From f8b5f602a4c8ff88e3558ce02363ecf276392821 Mon Sep 17 00:00:00 2001 From: bol-van Date: Sun, 15 Jun 2025 09:18:25 +0300 Subject: [PATCH] nfqws: allow desync of replayed udp with reasm offset !=0 --- docs/changes.txt | 6 +++++- nfq/desync.c | 6 ++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/docs/changes.txt b/docs/changes.txt index 8fa9d61..98e9c5e 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -514,6 +514,10 @@ install_easy: stop if running embedded release on traditional linux system (some install_bin: add "read elf" arch detection method binaries: renamed arch dirs in binaries -v71.2 +v71.1.1 nfqws: use wireless ext in case nl80211 does not return SSID + +v71.2 + +nfqws: apply udp desync to replayed packets with non-zero reasm offset (except fake) diff --git a/nfq/desync.c b/nfq/desync.c index 7c994ab..97fe4f6 100644 --- a/nfq/desync.c +++ b/nfq/desync.c @@ -2421,9 +2421,6 @@ static uint8_t dpi_desync_udp_packet_play(bool replay, size_t reasm_offset, uint DLOG("matching desync profile not found\n"); return verdict; } - - // no need to desync middle packets in reasm session - if (reasm_offset) goto send_orig; } else { @@ -2839,6 +2836,7 @@ static uint8_t dpi_desync_udp_packet_play(bool replay, size_t reasm_offset, uint break; } case DESYNC_FAKE: + if (!reasm_offset) { struct blob_item *fake_item; int n=0; @@ -2862,8 +2860,8 @@ static uint8_t dpi_desync_udp_packet_play(bool replay, size_t reasm_offset, uint goto send_orig; ip_id=IP4_IP_ID_NEXT(ip_id); } + bFake = true; } - bFake = true; break; case DESYNC_HOPBYHOP: case DESYNC_DESTOPT: