lgerror(ret, msg, ...) __extension__ ({ \
errno = -(ret); \
printf(msg ": %s\n", ##__VA_ARGS__, strerror(errno)); \
log_message(LOG_ERR, msg ": %s\n", ##__VA_ARGS__, strerror(errno)); \
})
#endif /* PROGRAM_SPACE */
#define lgerr(msg, ...) \
(log_message(LOG_ERR, msg, ##__VA_ARGS__))
#define lgwarning(msg, ...) \
(log_message(LOG_WARN, msg, ##__VA_ARGS__))
#define lginfo(msg, ...) \
(log_message(LOG_INFO, msg, ##__VA_ARGS__))
#define print_message(...) \
(lginfo(__VA_ARGS__))
#define lgdebug(msg, ...) \
(LOG_LEVEL >= VERBOSE_DEBUG ? printf(msg, ##__VA_ARGS__) : 0)
(LOG_LEVEL >= VERBOSE_DEBUG ? log_message(LOG_INFO, msg, ##__VA_ARGS__) : (void)0)
#define lgdebugmsg(msg, ...) lgdebug(msg "\n", ##__VA_ARGS__)
#define lgtrace(msg, ...) \
(LOG_LEVEL >= VERBOSE_TRACE ? printf(msg, ##__VA_ARGS__) : 0)
(LOG_LEVEL >= VERBOSE_TRACE ? log_message(LOG_INFO, msg, ##__VA_ARGS__) : (void)0)
#define lgtracemsg(msg, ...) lgtrace(msg "\n", __VA_ARGS__)
#define lgtrace_start(msg, ...) \
(LOG_LEVEL >= VERBOSE_TRACE ? printf("[TRACE] " msg " ( ", ##__VA_ARGS__) : 0)
(LOG_LEVEL >= VERBOSE_TRACE ? log_message(LOG_INFO, "[TRACE] " msg " ( ", ##__VA_ARGS__) : (void)0)
#define lgtrace_addp(msg, ...) \
(LOG_LEVEL >= VERBOSE_TRACE ? printf(msg", ", ##__VA_ARGS__) : 0)
(LOG_LEVEL >= VERBOSE_TRACE ? log_message(LOG_INFO, msg", ", ##__VA_ARGS__) : (void)0)
#define lgtrace_end() \
(LOG_LEVEL >= VERBOSE_TRACE ? printf(") \n") : 0)
(LOG_LEVEL >= VERBOSE_TRACE ? log_message(LOG_INFO, ") \n") : (void)0)
#endif /* LOGGING_H */

53
mangle.c
View File

@ -112,7 +112,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra
NETBUF_ALLOC(payload, MAX_PACKET_SIZE);
if (!NETBUF_CHECK(payload)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
goto accept;
}
@ -142,7 +142,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra
ret = instance_config.send_raw_packet(payload, iph_len + tcph_len + fake_len);
if (ret < 0) {
lgerror("send_syn_altered", ret);
lgerror(ret, "send_syn_altered");
NETBUF_FREE(payload);
goto accept;
@ -167,7 +167,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra
uint32_t payload_len = raw_payload_len;
NETBUF_ALLOC(payload, MAX_PACKET_SIZE);
if (!NETBUF_CHECK(payload)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
goto accept;
}
@ -185,7 +185,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra
&data, &dlen);
if (ret < 0) {
lgerror("tcp_payload_split in targ_sni", ret);
lgerror(ret, "tcp_payload_split in targ_sni");
goto accept_lc;
}
@ -201,7 +201,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra
&iph, &iph_len, &tcph, &tcph_len,
&data, &dlen);
if (ret < 0) {
lgerror("seqovl_packet delta %d", ret, delta);
lgerror(ret, "seqovl_packet delta %d", delta);
}
}
@ -241,7 +241,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra
ret = send_tcp_frags(section, payload, payload_len, poses, cnt, 0);
if (ret < 0) {
lgerror("tcp4 send frags", ret);
lgerror(ret, "tcp4 send frags");
goto accept_lc;
}
@ -275,20 +275,20 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra
ret = send_ip4_frags(section, payload, payload_len, poses, cnt, 0);
if (ret < 0) {
lgerror("ip4 send frags", ret);
