gsd
/
GoodbyeDPI
mirror of https://github.com/ValdikSS/GoodbyeDPI
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Introduce -5 and -6 modes and make -5 default 

Modern modesets (more stable, more compatible, faster):
 -5          -f 2 -e 2 --auto-ttl --reverse-frag (this is the default now)
 -6          -f 2 -e 2 --wrong-seq --reverse-frag
windivert2
ValdikSS 3 years ago
parent
11c322aaed
commit
a5c2f9fac9
2 changed files with 38 additions and 9 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      README.md
  2. 39
      src/goodbyedpi.c

8
README.md
View File

@ -48,10 +48,16 @@ Usage: goodbyedpi.exe [OPTION...]
reversed order. Works with the websites which could not handle segmented
HTTPS TLS ClientHello (because they receive the TCP flow "combined").
-1 -p -r -s -f 2 -k 2 -n -e 2 (most compatible mode, default)
LEGACY modesets:
-1 -p -r -s -f 2 -k 2 -n -e 2 (most compatible mode)
-2 -p -r -s -f 2 -k 2 -n -e 40 (better speed for HTTPS yet still compatible)
-3 -p -r -s -e 40 (better speed for HTTP and HTTPS)
-4 -p -r -s (best speed)
Modern modesets (more stable, more compatible, faster):
-5 -f 2 -e 2 --auto-ttl --reverse-frag (this is the default)
-6 -f 2 -e 2 --wrong-seq --reverse-frag
```
To check if your ISP's DPI could be circumvented, run `3_all_dnsredir_hardcore.cmd` first. This is the most hardcore mode which will show if this program is suitable for your ISP and DPI vendor at all. If you can open blocked websites with this mode, it means your ISP has DPI which can be circumvented. This is the slowest and prone to break websites mode, but suitable for most DPI.

39
src/goodbyedpi.c
View File

@ -572,15 +572,16 @@ int main(int argc, char *argv[]) {
);
if (argc == 1) {
/* enable mode -1 by default */
/* enable mode -5 by default */
do_fragment_http = do_fragment_https = 1;
do_reverse_frag = do_native_frag = 1;
http_fragment_size = https_fragment_size = 2;
do_passivedpi = do_host = do_host_removespace \
= do_fragment_http = do_fragment_https \
= do_fragment_http_persistent \
= do_fragment_http_persistent_nowait = 1;
do_fragment_http_persistent = do_fragment_http_persistent_nowait = 1;
do_fake_packet = 1;
do_auto_ttl = 2;
}
while ((opt = getopt_long(argc, argv, "1234prsaf:e:mwk:n", long_options, NULL)) != -1) {
while ((opt = getopt_long(argc, argv, "123456prsaf:e:mwk:n", long_options, NULL)) != -1) {
switch (opt) {
case '1':
do_passivedpi = do_host = do_host_removespace \
@ -603,6 +604,22 @@ int main(int argc, char *argv[]) {
case '4':
do_passivedpi = do_host = do_host_removespace = 1;
break;
case '5':
do_fragment_http = do_fragment_https = 1;
do_reverse_frag = do_native_frag = 1;
http_fragment_size = https_fragment_size = 2;
do_fragment_http_persistent = do_fragment_http_persistent_nowait = 1;
do_fake_packet = 1;
do_auto_ttl = 2;
break;
case '6':
do_fragment_http = do_fragment_https = 1;
do_reverse_frag = do_native_frag = 1;
http_fragment_size = https_fragment_size = 2;
do_fragment_http_persistent = do_fragment_http_persistent_nowait = 1;
do_fake_packet = 1;
do_wrong_seq = 1;
break;
case 'p':
do_passivedpi = 1;
break;
@ -795,10 +812,16 @@ int main(int argc, char *argv[]) {
" reversed order. Works with the websites which could not handle segmented\n"
" HTTPS TLS ClientHello (because they receive the TCP flow \"combined\").\n"
"\n"
" -1 -p -r -s -f 2 -k 2 -n -e 2 (most compatible mode, default)\n"
"\n"
"LEGACY modesets:\n"
" -1 -p -r -s -f 2 -k 2 -n -e 2 (most compatible mode)\n"
" -2 -p -r -s -f 2 -k 2 -n -e 40 (better speed for HTTPS yet still compatible)\n"
" -3 -p -r -s -e 40 (better speed for HTTP and HTTPS)\n"
" -4 -p -r -s (best speed)");
" -4 -p -r -s (best speed)"
"\n"
"Modern modesets (more stable, more compatible, faster):\n"
" -5 -f 2 -e 2 --auto-ttl --reverse-frag (this is the default)\n"
" -6 -f 2 -e 2 --wrong-seq --reverse-frag\n");
exit(EXIT_FAILURE);
}
}

Write Preview
Loading…
Cancel
Save