farukuzun / notsodeep Goto Github PK
View Code? Open in Web Editor NEWActive DPI circumvention utility for Linux
License: Apache License 2.0
notsodeep's People
Contributors
Stargazers
Watchers
Forkers
aaomidi old101 peregr1nefalco zenpassvpn sebride4988 mahdi-ln talhakanyilmaz xenups casebell letlambdafree morecool davekii erdoukki devmoon0 masterjj lantip chanha0406 0xrustlangnotsodeep's Issues
No port listening & no filter circumvention
# systemctl status notsodeep.service
● notsodeep.service - Notsodeep service
Loaded: loaded (/etc/systemd/system/notsodeep.service; enabled; vendor preset
Active: active (running)
sudo lsof -Pn +M | grep ':443 (LISTEN)' doesn't show this server and no circumvention happens.
For DNS stubby is using
notsodeep on OpenWrt, not working
Hi, I am trying to get notsodeep working on OpenWrt. My goal is to apply DPI circumvention network wide, and because of that I intend to run notsodeep in my router. I have successfully compiled the source code, and the executable appears to be running.
root@mywrt:/# ps | grep notsodeep
3265 root 1132 S ./notsodeep
root@mywrt:/# cat /proc/net/netfilter/nfnetlink_queue
200 3265 0 2 65531 0 0 169 1
However, it seems that it isn't working; blocked websites are still not opening. I have entered the iptables rules that you have specified, but it appears to do nothing. For your information, here's the full output of iptables -L:
root@mywrt:/tmp# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
NFQUEUE tcp -- anywhere anywhere tcp spt:https flags:SYN,ACK/SYN,ACK NFQUEUE num 200 bypass
ACCEPT all -- anywhere anywhere /* !fw3 */
input_rule all -- anywhere anywhere /* !fw3: user chain for input */
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED /* !fw3 */
syn_flood tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN /* !fw3 */
zone_lan_input all -- anywhere anywhere /* !fw3 */
zone_wan_input all -- anywhere anywhere /* !fw3 */
Chain FORWARD (policy DROP)
target prot opt source destination
forwarding_rule all -- anywhere anywhere /* !fw3: user chain for forwarding */
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED /* !fw3 */
zone_lan_forward all -- anywhere anywhere /* !fw3 */
zone_wan_forward all -- anywhere anywhere /* !fw3 */
reject all -- anywhere anywhere /* !fw3 */
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere /* !fw3 */
output_rule all -- anywhere anywhere /* !fw3: user chain for output */
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED /* !fw3 */
zone_lan_output all -- anywhere anywhere /* !fw3 */
zone_wan_output all -- anywhere anywhere /* !fw3 */
Chain MINIUPNPD (0 references)
target prot opt source destination
ACCEPT udp -- anywhere 192.168.1.108 udp dpt:33426
ACCEPT udp -- anywhere 192.168.1.108 udp dpt:58402
ACCEPT tcp -- anywhere 192.168.1.52 tcp dpt:32400
Chain forwarding_Mullvad_WGZ_rule (1 references)
target prot opt source destination
Chain forwarding_lan_rule (1 references)
target prot opt source destination
Chain forwarding_rule (1 references)
target prot opt source destination
Chain forwarding_wan_rule (1 references)
target prot opt source destination
Chain input_Mullvad_WGZ_rule (1 references)
target prot opt source destination
Chain input_lan_rule (1 references)
target prot opt source destination
Chain input_rule (1 references)
target prot opt source destination
Chain input_wan_rule (1 references)
target prot opt source destination
Chain output_Mullvad_WGZ_rule (1 references)
target prot opt source destination
Chain output_lan_rule (1 references)
target prot opt source destination
Chain output_rule (1 references)
target prot opt source destination
Chain output_wan_rule (1 references)
target prot opt source destination
Chain reject (1 references)
target prot opt source destination
REJECT tcp -- anywhere anywhere /* !fw3 */ reject-with tcp-reset
REJECT all -- anywhere anywhere /* !fw3 */ reject-with icmp-port-unreachable
Chain syn_flood (1 references)
target prot opt source destination
RETURN tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50 /* !fw3 */
DROP all -- anywhere anywhere /* !fw3 */
Chain zone_Mullvad_WGZ_dest_ACCEPT (1 references)
target prot opt source destination
Chain zone_Mullvad_WGZ_dest_REJECT (1 references)
target prot opt source destination
Chain zone_Mullvad_WGZ_forward (0 references)
target prot opt source destination
forwarding_Mullvad_WGZ_rule all -- anywhere anywhere /* !fw3: user chain for forwarding */
ACCEPT all -- anywhere anywhere ctstate DNAT /* !fw3: Accept port forwards */