lgerror(ret, "ip4 send frags");
goto accept_lc;
}
goto drop_lc;
} else {
printf("WARNING: IP fragmentation is supported only for IPv4\n");
lginfo("WARNING: IP fragmentation is supported only for IPv4\n");
goto default_send;
}
default:
default_send:
ret = instance_config.send_raw_packet(payload, payload_len);
if (ret < 0) {
lgerror("raw pack send", ret);
lgerror(ret, "raw pack send");
goto accept_lc;
}
@ -339,11 +339,14 @@ int process_udp_packet(const struct section_config_t *section, const uint8_t *pk
}
if (dlen > 10 && config.verbose >= VERBOSE_TRACE) {
printf("UDP payload start: [ ");
char buf[50];
char *bufpt = buf;
bufpt += sprintf(bufpt, "UDP payload start: [ ");
for (int i = 0; i < 10; i++) {
printf("%02x ", data[i]);
bufpt += sprintf(bufpt, "%02x ", data[i]);
}
printf("], ");
bufpt += sprintf(bufpt, "]");
lgtrace_addp("%s", buf);
}
@ -405,7 +408,7 @@ int process_udp_packet(const struct section_config_t *section, const uint8_t *pk
goto drop;
} else {
printf("WARNING: IP fragmentation is supported only for IPv4\n");
lginfo("WARNING: IP fragmentation is supported only for IPv4\n");
goto accept;
}
}
@ -442,20 +445,20 @@ int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet
} else {
NETBUF_ALLOC(frag1, MAX_PACKET_SIZE);
if (!NETBUF_CHECK(frag1)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
return -ENOMEM;
}
NETBUF_ALLOC(frag2, MAX_PACKET_SIZE);
if (!NETBUF_CHECK(frag2)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
NETBUF_FREE(frag1);
return -ENOMEM;
}
NETBUF_ALLOC(fake_pad, MAX_PACKET_SIZE);
if (!NETBUF_CHECK(fake_pad)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
NETBUF_FREE(frag1);
NETBUF_FREE(frag2);
return -ENOMEM;
@ -468,7 +471,7 @@ int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet
int ret;
if (dvs > poses[0]) {
lgerror("send_frags: Recursive dvs(%d) is more than poses0(%d)", -EINVAL, dvs, poses[0]);
lgerror(-EINVAL, "send_frags: Recursive dvs(%d) is more than poses0(%d)", dvs, poses[0]);
ret = -EINVAL;
goto erret_lc;
}
@ -480,7 +483,7 @@ int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet
frag1, &f1len, frag2, &f2len);
if (ret < 0) {
lgerror("send_frags: frag: with context packet with size %d, position: %d, recursive dvs: %d", ret, pktlen, poses[0], dvs);
lgerror(ret, "send_frags: frag: with context packet with size %d, position: %d, recursive dvs: %d", pktlen, poses[0], dvs);
goto erret_lc;
}
@ -571,13 +574,13 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet
} else {
NETBUF_ALLOC(frag1, MAX_PACKET_SIZE);
if (!NETBUF_CHECK(frag1)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
return -ENOMEM;
}
NETBUF_ALLOC(frag2, MAX_PACKET_SIZE);
if (!NETBUF_CHECK(frag2)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
NETBUF_FREE(frag1);
return -ENOMEM;
}
@ -588,7 +591,7 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet
int ret;
if (dvs > poses[0]) {
lgerror("send_frags: Recursive dvs(%d) is more than poses0(%d)", -EINVAL, dvs, poses[0]);
lgerror(-EINVAL, "send_frags: Recursive dvs(%d) is more than poses0(%d)", dvs, poses[0]);
ret = -EINVAL;
goto erret_lc;
}
@ -601,7 +604,7 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet
