klavirshik
/
GoodbyeDPI
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge e78d41048b into 505b8bf516

This commit is contained in:
include 2020-03-08 19:49:09 +00:00 committed by GitHub
parent 505b8bf516 e78d41048b
commit ca2c027ad8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 37 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/blackwhitelist.c
View File

@ -70,6 +70,7 @@ int blackwhitelist_load_list(const char *filename) {
if (strlen(line) > HOST_MAXLEN) { if (strlen(line) > HOST_MAXLEN) {
printf("WARNING: host %s exceeds maximum host length and has not been added\n", printf("WARNING: host %s exceeds maximum host length and has not been added\n",
line); line);
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
continue; continue;
} }
if (strlen(line) < 4) if (strlen(line) < 4)
@ -80,6 +81,7 @@ int blackwhitelist_load_list(const char *filename) {
free(line); free(line);
if (!blackwhitelist) return FALSE; if (!blackwhitelist) return FALSE;
printf("Loaded %d hosts from file %s\n", cnt, filename); printf("Loaded %d hosts from file %s\n", cnt, filename);
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
fclose(fp); fclose(fp);
return TRUE; return TRUE;
} }

2
src/dnsredir.c
View File

@ -50,12 +50,14 @@ void flush_dns_cache() {
if (dnsapi == NULL) if (dnsapi == NULL)
{ {
printf("Can't load dnsapi.dll to flush DNS cache!\n"); printf("Can't load dnsapi.dll to flush DNS cache!\n");
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
DnsFlushResolverCache = (void*)GetProcAddress(dnsapi, "DnsFlushResolverCache"); DnsFlushResolverCache = (void*)GetProcAddress(dnsapi, "DnsFlushResolverCache");
if (DnsFlushResolverCache == NULL || !DnsFlushResolverCache()) if (DnsFlushResolverCache == NULL || !DnsFlushResolverCache())
printf("Can't flush DNS cache!"); printf("Can't flush DNS cache!");
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
FreeLibrary(dnsapi); FreeLibrary(dnsapi);
} }