zone_Mullvad_WGZ_dest_REJECT all -- anywhere anywhere /* !fw3 */
Chain zone_Mullvad_WGZ_input (0 references)
target prot opt source destination
input_Mullvad_WGZ_rule all -- anywhere anywhere /* !fw3: user chain for input */
ACCEPT all -- anywhere anywhere ctstate DNAT /* !fw3: Accept port redirections */
zone_Mullvad_WGZ_src_REJECT all -- anywhere anywhere /* !fw3 */
Chain zone_Mullvad_WGZ_output (0 references)
target prot opt source destination
output_Mullvad_WGZ_rule all -- anywhere anywhere /* !fw3: user chain for output */
zone_Mullvad_WGZ_dest_ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_Mullvad_WGZ_src_REJECT (1 references)
target prot opt source destination
Chain zone_lan_dest_ACCEPT (5 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_lan_forward (1 references)
target prot opt source destination
forwarding_lan_rule all -- anywhere anywhere /* !fw3: user chain for forwarding */
zone_wan_dest_ACCEPT all -- anywhere anywhere /* !fw3: forwarding lan -> wan */
ACCEPT all -- anywhere anywhere ctstate DNAT /* !fw3: Accept port forwards */
zone_lan_dest_ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_lan_input (1 references)
target prot opt source destination
input_lan_rule all -- anywhere anywhere /* !fw3: user chain for input */
ACCEPT all -- anywhere anywhere ctstate DNAT /* !fw3: Accept port redirections */
zone_lan_src_ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_lan_output (1 references)
target prot opt source destination
output_lan_rule all -- anywhere anywhere /* !fw3: user chain for output */
zone_lan_dest_ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_lan_src_ACCEPT (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate NEW,UNTRACKED /* !fw3 */
Chain zone_wan_dest_ACCEPT (3 references)
target prot opt source destination
DROP all -- anywhere anywhere ctstate INVALID /* !fw3: Prevent NAT leakage */
ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_wan_forward (1 references)
target prot opt source destination
forwarding_wan_rule all -- anywhere anywhere /* !fw3: user chain for forwarding */
zone_lan_dest_ACCEPT esp -- anywhere anywhere /* !fw3: @rule[7] */
zone_lan_dest_ACCEPT udp -- anywhere anywhere udp dpt:isakmp /* !fw3: @rule[8] */
zone_lan_dest_ACCEPT all -- anywhere anywhere /* !fw3: forwarding wan -> lan */
ACCEPT all -- anywhere anywhere ctstate DNAT /* !fw3: Accept port forwards */
zone_wan_dest_ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_wan_input (1 references)
target prot opt source destination
input_wan_rule all -- anywhere anywhere /* !fw3: user chain for input */
ACCEPT udp -- anywhere anywhere udp dpt:bootpc /* !fw3: Allow-DHCP-Renew */
ACCEPT icmp -- anywhere anywhere icmp echo-request /* !fw3: Allow-Ping */
ACCEPT igmp -- anywhere anywhere /* !fw3: Allow-IGMP */
ACCEPT tcp -- anywhere anywhere /* !fw3: @rule[9] */
ACCEPT udp -- anywhere anywhere /* !fw3: @rule[9] */
ACCEPT all -- anywhere anywhere ctstate DNAT /* !fw3: Accept port redirections */
zone_wan_src_ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_wan_output (1 references)
target prot opt source destination
output_wan_rule all -- anywhere anywhere /* !fw3: user chain for output */
zone_wan_dest_ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_wan_src_ACCEPT (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate NEW,UNTRACKED /* !fw3 */
And here is the output of iptables -t raw -nvL:
root@mywrt:/# iptables -t raw -nvL
Chain PREROUTING (policy ACCEPT 922K packets, 682M bytes)
pkts bytes target prot opt in out source destination
190 11128 NFQUEUE tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:80 flags:0x12/0x12 NFQUEUE num 200 bypass
Chain OUTPUT (policy ACCEPT 8523 packets, 2476K bytes)
pkts bytes target prot opt in out source destination
I can't find anything wrong. Do I need a different rule? Is it possible that the code is simply incompatible with my router's CPU (mips_24kc)? For what it's worth, I compiled notsodeep using the -D_GNU_SOURCE flag. I am attaching the compiled binary, just in case you need it.
notsodeep-openwrt-mips24kc.zip
Thank you for your attention.
It isn't working with Raspberry Pi
Kernel: Linux: Linux raspberry 4.9.0-7-amd64 #1 SMP Debian 4.9.110-3+deb9u2 (2018-08-13) x86_64 GNU/Linux
Program raspberry pi ile çalışmıyor.
Failed to enable unit: Unit file iptables.service does not exist.
# systemctl enable iptables
Failed to enable unit: Unit file iptables.service does not exist.
OS: Ubuntu 18.04
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.