lgtrace_addp("Packet split in %d bytes position of payload start, dvs: %d to two packets of %d and %d lengths", poses[0], dvs, f1len, f2len);
if (ret < 0) {
lgerror("send_frags: tcp_frag: with context packet with size %d, position: %d, recursive dvs: %d", ret, pktlen, poses[0], dvs);
lgerror(ret, "send_frags: tcp_frag: with context packet with size %d, position: %d, recursive dvs: %d", pktlen, poses[0], dvs);
goto erret_lc;
}
@ -690,7 +693,7 @@ int post_fake_sni(struct fake_type f_type,
for (int i = 0; i < fake_seq_type.sequence_len; i++) {
NETBUF_ALLOC(fake_sni, MAX_PACKET_SIZE);
if (!NETBUF_CHECK(fake_sni)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
return -ENOMEM;
}
uint32_t fsn_len = MAX_PACKET_SIZE;
@ -700,7 +703,7 @@ int post_fake_sni(struct fake_type f_type,
fsiph, iph_len, fstcph, tcph_len,
fake_sni, &fsn_len);
if (ret < 0) {
lgerror("gen_fake_sni", ret);
lgerror(ret, "gen_fake_sni");
goto erret_lc;
}
@ -712,7 +715,7 @@ int post_fake_sni(struct fake_type f_type,
ret = instance_config.send_raw_packet(fake_sni, fsn_len);
}
if (ret < 0) {
lgerror("send fake sni", ret);
lgerror(ret, "send fake sni");
goto erret_lc;
}
uint32_t iph_len;

2
quic.c
View File

@ -135,6 +135,6 @@ int quic_parse_initial_message(uint8_t *inpayload, uint32_t inplen,
return 0;
invalid_packet:
lgerror("QUIC invalid Initial packet", -EINVAL);
lgerror(-EINVAL, "QUIC invalid Initial packet");
return -EINVAL;
}

6
tls.c
View File

@ -228,12 +228,12 @@ brute:
NETBUF_ALLOC(buf, MAX_PACKET_SIZE);
if (!NETBUF_CHECK(buf)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
goto out;
}
NETBUF_ALLOC(nzbuf, MAX_PACKET_SIZE * sizeof(int));
if (!NETBUF_CHECK(nzbuf)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
NETBUF_FREE(buf);
goto out;
}
@ -324,7 +324,7 @@ int gen_fake_sni(struct fake_type type,
#if _NO_GETRANDOM
ret = open("/dev/urandom", O_RDONLY);
if (ret < 0) {
lgerror("Unable to open /dev/urandom", ret);
lgerror(ret, "Unable to open /dev/urandom");
return ret;
}

28
utils.c
View File

@ -81,20 +81,20 @@ int ip4_payload_split(uint8_t *pkt, uint32_t buflen,
struct iphdr **iph, uint32_t *iph_len,
uint8_t **payload, uint32_t *plen) {
if (pkt == NULL || buflen < sizeof(struct iphdr)) {
lgerror("ip4_payload_split: pkt|buflen", -EINVAL);
lgerror(-EINVAL, "ip4_payload_split: pkt|buflen");
return -EINVAL;
}
struct iphdr *hdr = (struct iphdr *)pkt;
if (netproto_version(pkt, buflen) != IP4VERSION) {
lgerror("ip4_payload_split: ipversion", -EINVAL);
lgerror(-EINVAL, "ip4_payload_split: ipversion");
return -EINVAL;
}
uint32_t hdr_len = hdr->ihl * 4;
uint32_t pktlen = ntohs(hdr->tot_len);
if (buflen < pktlen || hdr_len > pktlen) {
lgerror("ip4_payload_split: buflen cmp pktlen", -EINVAL);
lgerror(-EINVAL, "ip4_payload_split: buflen cmp pktlen");
return -EINVAL;
}
@ -156,20 +156,20 @@ int ip6_payload_split(uint8_t *pkt, uint32_t buflen,
struct ip6_hdr **iph, uint32_t *iph_len,
uint8_t **payload, uint32_t *plen) {
if (pkt == NULL || buflen < sizeof(struct ip6_hdr)) {
lgerror("ip6_payload_split: pkt|buflen", -EINVAL);
lgerror(-EINVAL, "ip6_payload_split: pkt|buflen");
return -EINVAL;
}