49
src/goodbyedpi.c
View File

@ -82,17 +82,8 @@ WINSOCK_API_LINKAGE INT WSAAPI inet_pton(INT Family, LPCSTR pStringBuf, PVOID pA
"(tcp.SrcPort == 443 or tcp.SrcPort == 80) and tcp.Rst and " \ "(tcp.SrcPort == 443 or tcp.SrcPort == 80) and tcp.Rst and " \
DIVERT_NO_LOCALNETSv4_SRC DIVERT_NO_LOCALNETSv4_SRC
#define SET_HTTP_FRAGMENT_SIZE_OPTION(fragment_size) do { \ #define SET_HTTP_FRAGMENT_SIZE_OPTION(fragment_size) do{ if (!http_fragment_size) { http_fragment_size = (unsigned int)fragment_size; }else if (http_fragment_size != (unsigned int)fragment_size) { printf("WARNING: HTTP fragment size is already set to %d, not changing.\n", http_fragment_size );fflush(stdout); } }while(0)
if (!http_fragment_size) { \
http_fragment_size = (unsigned int)fragment_size; \
} \
else if (http_fragment_size != (unsigned int)fragment_size) { \
printf( \
"WARNING: HTTP fragment size is already set to %d, not changing.\n", \
http_fragment_size \
); \
} \
} while (0)
static int running_from_service = 0; static int running_from_service = 0;
static HANDLE filters[MAX_FILTERS]; static HANDLE filters[MAX_FILTERS];
@ -144,10 +135,15 @@ static void add_filter_str(int proto, int port) {
strcpy(new_filter, current_filter); strcpy(new_filter, current_filter);
if (proto == IPPROTO_UDP) if (proto == IPPROTO_UDP)
{
sprintf(&(new_filter[strlen(new_filter)]), udp, port, port); sprintf(&(new_filter[strlen(new_filter)]), udp, port, port);
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
}
else else
{
sprintf(&(new_filter[strlen(new_filter)]), tcp, port, port); sprintf(&(new_filter[strlen(new_filter)]), tcp, port, port);
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
}
filter_string = new_filter; filter_string = new_filter;
free(current_filter); free(current_filter);
} }
@ -158,6 +154,7 @@ static void add_ip_id_str(int id) {
char *addfilter = malloc(strlen(ipid) + 16); char *addfilter = malloc(strlen(ipid) + 16);
sprintf(addfilter, ipid, id); sprintf(addfilter, ipid, id);
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
newstr = repl_str(filter_string, IPID_TEMPLATE, addfilter); newstr = repl_str(filter_string, IPID_TEMPLATE, addfilter);
free(filter_string); free(filter_string);
@ -202,6 +199,7 @@ unsigned short int atousi(const char *str, const char *msg) {
if(res > limitValue) { if(res > limitValue) {
puts(msg); puts(msg);
fflush(stdout);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
return (unsigned short int)res; return (unsigned short int)res;
@ -233,6 +231,7 @@ static HANDLE init(char *filter, UINT64 flags) {
NULL, errorcode, MAKELANGID(LANG_ENGLISH, SUBLANG_DEFAULT), NULL, errorcode, MAKELANGID(LANG_ENGLISH, SUBLANG_DEFAULT),
(LPTSTR)&errormessage, 0, NULL); (LPTSTR)&errormessage, 0, NULL);
printf("Error opening filter: %s", errormessage); printf("Error opening filter: %s", errormessage);
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
LocalFree(errormessage); LocalFree(errormessage);
if (errorcode == 577) if (errorcode == 577)
printf("Windows Server 2016 systems must have secure boot disabled to be " printf("Windows Server 2016 systems must have secure boot disabled to be "
@ -244,6 +243,7 @@ static HANDLE init(char *filter, UINT64 flags) {
"Most probably, you don't have security patches installed and anyone in you LAN or " "Most probably, you don't have security patches installed and anyone in you LAN or "
"public Wi-Fi network can get full access to your computer (MS17-010 and others).\n" "public Wi-Fi network can get full access to your computer (MS17-010 and others).\n"
"You should install updates IMMEDIATELY.\n"); "You should install updates IMMEDIATELY.\n");
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
return NULL; return NULL;
} }
@ -353,7 +353,7 @@ static PVOID find_http_method_end(const char *pkt, unsigned int http_frag, int *
return NULL; return NULL;
} }
int main(int argc, char *argv[]) { int main(int argc, char *argv[]){
static enum packet_type_e { static enum packet_type_e {
unknown, unknown,
ipv4_tcp, ipv4_tcp_data, ipv4_udp_data, ipv4_tcp, ipv4_tcp_data, ipv4_udp_data,
@ -431,6 +431,7 @@ int main(int argc, char *argv[]) {
": Passive DPI blocker and Active DPI circumvention utility\n" ": Passive DPI blocker and Active DPI circumvention utility\n"
"https://github.com/ValdikSS/GoodbyeDPI\n\n" "https://github.com/ValdikSS/GoodbyeDPI\n\n"
); );
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
if (argc == 1) { if (argc == 1) {
/* enable mode -1 by default */ /* enable mode -1 by default */
@ -441,7 +442,7 @@ int main(int argc, char *argv[]) {
= do_fragment_http_persistent_nowait = 1; = do_fragment_http_persistent_nowait = 1;
} }
while ((opt = getopt_long(argc, argv, "1234prsaf:e:mwk:n", long_options, NULL)) != -1) { while ((opt = getopt_long(argc, argv, "1234prsaf:e:mwk:n", long_options, NULL)) != -1){
switch (opt) { switch (opt) {
case '1': case '1':
do_passivedpi = do_host = do_host_removespace \ do_passivedpi = do_host = do_host_removespace \
@ -503,6 +504,7 @@ int main(int argc, char *argv[]) {
i = atoi(optarg); i = atoi(optarg);
if (i <= 0 || i > 65535) { if (i <= 0 || i > 65535) {
printf("Port parameter error!\n"); printf("Port parameter error!\n");
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
if (i != 80 && i != 443) if (i != 80 && i != 443)
@ -522,6 +524,7 @@ int main(int argc, char *argv[]) {
do_dnsv4_redirect = 1; do_dnsv4_redirect = 1;
if (inet_pton(AF_INET, optarg, &dnsv4_addr) != 1) { if (inet_pton(AF_INET, optarg, &dnsv4_addr) != 1) {
puts("DNS address parameter error!"); puts("DNS address parameter error!");
fflush(stdout);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
