fqrouter / fqrouter Goto Github PK
View Code? Open in Web Editor NEWanti-GFW router
Home Page: fqrouter.com
anti-GFW router
Home Page: fqrouter.com
SYN用Masquerade发出,SYN+ACK由服务器端返回,ACK被nfqueue拦截不走默认的Masquerade,用udp转发发出
使用TCP Hole Punching开NAT洞
用单向代理转发上行流量
用TCP或者UDP包过滤避免DNS污染
打包成socks代理的形式给本地应用使用
python编写
拿到NAT出口的IP和端口
观察行为,用raw socket是否能拿到包
最开始由三台组成,分别是client,proxy和server。
发展后成为四台组成,加上中间的router。
需要用到
提供nfqueue接口:nfq.so
提供tcp/ip协议封装:nmap:nselib => bit.so
bit.so给lua提供操作bit的能力
按照probe request的要求,发送带有错误ACK号的SYN+ACK包以指定src和sport发送给指定dst和dport。
直接调用libnetfilter_queue
SYN和ACK都可以通过,到HTTP GET的包的时候就不再转发了。给服务器端代码添加日志,理解内部行为。
穿墙方式是指不依赖于客户端与服务器之外的第三个EndPoint帮助实现的的翻墙。但是会对网络中的路由器有一定依赖。
Overlapped IP Fragmentation
TTL Injection Same Sequence TCP Packet
TCP Connection State Obfuscation
Unidirectional IP Packet Proxy
Drop Invalid DNS Answer
用udp封包后再出去
在OpenWRT Backfire正式版上编译西厢2-iptables的代码。
如果NAT端口是为服务器a开的,服务器b来用会不会被阻断
像Overlapped IP Fragmentation等测试都会受到NAT的影响。
对应ip blackhole封锁
当outbound端口确定之后,用UDP重发TCP的初始SYN,以克服IP封锁
lua利用nfq.so与nfqueue交互
在配置了单向代理的情况下,client能够通过proxy发送请求到server,是否能够拿到server的响应。
最好能黑盒重用
按照说明编译iptables模块并配置
收到client发出的SYN之后,记录下来,然后DROP掉。用raw socket帮助client建立好TCP连接,然后再给client返回SYN+ACK继续TCP连接过程。SEQ号需要-1,因为要额外多发一个ACK包。
穿NAT墙
在得知出口ip和port之后,udp封包就可行了
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.