struct ip6_hdr *hdr = (struct ip6_hdr *)pkt;
if (netproto_version(pkt, buflen) != 6) {
lgerror("ip6_payload_split: ip6version", -EINVAL);
lgerror(-EINVAL, "ip6_payload_split: ip6version");
return -EINVAL;
}
uint32_t hdr_len = sizeof(struct ip6_hdr);
uint32_t pktlen = ntohs(hdr->ip6_plen);
if (buflen < pktlen) {
lgerror("ip6_payload_split: buflen cmp pktlen: %d %d", -EINVAL, buflen, pktlen);
lgerror(-EINVAL, "ip6_payload_split: buflen cmp pktlen: %d %d", buflen, pktlen);
return -EINVAL;
}
@ -237,7 +237,7 @@ int tcp_payload_split(uint8_t *pkt, uint32_t buflen,
} else if (netvers == IP6VERSION) {
return tcp6_payload_split(pkt, buflen, (struct ip6_hdr **)iph, iph_len, tcph, tcph_len, payload, plen);
} else {
lgerror("Internet Protocol version is unsupported", -EINVAL);
lgerror(-EINVAL, "Internet Protocol version is unsupported");
return -EINVAL;
}
}
@ -329,7 +329,7 @@ int udp_payload_split(uint8_t *pkt, uint32_t buflen,
} else if (netvers == IP6VERSION) {
return udp6_payload_split(pkt, buflen, (struct ip6_hdr **)iph, iph_len, udph, payload, plen);
} else {
lgerror("Internet Protocol version is unsupported", -EINVAL);
lgerror(-EINVAL, "Internet Protocol version is unsupported");
return -EINVAL;
}
}
@ -351,7 +351,7 @@ int ip4_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset,
if ((ret = ip4_payload_split(
(uint8_t *)pkt, buflen,
&hdr, &hdr_len, (uint8_t **)&payload, &plen)) < 0) {
lgerror("ipv4_frag: TCP Header extract error", ret);
lgerror(ret, "ipv4_frag: TCP Header extract error");
return -EINVAL;
}
@ -360,7 +360,7 @@ int ip4_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset,
}
if (payload_offset & ((1 << 3) - 1)) {
lgerror("ipv4_frag: Payload offset MUST be a multiply of 8!", -EINVAL);
lgerror(-EINVAL, "ipv4_frag: Payload offset MUST be a multiply of 8!");
return -EINVAL;
}
@ -433,7 +433,7 @@ int tcp_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset,
&hdr, &hdr_len,
&tcph, &tcph_len,
(uint8_t **)&payload, &plen)) < 0) {
lgerror("tcp_frag: tcp_payload_split", ret);
lgerror(ret, "tcp_frag: tcp_payload_split");
return -EINVAL;
}
@ -448,7 +448,7 @@ int tcp_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset,
ntohs(iphdr->frag_off) & IP_OFFMASK) {
lgdebugmsg("tcp_frag: ip4: frag value: %d",
ntohs(iphdr->frag_off));
lgerror("tcp_frag: ip4: ip fragmentation is set", -EINVAL);
lgerror(-EINVAL, "tcp_frag: ip4: ip fragmentation is set");
return -EINVAL;
}
}
@ -590,7 +590,7 @@ int fail_packet(struct failing_strategy strategy, uint8_t *payload, uint32_t *pl
} else if (ipxv == IP6VERSION) {
((struct ip6_hdr *)iph)->ip6_hops = strategy.faking_ttl;
} else {
lgerror("fail_packet: IP version is unsupported", -EINVAL);
lgerror(-EINVAL, "fail_packet: IP version is unsupported");
return -EINVAL;
}
} else if (strategy.strategy == FAKE_STRAT_TCP_MD5SUM) {
@ -612,7 +612,7 @@ int fail_packet(struct failing_strategy strategy, uint8_t *payload, uint32_t *pl
} else if (ipxv == IP6VERSION) {
((struct ip6_hdr *)iph)->ip6_plen = htons(ntohs(((struct ip6_hdr *)iph)->ip6_plen) + delta);
} else {
lgerror("fail_packet: IP version is unsupported", -EINVAL);
