drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-05-24 22:32:58 +03:00
Code Issues Packages Projects Releases Wiki Activity

nfqws: tls client hello reassemble

Browse Source
This commit is contained in:
bol-van
2023-11-15 19:36:34 +03:00
parent f25f1f104b
commit a9a4cd5cb4
23 changed files with 377 additions and 149 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
common/ipt.sh
View File

@@ -328,9 +328,9 @@ zapret_do_firewall_rules_ipt()
# autohostlist mode requires incoming traffic sample
# always use conntrack packet limiter or nfqws will deal with gigabytes
if [ "$MODE_FILTER" = "autohostlist" ]; then
n=$((4+${AUTOHOSTLIST_RETRANS_THRESHOLD:-3}))
n=$((6+${AUTOHOSTLIST_RETRANS_THRESHOLD:-3}))
else
n=4
n=6
fi
first_packet_only="${first_packet_only}$n"

4
common/nft.sh
View File

@@ -576,9 +576,9 @@ zapret_apply_firewall_rules_nft()
# autohostlist mode requires incoming traffic sample
# always use conntrack packet limiter or nfqws will deal with gigabytes
if [ "$MODE_FILTER" = "autohostlist" ]; then
first_packet_only=$((4+${AUTOHOSTLIST_RETRANS_THRESHOLD:-3}))
first_packet_only=$((6+${AUTOHOSTLIST_RETRANS_THRESHOLD:-3}))
else
first_packet_only=4
first_packet_only=6
fi
first_packet_only="ct original packets 1-$first_packet_only"