doc works

This commit is contained in:
bol-van 2024-11-19 17:44:53 +03:00
parent 818520452e
commit 9812630ef2
3 changed files with 6 additions and 5 deletions

View File

@ -280,7 +280,7 @@ Autostart `/usr/local/etc/rc.d/zapret.sh`:
``` ```
pfctl -a zapret -f /etc/zapret.anchor pfctl -a zapret -f /etc/zapret.anchor
pkill ^tpws$ pkill ^tpws$
tpws --daemon --port=988 --enable-pf --bind-addr=127.0.0.1 --bind-iface6=em1 --bind-linklocal=force --split-http-req=method --split-pos=2 tpws --daemon --port=988 --enable-pf --bind-addr=127.0.0.1 --bind-iface6=em1 --bind-linklocal=force --split-pos=2
``` ```
After reboot check that anchor is created and referred from the main ruleset: After reboot check that anchor is created and referred from the main ruleset:

View File

@ -372,7 +372,7 @@ nfqws: --dpi-desync-split-http-req, --dpi-desync-split-tls deprecated. compat :
nfqws: --dpi-desync=split2|disorder2 deprecated. compat: they are now synonyms for multisplit/multidisorder nfqws: --dpi-desync=split2|disorder2 deprecated. compat: they are now synonyms for multisplit/multidisorder
nfqws: cancel seqovl if MTU is exceeded (linux only). cancel seqovl for disorder if seqovl>=first_part_size. nfqws: cancel seqovl if MTU is exceeded (linux only). cancel seqovl for disorder if seqovl>=first_part_size.
nfqws: fixed splits in multiple TLS segments. nfqws: fixed splits in multiple TLS segments.
tpws: --split-tls,--split-tls deprecated. compat : these parameters add split point to multisplit. tpws: --split-http-req,--split-tls deprecated. compat : these parameters add split point to multisplit.
tpws: --tlsrec now takes pos markers. compat : old names are converted to pos markers tpws: --tlsrec now takes pos markers. compat : old names are converted to pos markers
tpws: --tlsrec-pos deprecated. compat : sets absolute pos marker tpws: --tlsrec-pos deprecated. compat : sets absolute pos marker
nfqws,tpws: chown autohostlist, autohostlist debug log and debug log files after options parse nfqws,tpws: chown autohostlist, autohostlist debug log and debug log files after options parse

View File

@ -155,9 +155,10 @@ nfqws takes the following parameters:
--dpi-desync-fooling=<mode>[,<mode>] ; can use multiple comma separated values. modes : none md5sig ts badseq badsum datanoack hopbyhop hopbyhop2 --dpi-desync-fooling=<mode>[,<mode>] ; can use multiple comma separated values. modes : none md5sig ts badseq badsum datanoack hopbyhop hopbyhop2
--dpi-desync-repeats=<N> ; send every desync packet N times --dpi-desync-repeats=<N> ; send every desync packet N times
--dpi-desync-skip-nosni=0|1 ; 1(default)=do not act on ClientHello without SNI (ESNI ?) --dpi-desync-skip-nosni=0|1 ; 1(default)=do not act on ClientHello without SNI (ESNI ?)
--dpi-desync-split-pos=<1..9216> ; data payload split position --dpi-desync-split-pos=N|-N|marker+N|marker-N ; comma separated list of split positions
--dpi-desync-split-http-req=method|host ; split at specified logical part of plain http request ; markers: method,host,endhost,sld,endsld,midsld,sniext
--dpi-desync-split-tls=sni|sniext ; split at specified logical part of TLS ClientHello ; full list is only used by multisplit and multidisorder
; fakedsplit/fakeddisorder use first l7-protocol-compatible parameter if present, first abs value otherwise
--dpi-desync-split-seqovl=N|-N|marker+N|marker-N ; use sequence overlap before first sent original split segment --dpi-desync-split-seqovl=N|-N|marker+N|marker-N ; use sequence overlap before first sent original split segment
--dpi-desync-split-seqovl-pattern=<filename>|0xHEX ; pattern for the fake part of overlap --dpi-desync-split-seqovl-pattern=<filename>|0xHEX ; pattern for the fake part of overlap
--dpi-desync-ipfrag-pos-tcp=<8..9216> ; ip frag position starting from the transport header. multiple of 8, default 8. --dpi-desync-ipfrag-pos-tcp=<8..9216> ; ip frag position starting from the transport header. multiple of 8, default 8.