lgerror(-EINVAL, "fail_packet: IP version is unsupported");
return -EINVAL;
}
optp_len += delta;

92
youtubeUnblock.c
View File

@ -45,12 +45,12 @@ static int open_socket(struct mnl_socket **_nl) {
nl = mnl_socket_open(NETLINK_NETFILTER);
if (nl == NULL) {
perror("mnl_socket_open");
lgerror(errno, "mnl_socket_open");
return -1;
}
if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) {
perror("mnl_socket_bind");
lgerror(errno, "mnl_socket_bind");
mnl_socket_close(nl);
return -1;
}
@ -65,7 +65,7 @@ static int close_socket(struct mnl_socket **_nl) {
struct mnl_socket *nl = *_nl;
if (nl == NULL) return 1;
if (mnl_socket_close(nl) < 0) {
perror("mnl_socket_close");
lgerror(errno, "mnl_socket_close");
return -1;
}
@ -77,26 +77,26 @@ static int close_socket(struct mnl_socket **_nl) {
static int open_raw_socket(void) {
if (rawsocket != -2) {
errno = EALREADY;
perror("Raw socket is already opened");
lgerror(errno, "Raw socket is already opened");
return -1;
}
rawsocket = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
if (rawsocket == -1) {
perror("Unable to create raw socket");
lgerror(errno, "Unable to create raw socket");
return -1;
}
int mark = config.mark;
if (setsockopt(rawsocket, SOL_SOCKET, SO_MARK, &mark, sizeof(mark)) < 0)
{
fprintf(stderr, "setsockopt(SO_MARK, %d) failed\n", mark);
lgerror(errno, "setsockopt(SO_MARK, %d) failed\n", mark);
return -1;
}
int mst = pthread_mutex_init(&rawsocket_lock, NULL);
if (mst) {
fprintf(stderr, "Mutex err: %d\n", mst);
lgerror(errno, "Mutex err: %d\n", mst);
close(rawsocket);
errno = mst;
@ -110,12 +110,12 @@ static int open_raw_socket(void) {
static int close_raw_socket(void) {
if (rawsocket < 0) {
errno = EALREADY;
perror("Raw socket is not set");
lgerror(errno, "Raw socket is not set");
return -1;
}
if (close(rawsocket)) {
perror("Unable to close raw socket");
lgerror(errno, "Unable to close raw socket");
pthread_mutex_destroy(&rawsocket_lock);
return -1;
}
@ -129,26 +129,26 @@ static int close_raw_socket(void) {
static int open_raw6_socket(void) {
if (raw6socket != -2) {
errno = EALREADY;
perror("Raw socket is already opened");
lgerror(errno, "Raw socket is already opened");
return -1;
}
raw6socket = socket(AF_INET6, SOCK_RAW, IPPROTO_RAW);
if (rawsocket == -1) {
perror("Unable to create raw socket");
lgerror(errno, "Unable to create raw socket");
return -1;
}
int mark = config.mark;
if (setsockopt(raw6socket, SOL_SOCKET, SO_MARK, &mark, sizeof(mark)) < 0)
{
fprintf(stderr, "setsockopt(SO_MARK, %d) failed\n", mark);
lgerror(errno, "setsockopt(SO_MARK, %d) failed\n", mark);
return -1;
}
int mst = pthread_mutex_init(&raw6socket_lock, NULL);
if (mst) {
fprintf(stderr, "Mutex err: %d\n", mst);
lgerror(mst, "Mutex err: %d\n", mst);
close(raw6socket);
errno = mst;
@ -162,12 +162,12 @@ static int open_raw6_socket(void) {
static int close_raw6_socket(void) {
if (raw6socket < 0) {
errno = EALREADY;
perror("Raw socket is not set");
lgerror(errno, "Raw socket is not set");
return -1;
}
if (close(raw6socket)) {
perror("Unable to close raw socket");
lgerror(errno, "Unable to close raw socket");
pthread_mutex_destroy(&rawsocket_lock);
return -1;
}
