Update bug.yml

Merge pull request #383 from mdashlw/patch-1
Update README.md
2024-08-01 10:41:07 +03:00 · 2024-07-31 15:18:17 +03:00 · 2024-07-31 20:13:32 +08:00 · 2024-07-28 22:51:17 +03:00 · 2024-07-29 00:50:56 +09:00
3 changed files with 13 additions and 62 deletions
--- a/.github/ISSUE_TEMPLATE/bug.yml
+++ b/.github/ISSUE_TEMPLATE/bug.yml
@ -5,7 +5,7 @@ body:
  - type: markdown
    attributes:
      value: |
-        **USE THIS FORM ONLY FOR BUGS**
+        ### USE THIS FORM ONLY FOR BUGS! The webside does not open? That's likely NOT a bug, do not report it here!
        GoodbyeDPI does not guarantee to work with your ISP for every blocked website or at all. If GoodbyeDPI can't unblock some or any websites, this is most likely not a software bug, and you should not report it here.

        Please only report software bugs, such as:
@ -18,7 +18,7 @@ body:
        Please make sure to check other opened and closed issues, it could be your bug has been reported already.
        For questions, or if in doubt, [use NTC.party forum](https://ntc.party/c/community-software/goodbyedpi).

-        **ИСПОЛЬЗУЙТЕ ЭТУ ФОРМУ ТОЛЬКО ДЛЯ БАГОВ**
+        ### ИСПОЛЬЗУЙТЕ ЭТУ ФОРМУ ТОЛЬКО ДЛЯ БАГОВ! Веб-сайт не открывается? Это, скорее всего, не баг, не сообщайте сюда!
        GoodbyeDPI не гарантирует ни 100% работу с вашим провайдером, ни работу с каждым заблокированным сайтом. Если GoodbyeDPI не разблокирует доступ к некоторым или всем веб-сайтам, вероятнее всего, это не программная ошибка, и не стоит о ней сообщать здесь.

        Пожалуйста, сообщайте только об ошибках в программе, таких как:
--- a/README.md
+++ b/README.md
@ -22,7 +22,6 @@ Download [latest version from Releases page](https://github.com/ValdikSS/Goodbye
 ```
 Usage: goodbyedpi.exe [OPTION...]
 -p          block passive DPI
- -q          block QUIC/HTTP3
 -r          replace Host with hoSt
 -s          remove space between host header and its value
 -m          mix Host header case (test.com -> tEsT.cOm)
@ -78,13 +77,8 @@ LEGACY modesets:
 -4          -p -r -s (best speed)

 Modern modesets (more stable, more compatible, faster):
- -5          -f 2 -e 2 --auto-ttl --reverse-frag --max-payload
+ -5          -f 2 -e 2 --auto-ttl --reverse-frag --max-payload (this is the default)
 -6          -f 2 -e 2 --wrong-seq --reverse-frag --max-payload
- -7          -f 2 -e 2 --wrong-chksum --reverse-frag --max-payload
- -8          -f 2 -e 2 --wrong-seq --wrong-chksum --reverse-frag --max-payload
- -9          -f 2 -e 2 --wrong-seq --wrong-chksum --reverse-frag --max-payload -q (this is the default)
-
- Note: combination of --wrong-seq and --wrong-chksum generates two different fake packets.
 ```

 To check if your ISP's DPI could be circumvented, first make sure that your provider does not poison DNS answers by enabling "Secure DNS (DNS over HTTPS)" option in your browser.
@ -94,7 +88,7 @@ To check if your ISP's DPI could be circumvented, first make sure that your prov

 Then run the `goodbyedpi.exe` executable without any options. If it works — congratulations! You can use it as-is or configure further, for example by using `--blacklist` option if the list of blocked websites is known and available for your country.

-If your provider intercepts DNS requests, you may want to use `--dns-addr` option to a public DNS resover running on non-standard port (such as Yandex DNS `77.88.8.8:1253`) or configure DNS over HTTPS/TLS using third-party applications.
+If your provider intercepts DNS requests, you may want to use `--dns-addr` option to a public DNS resolver running on non-standard port (such as Yandex DNS `77.88.8.8:1253`) or configure DNS over HTTPS/TLS using third-party applications.

 Check the .cmd scripts and modify it according to your preference and network conditions.

@ -147,7 +141,7 @@ Modify them according to your own needs.

