bol-van
|
a33848b212
|
tls: respect tls record length
|
2023-12-19 13:40:28 +03:00 |
|
bol-van
|
a9a4cd5cb4
|
nfqws: tls client hello reassemble
|
2023-11-15 19:36:34 +03:00 |
|
bol-van
|
3559e1f2b8
|
autohostlist debug
|
2023-11-09 12:08:09 +03:00 |
|
bol-van
|
47cabddbd4
|
tpws: fix splice
|
2023-10-27 10:04:08 +03:00 |
|
bol-van
|
7ef7cbe554
|
recheck domain before adding to autohostlist
|
2023-10-26 16:27:52 +03:00 |
|
bol-van
|
ac574ce2ce
|
autohostlist mode
|
2023-10-26 15:12:32 +03:00 |
|
bol-van
|
c4729c3006
|
nfqws,tpws: fix tls protocol bounds check
|
2023-10-12 14:46:32 +03:00 |
|
bol-van
|
508d11811d
|
tpws: tlsrec preserve trailing bytes after ClientHello
|
2023-10-12 13:57:34 +03:00 |
|
bol-van
|
6dc413d0c9
|
tpws: --tlsrec
|
2023-10-12 12:35:06 +03:00 |
|
bol-van
|
394c590a25
|
nfqws: tamper dht lex order 00 instead of aa
|
2023-09-07 21:02:29 +03:00 |
|
bol-van
|
15a31d53ed
|
nfqws: tamper dht lex order aa instead of zz
|
2023-09-07 20:50:03 +03:00 |
|
bol-van
|
c91542d516
|
nfqws: DHT and tamper
|
2023-09-07 19:03:37 +03:00 |
|
bol-van
|
91ac09a8bd
|
nfqws: udplen-pattern, hex string support
|
2023-09-07 13:41:25 +03:00 |
|
bol-van
|
bc6b683009
|
nfqws: wireguard protocol recognition
|
2023-08-12 09:56:19 +03:00 |
|
bol-van
|
d5b104d781
|
tpws: use accept4 instead of accept
|
2023-07-04 11:26:35 +03:00 |
|
bol-van
|
7f5fe99ad5
|
tpws --disorder
|
2023-07-03 15:28:42 +03:00 |
|
bol-van
|
657a08cafa
|
mdig: resolved and failed domain logs
|
2023-01-05 17:32:06 +03:00 |
|
bol-van
|
109e3374d4
|
seccomp: more syscalls filter
|
2022-12-07 21:00:22 +03:00 |
|
bol-van
|
2dc13abb5d
|
seccomp: more filtered syscalls
|
2022-12-05 14:38:39 +03:00 |
|
bol-van
|
619222b86e
|
seecomp : fix x86 __X32_SYSCALL_BIT
|
2022-11-23 12:11:37 +03:00 |
|
bol-van
|
80a6ba9a8a
|
seccomp optimize
|
2022-11-23 11:58:06 +03:00 |
|
bol-van
|
7af2d43d5f
|
tpws,nfqws: seccomp hardening
|
2022-11-22 17:49:53 +03:00 |
|
bol-van
|
b9840364a6
|
binaries: upx 4.0
|
2022-11-02 00:01:11 +03:00 |
|
bol-van
|
04f8f7774d
|
nfqws: do not complain if IPV6_FREEBIND not available
|
2022-07-29 08:20:57 +03:00 |
|
bol-van
|
895af0f629
|
nfqws: allow to decrease udp length
|
2022-07-27 12:00:36 +03:00 |
|
bol-van
|
403dc1a204
|