@ -256,18 +256,17 @@ static int send_raw_socket(const uint8_t *pkt, uint32_t pktlen) {
int ret;
if (pktlen > AVAILABLE_MTU) {
if (config.verbose)
printf("Split packet!\n");
lgtrace("Split packet!\n");
NETBUF_ALLOC(buff1, MNL_SOCKET_BUFFER_SIZE);
if (!NETBUF_CHECK(buff1)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
return -ENOMEM;
}
NETBUF_ALLOC(buff2, MNL_SOCKET_BUFFER_SIZE);
if (!NETBUF_CHECK(buff2)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
NETBUF_FREE(buff1);
return -ENOMEM;
}
@ -313,7 +312,7 @@ free_buffs:
} else if (ipvx == IP6VERSION) {
ret = send_raw_ipv6(pkt, pktlen);
} else {
printf("proto version %d is unsupported\n", ipvx);
lginfo("proto version %d is unsupported\n", ipvx);
return -EINVAL;
}
@ -346,7 +345,7 @@ static int fallback_accept_packet(uint32_t id, struct queue_data qdata) {
nfq_nlmsg_verdict_put(verdnlh, id, NF_ACCEPT);
if (mnl_socket_sendto(*qdata._nl, verdnlh, verdnlh->nlmsg_len) < 0) {
perror("mnl_socket_send");
lgerror(errno, "mnl_socket_send");
return MNL_CB_ERROR;
}
@ -371,7 +370,7 @@ void *delay_packet_send_fn(void *data) {
int ret = send_raw_socket(pkt, pktlen);
if (ret < 0) {
errno = -ret;
perror("send delayed raw packet");
lgerror(errno, "send delayed raw packet");
}
free(pkt);
@ -403,13 +402,13 @@ static int queue_cb(const struct nlmsghdr *nlh, void *data) {
struct packet_data packet = {0};
if (nfq_nlmsg_parse(nlh, attr) < 0) {
perror("Attr parse");
lgerror(errno, "Attr parse");
return MNL_CB_ERROR;
}
if (attr[NFQA_PACKET_HDR] == NULL) {
errno = ENODATA;
perror("Metaheader not set");
lgerror(errno, "Metaheader not set");
return MNL_CB_ERROR;
}
@ -422,7 +421,7 @@ static int queue_cb(const struct nlmsghdr *nlh, void *data) {
packet.payload = mnl_attr_get_payload(attr[NFQA_PAYLOAD]);
if (attr[NFQA_CAP_LEN] != NULL && ntohl(mnl_attr_get_u32(attr[NFQA_CAP_LEN])) != packet.payload_len) {
fprintf(stderr, "The packet was truncated! Skip!\n");
lgerr("The packet was truncated! Skip!\n");
return fallback_accept_packet(packet.id, *qdata);
}
@ -450,7 +449,7 @@ static int queue_cb(const struct nlmsghdr *nlh, void *data) {
}
if (mnl_socket_sendto(*qdata->_nl, verdnlh, verdnlh->nlmsg_len) < 0) {
perror("mnl_socket_send");
lgerror(errno, "mnl_socket_send");
return MNL_CB_ERROR;
}
@ -463,7 +462,7 @@ int init_queue(int queue_num) {
struct mnl_socket *nl;
if (open_socket(&nl)) {
perror("Unable to open socket");
lgerror(errno, "Unable to open socket");
return -1;
}
@ -472,7 +471,7 @@ int init_queue(int queue_num) {
struct nlmsghdr *nlh;
NETBUF_ALLOC(bbuf, BUF_SIZE);
if (!NETBUF_CHECK(bbuf)) {
lgerror("Allocation error", -ENOMEM);
lgerror(-ENOMEM, "Allocation error");
goto die_alloc;
}
char *buf = (char *)bbuf;
@ -485,7 +484,7 @@ int init_queue(int queue_num) {
nfq_nlmsg_cfg_put_cmd(nlh, PF_INET, NFQNL_CFG_CMD_PF_UNBIND);
if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {
perror("mnl_socket_send");
lgerror(errno, "mnl_socket_send");
goto die;
}
@ -493,7 +492,7 @@ int init_queue(int queue_num) {
nfq_nlmsg_cfg_put_cmd(nlh, PF_INET, NFQNL_CFG_CMD_PF_BIND);
if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {
perror("mnl_socket_send");
