Skip to content

Commit

Permalink
Add none strategy to udp-faking-strategy
Browse files Browse the repository at this point in the history
  • Loading branch information
Waujito committed Dec 29, 2024
1 parent bc345ed commit 66a7786
Show file tree
Hide file tree
Showing 6 changed files with 55 additions and 3 deletions.
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -268,6 +268,8 @@ Flags that do not scoped to a specific section, used over all the youtubeUnblock

- `--udp-dport-filter=<5,6,200-500>` Filter the UDP destination ports. Defaults to no ports. Specifie the ports you want to be handled by youtubeUnblock.

- `--udp-faking-strategy={checksum|ttl|none}` Faking strategy for udp. `checksum` will fake UDP checksum, `ttl` won't fake but will make UDP content relatively small, `none` is no faking. Defaults to none.

- `--udp-filter-quic={disabled|all}` Enables QUIC filtering for UDP handler. If disabled, quic won't be processed, if all, all quic initial packets will be handled. Defaults to disabled.

- `--quic-drop` Drop all QUIC packets which goes to youtubeUnblock. Won't affect any other UDP packets. Just an alias for `--udp-filter-quic=all --udp-mode=drop`.
Expand Down
6 changes: 5 additions & 1 deletion args.c
Original file line number Diff line number Diff line change
Expand Up @@ -347,7 +347,7 @@ void print_usage(const char *argv0) {
printf("\t--udp-mode={drop|fake}\n");
printf("\t--udp-fake-seq-len=<amount of faking packets sent>\n");
printf("\t--udp-fake-len=<size of upd fake>\n");
printf("\t--udp-faking-strategy={checksum|ttl}\n");
printf("\t--udp-faking-strategy={checksum|ttl|none}\n");
printf("\t--udp-dport-filter=<5,6,200-500>\n");
printf("\t--udp-filter-quic={disabled|all}\n");
printf("\t--threads=<threads number>\n");
Expand Down Expand Up @@ -709,6 +709,8 @@ int yparse_args(int argc, char *argv[]) {
sect_config->udp_faking_strategy = FAKE_STRAT_UDP_CHECK;
} else if (strcmp(optarg, "ttl") == 0) {
sect_config->udp_faking_strategy = FAKE_STRAT_TTL;
} else if (strcmp(optarg, "none") == 0) {
sect_config->udp_faking_strategy = FAKE_STRAT_NONE;
} else {
goto invalid_opt;
}
Expand Down Expand Up @@ -938,6 +940,8 @@ static size_t print_config_section(const struct section_config_t *section, char
break;
case FAKE_STRAT_TTL:
print_cnf_buf("--udp-faking-strategy=ttl");
case 0:
print_cnf_buf("--udp-faking-strategy=none");
}
}
break;
Expand Down
3 changes: 2 additions & 1 deletion config.h
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,7 @@ for (struct section_config_t *section = (config)->last_section; section != NULL;

#define FAKE_TTL 8

#define FAKE_STRAT_NONE 0
// Will invalidate fake packets by out-of-ack_seq out-of-seq request
#define FAKE_STRAT_RAND_SEQ (1 << 0)
// Will assume that GGC server is located further than FAKE_TTL
Expand Down Expand Up @@ -228,7 +229,7 @@ enum {
.udp_mode = UDP_MODE_FAKE, \
.udp_fake_seq_len = 6, \
.udp_fake_len = 64, \
.udp_faking_strategy = FAKE_STRAT_UDP_CHECK, \
.udp_faking_strategy = FAKE_STRAT_NONE, \
.udp_dport_range = NULL, \
.udp_dport_range_len = 0, \
.udp_filter_quic = UDP_FILTER_QUIC_DISABLED, \
Expand Down
3 changes: 2 additions & 1 deletion quic.c
Original file line number Diff line number Diff line change
Expand Up @@ -237,7 +237,8 @@ int gen_fake_udp(struct udp_fake_type type,

struct udphdr *nudph = (struct udphdr *)(buf + iph_len);
nudph->len = htons(sizeof(struct udphdr) + data_len);


set_udp_checksum(nudph, buf, iph_len);

udp_fail_packet(type.strategy, buf, &dlen, *buflen);