 # Similar projects

- **[zapret](https://github.com/bol-van/zapret)** by @bol-van (for Linux)
+- **[zapret](https://github.com/bol-van/zapret)** by @bol-van (for MacOS, Linux and Windows)
 - **[Green Tunnel](https://github.com/SadeghHayeri/GreenTunnel)** by @SadeghHayeri (for MacOS, Linux and Windows)
 - **[DPI Tunnel CLI](https://github.com/zhenyolka/DPITunnel-cli)** by @zhenyolka (for Linux and routers)
 - **[DPI Tunnel for Android](https://github.com/zhenyolka/DPITunnel-android)** by @zhenyolka (for Android)
--- a/src/goodbyedpi.c
+++ b/src/goodbyedpi.c
@ -78,9 +78,6 @@ WINSOCK_API_LINKAGE INT WSAAPI inet_pton(INT Family, LPCSTR pStringBuf, PVOID pA
         "(tcp.DstPort == 80 or tcp.DstPort == 443) and tcp.Ack and " \
         "(" DIVERT_NO_LOCALNETSv4_DST " or " DIVERT_NO_LOCALNETSv6_DST "))" \
        "))"
-#define FILTER_PASSIVE_BLOCK_QUIC "outbound and !impostor and !loopback and udp " \
-        "and udp.DstPort == 443 and udp.PayloadLength >= 1200 " \
-        "and udp.Payload[0] >= 0xC0 and udp.Payload32[1b] == 0x01"
 #define FILTER_PASSIVE_STRING_TEMPLATE "inbound and ip and tcp and " \
        "!impostor and !loopback and " \
        "((ip.Id <= 0xF and ip.Id >= 0x0) " IPID_TEMPLATE ") and " \
@ -221,10 +218,7 @@ static void add_ip_id_str(int id) {
 static void add_maxpayloadsize_str(unsigned short maxpayload) {
    char *newstr;
    /* 0x47455420 is "GET ", 0x504F5354 is "POST", big endian. */
-    const char *maxpayloadsize_str =
-        "and (tcp.PayloadLength ? tcp.PayloadLength < %hu " \
-          "or tcp.Payload32[0] == 0x47455420 or tcp.Payload32[0] == 0x504F5354 " \
-          "or (tcp.Payload[0] == 0x16 and tcp.Payload[1] == 0x03 and tcp.Payload[2] <= 0x03): true)";
+    const char *maxpayloadsize_str = "and (tcp.PayloadLength ? tcp.PayloadLength < %hu or tcp.Payload32[0] == 0x47455420 or tcp.Payload32[0] == 0x504F5354 : true)";
    char *addfilter = malloc(strlen(maxpayloadsize_str) + 16);

    sprintf(addfilter, maxpayloadsize_str, maxpayload);
@ -565,8 +559,7 @@ int main(int argc, char *argv[]) {
    conntrack_info_t dns_conn_info;
    tcp_conntrack_info_t tcp_conn_info;

-    int do_passivedpi = 0, do_block_quic = 0,
-        do_fragment_http = 0,
+    int do_passivedpi = 0, do_fragment_http = 0,
        do_fragment_http_persistent = 0,
        do_fragment_http_persistent_nowait = 0,
        do_fragment_https = 0, do_host = 0,
@ -638,19 +631,17 @@ int main(int argc, char *argv[]) {
    );

    if (argc == 1) {
-        /* enable mode -9 by default */
+        /* enable mode -5 by default */
        do_fragment_http = do_fragment_https = 1;
        do_reverse_frag = do_native_frag = 1;
        http_fragment_size = https_fragment_size = 2;
        do_fragment_http_persistent = do_fragment_http_persistent_nowait = 1;
        do_fake_packet = 1;
-        do_wrong_chksum = 1;
-        do_wrong_seq = 1;
-        do_block_quic = 1;
+        do_auto_ttl = 1;
        max_payload_size = 1200;
    }