nfqws,tpws: multiple hostlist support, exclude hostlist support
|
2022-07-26 19:15:28 +03:00 |
|
bol-van
|
c2754cc347
|
ip2net: fix comparision
|
2022-06-17 10:39:09 +03:00 |
|
bol-van
|
76ae74eedd
|
ip2net: some more optimize ipv6 sort
|
2022-06-17 10:35:20 +03:00 |
|
bol-van
|
732cb7f2d6
|
ip2net: some more optimize ipv6 sort
|
2022-06-17 10:19:45 +03:00 |
|
bol-van
|
9cf2e3f1de
|
ip2net: optimize ipv6 sort for all endianness
|
2022-06-16 19:45:01 +03:00 |
|
bol-van
|
3842cbbca5
|
ip2net: i hate strict aliasing
|
2022-06-13 17:51:07 +03:00 |
|
bol-van
|
e2418531af
|
nfqws: default quic fake to bypass russian TSPU
|
2022-05-30 14:48:29 +03:00 |
|
bol-van
|
bcb7abc830
|
complex TSPU hack is overkill
|
2022-05-30 09:31:57 +03:00 |
|
bol-van
|
01ec94806d
|
nfqws: fix running on ipv6 disabled system
|
2022-05-20 11:21:38 +03:00 |
|
bol-van
|
877adbd6f6
|
nfqws: preserve fwmark. bind-fix
|
2022-05-15 15:54:35 +03:00 |
|
bol-van
|
7f7badb2af
|
update bins
|
2022-05-03 12:32:14 +03:00 |
|
bol-van
|
a15de18b33
|
tpws: deny connections to 0.0.0.0
|
2022-04-21 13:41:43 +03:00 |
|
bol-van
|
dd1ba8218d
|
tpws: check for sock4a protocol
|
2022-04-21 09:42:06 +03:00 |
|
bol-van
|
ffda684a43
|
nfqws: fakeknown, udplen desync modes
|
2022-04-12 15:52:06 +03:00 |
|
bol-van
|
2eec88c2bf
|
nfqws: verify quic auth tag. improve initial packet detection
|
2022-03-26 21:00:58 +03:00 |
|
bol-van
|
3753349058
|
nfqws: quic protocol code optimizations
|
2022-03-26 10:08:10 +03:00 |
|
bol-van
|
f7c0c35670
|
nfqws: handle QUIC decrypt failed case during desync
|
2022-03-25 22:34:37 +03:00 |
|
bol-van
|
64406960aa
|
nfqws: prevent out-of-band access in IsQUICCryptoHello
|
2022-03-25 20:08:05 +03:00 |
|
bol-van
|
dce5b4c6f0
|
nfqws: QUIC initial dissection support
|
2022-03-25 16:59:58 +03:00 |
|
bol-van
|
49771f160d
|
nfqws: QUIC protocol recognition
|
2022-03-20 20:50:16 +03:00 |
|
bol-van
|
190b4e367f
|
nfqws: ipfrag1 desync mode
|
2022-02-05 15:39:58 +03:00 |
|
bol-van
|
6151afe727
|
nfqws: destopt desync mode
|
2022-02-05 13:36:32 +03:00 |
|
bol-van
|
8becc2ce18
|
binaries: toolchain update gcc 11.2
|
2022-02-04 14:05:28 +03:00 |
|
bol-van
|
81b25bfc85
|
Revert "binaries: update toolchain to gcc 11.2"
This reverts commit 7429bd3b98 .
