drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2024-11-30 05:50:53 +03:00
Code Issues Packages Projects Releases Wiki Activity

blockcheck: wssize least priority

Browse Source
This commit is contained in:
bol-van 2021-12-13 17:01:50 +03:00
parent e2d5d5c18b
commit 089dccf278
1 changed files with 22 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
blockcheck.sh
View File

@ -23,7 +23,7 @@ HDRTEMP=/tmp/zapret-hdr.txt
ECHON="echo -n" ECHON="echo -n"
DNSCHECK_DNS="8.8.8.8 1.1.1.1 77.88.8.8" DNSCHECK_DNS="8.8.8.8 1.1.1.1 77.88.8.8"
DNSCHECK_DOM="pornhub.com putinhuylo.com rutracker.org nnmclub.to protonmail.com" DNSCHECK_DOM="pornhub.com putinhuylo.com rutracker.org nnmclub.to startmail.com"
DNSCHECK_DIG1=/tmp/dig1.txt DNSCHECK_DIG1=/tmp/dig1.txt
DNSCHECK_DIG2=/tmp/dig2.txt DNSCHECK_DIG2=/tmp/dig2.txt
DNSCHECK_DIGS=/tmp/digs.txt DNSCHECK_DIGS=/tmp/digs.txt
@ -402,7 +402,7 @@ pktws_check_domain_bypass()
# $2 - encrypted test : 1/0 # $2 - encrypted test : 1/0
# $3 - domain # $3 - domain
local strategy tests='fake' ttls s sec="$2" found local strategy tests='fake' ttls s sec="$2"
[ "$sec" = 0 ] && { [ "$sec" = 0 ] && {
for s in '--hostcase' '--hostspell=hoSt' '--hostnospace' '--domcase'; do for s in '--hostcase' '--hostspell=hoSt' '--hostnospace' '--domcase'; do
@ -441,48 +441,34 @@ pktws_check_domain_bypass()
fi fi
ttls=$(seq -s ' ' $MIN_TTL $MAX_TTL) ttls=$(seq -s ' ' $MIN_TTL $MAX_TTL)
for desync in $tests; do for e in '' '--wssize 1:6'; do
found=0 [ -n "$e" ] && {
for ttl in $ttls; do pktws_curl_test $1 $3 $e && strategy="${strategy:-$e}"
s="--dpi-desync=$desync --dpi-desync-ttl=$ttl" for desync in split2 disorder2; do
pktws_curl_test $1 $3 $s && { s="--dpi-desync=$desync $e"
found=1 pktws_curl_test $1 $3 $s && strategy="${strategy:-$s}"
strategy="${strategy:-$s}" done
break }
} for desync in $tests; do
done
[ "$sec" = 1 ] && [ "$found" = 0 ] && {
for ttl in $ttls; do for ttl in $ttls; do
s="--dpi-desync=$desync --dpi-desync-ttl=$ttl --wssize 1:6" s="--dpi-desync=$desync --dpi-desync-ttl=$ttl $e"
pktws_curl_test $1 $3 $s && { pktws_curl_test $1 $3 $s && {
found=1
strategy="${strategy:-$s}" strategy="${strategy:-$s}"
break break
} }
done done
} for fooling in badsum md5sig badseq; do
for fooling in badsum md5sig badseq; do s="--dpi-desync=$desync --dpi-desync-fooling=$fooling $e"
s="--dpi-desync=$desync --dpi-desync-fooling=$fooling" if pktws_curl_test $1 $3 $s ; then
if pktws_curl_test $1 $3 $s ; then strategy="${strategy:-$s}"
strategy="${strategy:-$s}" [ "$fooling" = "md5sig" ] && echo 'WARNING ! although md5sig fooling worked it will not work on all sites. it typically works only on linux servers.'
[ "$fooling" = "md5sig" ] && echo 'WARNING ! although md5sig fooling worked it will not work on all sites. it typically works only on linux servers.' fi
else done
[ "$sec" = 1 ] && {
s="$s --wssize 1:6"
pktws_curl_test $1 $3 $s && {
strategy="${strategy:-$s}"
[ "$fooling" = "md5sig" ] && echo 'WARNING ! although md5sig fooling worked it will not work on all sites. it typically works only on linux servers.'
}
}
fi
done done
# do not do wssize test for http. it's useless
[ "$sec" = 1 ] || break
done done
[ "$sec" = 1 ] && {
s="--wssize 1:6"
pktws_curl_test $1 $3 $s && strategy="${strategy:-$s}"
}
echo echo
if [ -n "$strategy" ]; then if [ -n "$strategy" ]; then
echo "!!!!! working strategy found : $PKTWSD $strategy !!!!!" echo "!!!!! working strategy found : $PKTWSD $strategy !!!!!"
@ -660,6 +646,7 @@ ask_params()
ask_yes_no_var IGNORE_CA "do not verify server certificate" ask_yes_no_var IGNORE_CA "do not verify server certificate"
[ "$IGNORE_CA" = 1 ] && CURL_OPT=-k [ "$IGNORE_CA" = 1 ] && CURL_OPT=-k
} }
echo
} }