|
|
|
@ -284,6 +284,7 @@ Fakes are separate generated by nfqws packets carrying false information for DPI |
|
|
|
This mode may break NAT and may not work with iptables if masquerade is used, even from the router itself. |
|
|
|
Works with nftables properly. Likely requires external IP address (some ISPs pass these packets through their NAT). |
|
|
|
* **autottl** tries to automatically guess hop count to the server and compute TTL by adding some delta value that can be positive or negative. |
|
|
|
Positive deltas must be preceeded by unary `+` sign. Deltas without any unary sign are treated negative for old versions compatibility reasons. |
|
|
|
This tech relies on well known TTL default values used by OS : 64,128,255. |
|
|
|
nfqws needs first incoming packet to see it's TTL. You must redirect it too. |
|
|
|
If resulting value TTL is outside the range (min,max) then its normalized to min or max. |
|
|
|
|
bol-van
3 months ago