-    while ((opt = getopt_long(argc, argv, "123456789pqrsaf:e:mwk:n", long_options, NULL)) != -1) {
+    while ((opt = getopt_long(argc, argv, "123456prsaf:e:mwk:n", long_options, NULL)) != -1) {
        switch (opt) {
            case '1':
                do_passivedpi = do_host = do_host_removespace \
@ -691,27 +682,9 @@ int main(int argc, char *argv[]) {
                do_wrong_seq = 1;
                max_payload_size = 1200;
                break;
-            case '9': // +7+8
-                do_block_quic = 1;
-                // fall through
-            case '8': // +7
-                do_wrong_seq = 1;
-                // fall through
-            case '7':
-                do_fragment_http = do_fragment_https = 1;
-                do_reverse_frag = do_native_frag = 1;
-                http_fragment_size = https_fragment_size = 2;
-                do_fragment_http_persistent = do_fragment_http_persistent_nowait = 1;
-                do_fake_packet = 1;
-                do_wrong_chksum = 1;
-                max_payload_size = 1200;
-                break;
            case 'p':
                do_passivedpi = 1;
                break;
-            case 'q':
-                do_block_quic = 1;
-                break;
            case 'r':
                do_host = 1;
                break;
@ -911,7 +884,6 @@ int main(int argc, char *argv[]) {
            default:
                puts("Usage: goodbyedpi.exe [OPTION...]\n"
                " -p          block passive DPI\n"
-                " -q          block QUIC/HTTP3\n"
                " -r          replace Host with hoSt\n"
                " -s          remove space between host header and its value\n"
                " -a          additional space between Method and Request-URI (enables -s, may break sites)\n"
@ -966,13 +938,8 @@ int main(int argc, char *argv[]) {
                " -4          -p -r -s (best speed)"
                "\n"
                "Modern modesets (more stable, more compatible, faster):\n"
-                " -5          -f 2 -e 2 --auto-ttl --reverse-frag --max-payload\n"
-                " -6          -f 2 -e 2 --wrong-seq --reverse-frag --max-payload\n"
-                " -7          -f 2 -e 2 --wrong-chksum --reverse-frag --max-payload\n"
-                " -8          -f 2 -e 2 --wrong-seq --wrong-chksum --reverse-frag --max-payload\n"
-                " -9          -f 2 -e 2 --wrong-seq --wrong-chksum --reverse-frag --max-payload -q (this is the default)\n\n"
-                "Note: combination of --wrong-seq and --wrong-chksum generates two different fake packets.\n"
-                );
+                " -5          -f 2 -e 2 --auto-ttl --reverse-frag --max-payload (this is the default)\n"
+                " -6          -f 2 -e 2 --wrong-seq --reverse-frag --max-payload\n");
                exit(EXIT_FAILURE);
        }
    }
@ -993,7 +960,6 @@ int main(int argc, char *argv[]) {
    }

    printf("Block passive: %d\n"                    /* 1 */
-           "Block QUIC/HTTP3: %d\n"                 /* 1 */
           "Fragment HTTP: %u\n"                    /* 2 */
           "Fragment persistent HTTP: %u\n"         /* 3 */
           "Fragment HTTPS: %u\n"                   /* 4 */
@ -1013,7 +979,7 @@ int main(int argc, char *argv[]) {
           "Fake requests, wrong checksum: %d\n"    /* 17 */
           "Fake requests, wrong SEQ/ACK: %d\n"     /* 18 */
           "Max payload size: %hu\n",               /* 19 */
-           do_passivedpi, do_block_quic,                          /* 1 */
+           do_passivedpi,                                         /* 1 */
           (do_fragment_http ? http_fragment_size : 0),           /* 2 */
           (do_fragment_http_persistent ? http_fragment_size : 0),/* 3 */
           (do_fragment_https ? https_fragment_size : 0),         /* 4 */
@ -1065,15 +1031,6 @@ int main(int argc, char *argv[]) {
        filter_num++;
    }

-    if (do_block_quic) {
-        filters[filter_num] = init(
-            FILTER_PASSIVE_BLOCK_QUIC,
-            WINDIVERT_FLAG_DROP);
-        if (filters[filter_num] == NULL)
-            die();
-        filter_num++;
-    }
-
    /* 
     * IPv4 & IPv6 filter for inbound HTTP redirection packets and
     * active DPI circumvention
Author	SHA1	Message	Date
ValdikSS	d9bf7c3ccd	Update bug.yml	2024-08-01 10:41:07 +03:00
ValdikSS	ad18fb9854	Merge pull request #383 from mdashlw/patch-1 Update README.md	2024-07-31 15:18:17 +03:00
mdashlw	bc82203364	Update README.md	2024-07-31 20:13:32 +08:00
ValdikSS	a1fb62ff82	Merge pull request #379 from eltociear/patch-1 chore: update README.md	2024-07-28 22:51:17 +03:00
Ikko Eltociear Ashimine	46e6c8f2db	chore: update README.md resover -> resolver	2024-07-29 00:50:56 +09:00