|
2022-02-04 13:44:23 +03:00 |
|
bol-van
|
7429bd3b98
|
binaries: update toolchain to gcc 11.2
|
2022-02-04 13:37:03 +03:00 |
|
bol-van
|
707e86bd90
|
nfqws: allow hopbyhop with 2nd phase desync
|
2022-02-02 15:18:35 +03:00 |
|
bol-van
|
a66aa7777a
|
nfqws: do not drop packet in case of hopbyhop desync and ipv4
|
2022-02-02 09:39:48 +03:00 |
|
bol-van
|
87970b984b
|
nfqws: hop-by-hop ipv6 fooling and desync
|
2022-02-01 20:38:00 +03:00 |
|
bol-van
|
d619f1b99d
|
tpws: fc00::/7 private range. PF convert ipv4 to ipv6 mapped address
|
2022-01-23 17:36:57 +03:00 |
|
bol-van
|
013f3996df
|
tpws: fc00::/7 private range. PF convert ipv4 to ipv6 mapped address
|
2022-01-23 17:33:37 +03:00 |
|
bol-van
|
6b39411454
|
nfqws: ipv6 fragment at transport header
|
2022-01-05 15:34:57 +03:00 |
|
bol-van
|
1221626b1d
|
nfqws: IP_NODEFRAG not working for ipv6
|
2022-01-03 22:16:11 +03:00 |
|
bol-van
|
94433e3279
|
nfqws: set IP_NODEFRAG sockopt
|
2022-01-03 21:14:55 +03:00 |
|
bol-van
|
690d458ec7
|
nfqws: ipfrag
|
2022-01-03 12:38:18 +03:00 |
|
bol-van
|
65830eb665
|
nfqws: udp protocol desync
|
2022-01-01 20:22:04 +03:00 |
|
bol-van
|
6af82ec97d
|
nfqws: change default badack increment -65000=>-66000
|
2021-12-28 12:50:04 +03:00 |
|
bol-van
|
ff24920999
|
update bins
|
2021-12-27 16:51:42 +03:00 |
|
bol-van
|
606063dd48
|
nfqws: --dpi-desync-fake-unknown
|
2021-12-26 20:43:16 +03:00 |
|
bol-van
|
d1618faf40
|
nfqws: tunable badseq/badack increment, changed defaults
|
2021-12-26 17:11:21 +03:00 |
|
root
|
f2d083499e
|
nfqws: change default split-pos from 3 to 2
|
2021-12-22 11:21:47 +03:00 |
|
bol-van
|
545c9a4730
|
nfqws: separate ipv4/6 ttl setting
|
2021-12-10 22:08:52 +03:00 |
|
bol-van
|
03886dda88
|
bin cosmetics
|
2021-11-12 12:53:01 +03:00 |
|
bol-van
|
45f6838059
|
nfqws, tpws : fix tls1.1, tls1.2, tls1.3 header recognition
|
2021-10-12 23:24:38 +03:00 |
|
bol-van
|
0b8072840b
|
ip2net : precompute ipv6 masks
|
2021-09-18 21:22:29 +03:00 |
|
bol-van
|
9402cd2cf0
|
ip2net : zero less significant bits in ip4/ip6 addresses, workaround GCC bug
|
2021-09-12 13:58:13 +03:00 |
|
bol-van
|
fe8cada8ae
|
nfqws: synack desync mode
|
2021-04-07 12:13:46 +03:00 |
|
bol-van
|
96cbd2fd5e
|
nfqws: --dpi-desync-cutoff
|
2021-03-21 21:55:26 +03:00 |
|
bol-van
|
a9292cf4c2
|
nfqws: do not reset conntrack entry in SYN state
|
2021-03-21 10:58:59 +03:00 |
|
bol-van
|
17867c25b7
|
nfqws: allow resetting conntrack entry in any state on SYN
|
2021-03-20 11:38:00 +03:00 |
|
bol-van
|
5e1adaa348
|
tpws: block connections to ::ffff:127.0.0.0/104
|
2021-03-19 11:33:42 +03:00 |
|
bol-van
|
94405e89c3
|
tpws: block connections to 127.0.0.0/8
|
2021-03-19 10:55:20 +03:00 |
|
bol-van
|
b27cfbc813
|
nfqws: conntrack
|
2021-03-18 17:21:25 +03:00 |
|
bol-van
|
53f36c7297
|
nfqws: wssize
|
2021-03-12 14:33:48 +03:00 |
|
bol-van
|
b5d8ed5164
|
bins: tpws_wsl
|
2021-03-08 22:43:41 +03:00 |
|
bol-van
|
be0b76c02b
|
tpws: more bind-linklocal modes
|
2021-03-08 22:33:21 +03:00 |
|
bol-van
|
848f170c84
|
bins
|
2021-03-05 21:39:38 +03:00 |
|
bol-van
|
07f878fff2
|
bins
|
2021-03-05 21:32:40 +03:00 |
|
bol-van
|
3703918a4b
|
history purge
|
2021-03-04 14:30:38 +03:00 |
|