Commit Graph

133 Commits

Author SHA1 Message Date
bol-van
a33848b212 tls: respect tls record length 2023-12-19 13:40:28 +03:00
bol-van
a9a4cd5cb4 nfqws: tls client hello reassemble 2023-11-15 19:36:34 +03:00
bol-van
3559e1f2b8 autohostlist debug 2023-11-09 12:08:09 +03:00
bol-van
47cabddbd4 tpws: fix splice 2023-10-27 10:04:08 +03:00
bol-van
7ef7cbe554 recheck domain before adding to autohostlist 2023-10-26 16:27:52 +03:00
bol-van
ac574ce2ce autohostlist mode 2023-10-26 15:12:32 +03:00
bol-van
c4729c3006 nfqws,tpws: fix tls protocol bounds check 2023-10-12 14:46:32 +03:00
bol-van
508d11811d tpws: tlsrec preserve trailing bytes after ClientHello 2023-10-12 13:57:34 +03:00
bol-van
6dc413d0c9 tpws: --tlsrec 2023-10-12 12:35:06 +03:00
bol-van
394c590a25 nfqws: tamper dht lex order 00 instead of aa 2023-09-07 21:02:29 +03:00
bol-van
15a31d53ed nfqws: tamper dht lex order aa instead of zz 2023-09-07 20:50:03 +03:00
bol-van
c91542d516 nfqws: DHT and tamper 2023-09-07 19:03:37 +03:00
bol-van
91ac09a8bd nfqws: udplen-pattern, hex string support 2023-09-07 13:41:25 +03:00
bol-van
bc6b683009 nfqws: wireguard protocol recognition 2023-08-12 09:56:19 +03:00
bol-van
d5b104d781 tpws: use accept4 instead of accept 2023-07-04 11:26:35 +03:00
bol-van
7f5fe99ad5 tpws --disorder 2023-07-03 15:28:42 +03:00
bol-van
657a08cafa mdig: resolved and failed domain logs 2023-01-05 17:32:06 +03:00
bol-van
109e3374d4 seccomp: more syscalls filter 2022-12-07 21:00:22 +03:00
bol-van
2dc13abb5d seccomp: more filtered syscalls 2022-12-05 14:38:39 +03:00
bol-van
619222b86e seecomp : fix x86 __X32_SYSCALL_BIT 2022-11-23 12:11:37 +03:00
bol-van
80a6ba9a8a seccomp optimize 2022-11-23 11:58:06 +03:00
bol-van
7af2d43d5f tpws,nfqws: seccomp hardening 2022-11-22 17:49:53 +03:00
bol-van
b9840364a6 binaries: upx 4.0 2022-11-02 00:01:11 +03:00
bol-van
04f8f7774d nfqws: do not complain if IPV6_FREEBIND not available 2022-07-29 08:20:57 +03:00
bol-van
895af0f629 nfqws: allow to decrease udp length 2022-07-27 12:00:36 +03:00
bol-van
403dc1a204 nfqws,tpws: multiple hostlist support, exclude hostlist support 2022-07-26 19:15:28 +03:00
bol-van
c2754cc347 ip2net: fix comparision 2022-06-17 10:39:09 +03:00
bol-van
76ae74eedd ip2net: some more optimize ipv6 sort 2022-06-17 10:35:20 +03:00
bol-van
732cb7f2d6 ip2net: some more optimize ipv6 sort 2022-06-17 10:19:45 +03:00
bol-van
9cf2e3f1de ip2net: optimize ipv6 sort for all endianness 2022-06-16 19:45:01 +03:00
bol-van
3842cbbca5 ip2net: i hate strict aliasing 2022-06-13 17:51:07 +03:00
bol-van
e2418531af nfqws: default quic fake to bypass russian TSPU 2022-05-30 14:48:29 +03:00
bol-van
bcb7abc830 complex TSPU hack is overkill 2022-05-30 09:31:57 +03:00
bol-van
01ec94806d nfqws: fix running on ipv6 disabled system 2022-05-20 11:21:38 +03:00
bol-van
877adbd6f6 nfqws: preserve fwmark. bind-fix 2022-05-15 15:54:35 +03:00
bol-van
7f7badb2af update bins 2022-05-03 12:32:14 +03:00
bol-van
a15de18b33 tpws: deny connections to 0.0.0.0 2022-04-21 13:41:43 +03:00
bol-van
dd1ba8218d tpws: check for sock4a protocol 2022-04-21 09:42:06 +03:00
bol-van
ffda684a43 nfqws: fakeknown, udplen desync modes 2022-04-12 15:52:06 +03:00
bol-van
2eec88c2bf nfqws: verify quic auth tag. improve initial packet detection 2022-03-26 21:00:58 +03:00
bol-van
3753349058 nfqws: quic protocol code optimizations 2022-03-26 10:08:10 +03:00
bol-van
f7c0c35670 nfqws: handle QUIC decrypt failed case during desync 2022-03-25 22:34:37 +03:00
bol-van
64406960aa nfqws: prevent out-of-band access in IsQUICCryptoHello 2022-03-25 20:08:05 +03:00
bol-van
dce5b4c6f0 nfqws: QUIC initial dissection support 2022-03-25 16:59:58 +03:00
bol-van
49771f160d nfqws: QUIC protocol recognition 2022-03-20 20:50:16 +03:00
bol-van
190b4e367f nfqws: ipfrag1 desync mode 2022-02-05 15:39:58 +03:00
bol-van
6151afe727 nfqws: destopt desync mode 2022-02-05 13:36:32 +03:00
bol-van
8becc2ce18 binaries: toolchain update gcc 11.2 2022-02-04 14:05:28 +03:00
bol-van
81b25bfc85 Revert "binaries: update toolchain to gcc 11.2"
This reverts commit 7429bd3b98.
2022-02-04 13:44:23 +03:00
bol-van
7429bd3b98 binaries: update toolchain to gcc 11.2 2022-02-04 13:37:03 +03:00
bol-van
707e86bd90 nfqws: allow hopbyhop with 2nd phase desync 2022-02-02 15:18:35 +03:00
bol-van
a66aa7777a nfqws: do not drop packet in case of hopbyhop desync and ipv4 2022-02-02 09:39:48 +03:00
bol-van
87970b984b nfqws: hop-by-hop ipv6 fooling and desync 2022-02-01 20:38:00 +03:00
bol-van
d619f1b99d tpws: fc00::/7 private range. PF convert ipv4 to ipv6 mapped address 2022-01-23 17:36:57 +03:00
bol-van
013f3996df tpws: fc00::/7 private range. PF convert ipv4 to ipv6 mapped address 2022-01-23 17:33:37 +03:00
bol-van
6b39411454 nfqws: ipv6 fragment at transport header 2022-01-05 15:34:57 +03:00
bol-van
1221626b1d nfqws: IP_NODEFRAG not working for ipv6 2022-01-03 22:16:11 +03:00
bol-van
94433e3279 nfqws: set IP_NODEFRAG sockopt 2022-01-03 21:14:55 +03:00
bol-van
690d458ec7 nfqws: ipfrag 2022-01-03 12:38:18 +03:00
bol-van
65830eb665 nfqws: udp protocol desync 2022-01-01 20:22:04 +03:00
bol-van
6af82ec97d nfqws: change default badack increment -65000=>-66000 2021-12-28 12:50:04 +03:00
bol-van
ff24920999 update bins 2021-12-27 16:51:42 +03:00
bol-van
606063dd48 nfqws: --dpi-desync-fake-unknown 2021-12-26 20:43:16 +03:00
bol-van
d1618faf40 nfqws: tunable badseq/badack increment, changed defaults 2021-12-26 17:11:21 +03:00
root
f2d083499e nfqws: change default split-pos from 3 to 2 2021-12-22 11:21:47 +03:00
bol-van
545c9a4730 nfqws: separate ipv4/6 ttl setting 2021-12-10 22:08:52 +03:00
bol-van
03886dda88 bin cosmetics 2021-11-12 12:53:01 +03:00
bol-van
45f6838059 nfqws, tpws : fix tls1.1, tls1.2, tls1.3 header recognition 2021-10-12 23:24:38 +03:00
bol-van
0b8072840b ip2net : precompute ipv6 masks 2021-09-18 21:22:29 +03:00
bol-van
9402cd2cf0 ip2net : zero less significant bits in ip4/ip6 addresses, workaround GCC bug 2021-09-12 13:58:13 +03:00
bol-van
fe8cada8ae nfqws: synack desync mode 2021-04-07 12:13:46 +03:00
bol-van
96cbd2fd5e nfqws: --dpi-desync-cutoff 2021-03-21 21:55:26 +03:00
bol-van
a9292cf4c2 nfqws: do not reset conntrack entry in SYN state 2021-03-21 10:58:59 +03:00
bol-van
17867c25b7 nfqws: allow resetting conntrack entry in any state on SYN 2021-03-20 11:38:00 +03:00
bol-van
5e1adaa348 tpws: block connections to ::ffff:127.0.0.0/104 2021-03-19 11:33:42 +03:00
bol-van
94405e89c3 tpws: block connections to 127.0.0.0/8 2021-03-19 10:55:20 +03:00
bol-van
b27cfbc813 nfqws: conntrack 2021-03-18 17:21:25 +03:00
bol-van
53f36c7297 nfqws: wssize 2021-03-12 14:33:48 +03:00
bol-van
b5d8ed5164 bins: tpws_wsl 2021-03-08 22:43:41 +03:00
bol-van
be0b76c02b tpws: more bind-linklocal modes 2021-03-08 22:33:21 +03:00
bol-van
848f170c84 bins 2021-03-05 21:39:38 +03:00
bol-van
07f878fff2 bins 2021-03-05 21:32:40 +03:00
bol-van
3703918a4b history purge 2021-03-04 14:30:38 +03:00