Expand Down
41 changes: 41 additions & 0 deletions utils.c
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
#include <libnetfilter_queue/libnetfilter_queue_ipv4.h>
#include <libnetfilter_queue/libnetfilter_queue_ipv6.h>
#include <libnetfilter_queue/libnetfilter_queue_tcp.h>
#include <libnetfilter_queue/libnetfilter_queue_udp.h>
#else
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 24))
#include <net/ip6_checksum.h>
Expand All @@ -31,6 +32,20 @@ void tcp4_set_checksum(struct tcphdr *tcph, struct iphdr *iph)
#endif
}

void udp4_set_checksum(struct udphdr *udph, struct iphdr *iph)
{
#ifdef KERNEL_SPACE
uint32_t udp_packet_len = ntohs(iph->tot_len) - (iph->ihl << 2);
udph->check = 0;
udph->check = csum_tcpudp_magic(
iph->saddr, iph->daddr, udp_packet_len,
IPPROTO_UDP,
csum_partial(udph, udp_packet_len, 0));
#else
nfq_udp_compute_checksum_ipv4(udph, iph);
#endif
}

void ip4_set_checksum(struct iphdr *iph)
{
#ifdef KERNEL_SPACE
Expand All @@ -52,6 +67,17 @@ void tcp6_set_checksum(struct tcphdr *tcph, struct ip6_hdr *iph) {
#endif
}

void udp6_set_checksum(struct udphdr *udph, struct ip6_hdr *iph) {
#ifdef KERNEL_SPACE
udph->check = 0;
udph->check = csum_ipv6_magic(&iph->saddr, &iph->daddr,
ntohs(iph->ip6_plen), IPPROTO_UDP,
csum_partial(udph, ntohs(iph->ip6_plen), 0));
#else
nfq_udp_compute_checksum_ipv6(udph, iph);
#endif
}

int set_ip_checksum(void *iph, uint32_t iphb_len) {
int ipvx = netproto_version(iph, iphb_len);

Expand All @@ -77,6 +103,21 @@ int set_tcp_checksum(struct tcphdr *tcph, void *iph, uint32_t iphb_len) {
return 0;
}

int set_udp_checksum(struct udphdr *udph, void *iph, uint32_t iphb_len) {
int ipvx = netproto_version(iph, iphb_len);

if (ipvx == IP4VERSION) {
udp4_set_checksum(udph, iph);
} else if (ipvx == IP6VERSION) {
udp6_set_checksum(udph, iph);
} else {
return -1;
}

return 0;
}


int ip4_payload_split(uint8_t *pkt, uint32_t buflen,
struct iphdr **iph, uint32_t *iph_len,
uint8_t **payload, uint32_t *plen) {
Expand Down
3 changes: 3 additions & 0 deletions utils.h
Original file line number Diff line number Diff line change
Expand Up @@ -96,9 +96,12 @@ void tcp4_set_checksum(struct tcphdr *tcph, struct iphdr *iph);
void ip4_set_checksum(struct iphdr *iph);
void ip6_set_checksum(struct ip6_hdr *iph);
void tcp6_set_checksum(struct tcphdr *tcph, struct ip6_hdr *iph);
void udp4_set_checksum(struct udphdr *udph, struct iphdr *iph);
void udp6_set_checksum(struct udphdr *udph, struct ip6_hdr *iph);

int set_ip_checksum(void *iph, uint32_t iphb_len);
int set_tcp_checksum(struct tcphdr *tcph, void *iph, uint32_t iphb_len);
int set_udp_checksum(struct udphdr *udph, void *iph, uint32_t iphb_len);

void z_function(const char *str, int *zbuf, size_t len);

Expand Down

0 comments on commit 66a7786

Please sign in to comment.