add_filter_str(IPPROTO_UDP, 53); add_filter_str(IPPROTO_UDP, 53);
@ -529,6 +532,7 @@ int main(int argc, char *argv[]) {
break; break;
} }
puts("DNS address parameter error!"); puts("DNS address parameter error!");
fflush(stdout);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
break; break;
case '!': case '!':
@ -538,6 +542,7 @@ int main(int argc, char *argv[]) {
do_dnsv6_redirect = 1; do_dnsv6_redirect = 1;
if (inet_pton(AF_INET6, optarg, dnsv6_addr.s6_addr) != 1) { if (inet_pton(AF_INET6, optarg, dnsv6_addr.s6_addr) != 1) {
puts("DNS address parameter error!"); puts("DNS address parameter error!");
fflush(stdout);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
add_filter_str(IPPROTO_UDP, 53); add_filter_str(IPPROTO_UDP, 53);
@ -545,6 +550,7 @@ int main(int argc, char *argv[]) {
break; break;
} }
puts("DNS address parameter error!"); puts("DNS address parameter error!");
fflush(stdout);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
break; break;
case 'g': case 'g':
@ -552,6 +558,7 @@ int main(int argc, char *argv[]) {
puts("--dns-port should be used with --dns-addr!\n" puts("--dns-port should be used with --dns-addr!\n"
"Make sure you use --dns-addr and pass it before " "Make sure you use --dns-addr and pass it before "
"--dns-port"); "--dns-port");
fflush(stdout);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
dnsv4_port = atousi(optarg, "DNS port parameter error!"); dnsv4_port = atousi(optarg, "DNS port parameter error!");
@ -565,6 +572,7 @@ int main(int argc, char *argv[]) {
puts("--dnsv6-port should be used with --dnsv6-addr!\n" puts("--dnsv6-port should be used with --dnsv6-addr!\n"
"Make sure you use --dnsv6-addr and pass it before " "Make sure you use --dnsv6-addr and pass it before "
"--dnsv6-port"); "--dnsv6-port");
fflush(stdout);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
dnsv6_port = atousi(optarg, "DNS port parameter error!"); dnsv6_port = atousi(optarg, "DNS port parameter error!");
@ -580,6 +588,7 @@ int main(int argc, char *argv[]) {
do_blacklist = 1; do_blacklist = 1;
if (!blackwhitelist_load_list(optarg)) { if (!blackwhitelist_load_list(optarg)) {
printf("Can't load blacklist from file!\n"); printf("Can't load blacklist from file!\n");
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
break; break;
@ -621,6 +630,7 @@ int main(int argc, char *argv[]) {
" -2 -p -r -s -f 2 -k 2 -n -e 40 (better speed for HTTPS yet still compatible)\n" " -2 -p -r -s -f 2 -k 2 -n -e 40 (better speed for HTTPS yet still compatible)\n"
" -3 -p -r -s -e 40 (better speed for HTTP and HTTPS)\n" " -3 -p -r -s -e 40 (better speed for HTTP and HTTPS)\n"
" -4 -p -r -s (best speed)"); " -4 -p -r -s (best speed)");
fflush(stdout);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
} }
@ -642,14 +652,17 @@ int main(int argc, char *argv[]) {
do_http_allports, do_fragment_http_persistent_nowait, do_dnsv4_redirect, do_http_allports, do_fragment_http_persistent_nowait, do_dnsv4_redirect,
do_dnsv6_redirect, ttl_of_fake_packet, do_wrong_chksum do_dnsv6_redirect, ttl_of_fake_packet, do_wrong_chksum
); );
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
if (do_fragment_http && http_fragment_size > 2) { if (do_fragment_http && http_fragment_size > 2) {
printf("WARNING: HTTP fragmentation values > 2 are not fully compatible " printf("WARNING: HTTP fragmentation values > 2 are not fully compatible "
"with other options. Please use values <= 2 or disable HTTP fragmentation " "with other options. Please use values <= 2 or disable HTTP fragmentation "
"completely.\n"); "completely.\n");
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
} }
printf("\nOpening filter\n"); printf("\nOpening filter\n");
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
finalize_filter_strings(); finalize_filter_strings();
filter_num = 0; filter_num = 0;
@ -678,9 +691,10 @@ int main(int argc, char *argv[]) {
} }
printf("Filter activated!\n"); printf("Filter activated!\n");
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
signal(SIGINT, sigint_handler); signal(SIGINT, sigint_handler);
while (1) { while(1){
if (WinDivertRecv(w_filter, packet, sizeof(packet), &addr, &packetLen)) { if (WinDivertRecv(w_filter, packet, sizeof(packet), &addr, &packetLen)) {
debug("Got %s packet, len=%d!\n", addr.Direction ? "inbound" : "outbound", debug("Got %s packet, len=%d!\n", addr.Direction ? "inbound" : "outbound",
packetLen); packetLen);
@ -986,6 +1000,7 @@ int main(int argc, char *argv[]) {
if (do_dns_verb && !should_reinject) { if (do_dns_verb && !should_reinject) {
printf("[DNS] Error handling incoming packet: srcport = %hu, dstport = %hu\n", printf("[DNS] Error handling incoming packet: srcport = %hu, dstport = %hu\n",
ntohs(ppUdpHdr->SrcPort), ntohs(ppUdpHdr->DstPort)); ntohs(ppUdpHdr->SrcPort), ntohs(ppUdpHdr->DstPort));
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
} }
} }
} }
@ -1018,6 +1033,7 @@ int main(int argc, char *argv[]) {
if (do_dns_verb && !should_reinject) { if (do_dns_verb && !should_reinject) {
printf("[DNS] Error handling outgoing packet: srcport = %hu, dstport = %hu\n", printf("[DNS] Error handling outgoing packet: srcport = %hu, dstport = %hu\n",
ntohs(ppUdpHdr->SrcPort), ntohs(ppUdpHdr->DstPort)); ntohs(ppUdpHdr->SrcPort), ntohs(ppUdpHdr->DstPort));
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
} }
} }
} }
@ -1034,7 +1050,8 @@ int main(int argc, char *argv[]) {
else { else {
// error, ignore // error, ignore
printf("Error receiving packet!\n"); printf("Error receiving packet!\n");
fflush(stdout); // In order to properly work with GUI for GoodbyeDPI
break; break;
} }
} }
} }