lgerror(errno, "mnl_socket_send");
goto die;
}
@ -502,7 +501,7 @@ int init_queue(int queue_num) {
nfq_nlmsg_cfg_put_cmd(nlh, PF_INET6, NFQNL_CFG_CMD_PF_UNBIND);
if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {
perror("mnl_socket_send");
lgerror(errno, "mnl_socket_send");
goto die;
}
@ -510,7 +509,7 @@ int init_queue(int queue_num) {
nfq_nlmsg_cfg_put_cmd(nlh, PF_INET6, NFQNL_CFG_CMD_PF_BIND);
if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {
perror("mnl_socket_send");
lgerror(errno, "mnl_socket_send");
goto die;
}
}
@ -520,7 +519,7 @@ int init_queue(int queue_num) {
nfq_nlmsg_cfg_put_cmd(nlh, AF_INET, NFQNL_CFG_CMD_BIND);
if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {
perror("mnl_socket_send");
lgerror(errno, "mnl_socket_send");
goto die;
}
@ -533,7 +532,7 @@ int init_queue(int queue_num) {
}
if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {
perror("mnl_socket_send");
lgerror(errno, "mnl_socket_send");
goto die;
}
@ -550,22 +549,22 @@ int init_queue(int queue_num) {
.queue_num = queue_num
};
printf("Queue %d started\n", qdata.queue_num);
lginfo("Queue %d started\n", qdata.queue_num);
while (1) {
ret = mnl_socket_recvfrom(nl, buf, BUF_SIZE);
if (ret == -1) {
perror("mnl_socket_recvfrom");
lgerror(errno, "mnl_socket_recvfrom");
goto die;
}
ret = mnl_cb_run(buf, ret, 0, portid, queue_cb, &qdata);
if (ret < 0) {
lgerror("mnl_cb_run", -EPERM);
lgerror(-EPERM, "mnl_cb_run");
if (errno == EPERM) {
printf("Probably another instance of youtubeUnblock with the same queue number is running\n");
lgerror(errno, "Probably another instance of youtubeUnblock with the same queue number is running\n");
} else {
printf("Make sure the nfnetlink_queue kernel module is loaded\n");
lgerror(errno, "Make sure the nfnetlink_queue kernel module is loaded\n");
}
goto die;
}
@ -602,7 +601,7 @@ void *init_queue_wrapper(void *qdconf) {
thres->status = init_queue(qconf->queue_num);
fprintf(stderr, "Thread %d exited with status %d\n", qconf->i, thres->status);
lgerror(thres->status, "Thread %d exited with status %d\n", qconf->i, thres->status);
return thres;
}
@ -616,7 +615,7 @@ int main(int argc, char *argv[]) {
int ret;
if ((ret = parse_args(argc, argv)) != 0) {
if (ret < 0) {
perror("Unable to parse args");
lgerror(errno, "Unable to parse args");
exit(EXIT_FAILURE);
}
exit(EXIT_SUCCESS);
@ -625,19 +624,24 @@ int main(int argc, char *argv[]) {
print_version();
print_welcome();
if (open_raw_socket() < 0) {
perror("Unable to open raw socket");
lgerror(errno, "Unable to open raw socket");
exit(EXIT_FAILURE);
}
if (config.use_ipv6) {
if (open_raw6_socket() < 0) {
perror("Unable to open raw socket for ipv6");
lgerror(errno, "Unable to open raw socket for ipv6");
close_raw_socket();
exit(EXIT_FAILURE);
}
}
if (config.daemonize) {
daemon(0, config.noclose);
}
struct queue_res *qres = &defqres;
if (config.threads == 1) {
@ -648,7 +652,7 @@ int main(int argc, char *argv[]) {
qres = init_queue_wrapper(&tconf);
} else {
printf("%d threads wil be used\n", config.threads);
lginfo("%d threads wil be used\n", config.threads);
struct queue_conf thread_confs[MAX_THREADS];
pthread_t threads[MAX_THREADS];