2gW94/GoodbyeDPI
1
0
Fork 0
mirror of https://github.com/ValdikSS/GoodbyeDPI.git synced 2025-12-17 21:04:36 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: 2gW94:0.1.3
Branches Tags
2gW94:master 2gW94:more-fakes 2gW94:EgorWeders-patch-1 2gW94:quic_block 2gW94:test_windres 2gW94:openvpn 2gW94:windivert2 2gW94:masterv6 2gW94:ipv6 2gW94:windivert-test
2gW94:0.2.3rc3 2gW94:0.2.3rc2 2gW94:0.2.3rc1 2gW94:0.2.2 2gW94:0.2.1 2gW94:0.2.0 2gW94:0.1.8 2gW94:0.1.7 2gW94:0.1.6 2gW94:0.1.5 2gW94:0.1.5rc3 2gW94:0.1.5rc2 2gW94:0.1.5rc1 2gW94:0.1.4 2gW94:0.1.3 2gW94:0.1.2 2gW94:0.1.2rc3 2gW94:0.1.2rc2 2gW94:0.1.2rc1 2gW94:0.1.1 2gW94:0.1.0 2gW94:0.0.9 2gW94:0.0.8 2gW94:0.0.7 2gW94:0.0.6 2gW94:0.0.5 2gW94:0.0.4 2gW94:0.0.3 2gW94:0.0.2 2gW94:0.0.1
...
compare: 2gW94:ipv6
Branches Tags
2gW94:master 2gW94:more-fakes 2gW94:EgorWeders-patch-1 2gW94:quic_block 2gW94:test_windres 2gW94:openvpn 2gW94:windivert2 2gW94:masterv6 2gW94:ipv6 2gW94:windivert-test
2gW94:0.2.3rc3 2gW94:0.2.3rc2 2gW94:0.2.3rc1 2gW94:0.2.2 2gW94:0.2.1 2gW94:0.2.0 2gW94:0.1.8 2gW94:0.1.7 2gW94:0.1.6 2gW94:0.1.5 2gW94:0.1.5rc3 2gW94:0.1.5rc2 2gW94:0.1.5rc1 2gW94:0.1.4 2gW94:0.1.3 2gW94:0.1.2 2gW94:0.1.2rc3 2gW94:0.1.2rc2 2gW94:0.1.2rc1 2gW94:0.1.1 2gW94:0.1.0 2gW94:0.0.9 2gW94:0.0.8 2gW94:0.0.7 2gW94:0.0.6 2gW94:0.0.5 2gW94:0.0.4 2gW94:0.0.3 2gW94:0.0.2 2gW94:0.0.1

13 Commits
0.1.3 ... ipv6

Author SHA1 Message Date
ValdikSS
860f483ac3 IPv6 DNS redirection 2018-02-16 19:45:55 +03:00
ValdikSS
3d36127f5b Handle IPv6 packets and prepare for IPv6 DNS redirection 2018-02-16 17:35:24 +03:00
ValdikSS
8e7f4ff505 Properly exclude Teredo 2017-12-25 00:05:28 +03:00
ValdikSS
5e9e1f0eb6 Preliminary IPv6 support. 
No IPv6 support in DNS redirection code. IPv6 DNS request packets
would be dropped.
 2017-12-24 20:21:32 +03:00
ValdikSS
3ffce30871 Minor modifications. 
* puts() instead of printf("%s")
* strdup() instead of malloc + strcpy
 2017-12-24 20:19:18 +03:00
ValdikSS
eaac2d1a80 Minor service fixes 2017-12-21 23:52:23 +03:00
ValdikSS
ccd21a4281 ntohs -> htons (they produce the same output, but still) 2017-12-21 23:50:07 +03:00
ValdikSS
23babdc8fa Windows Service support. 
Program can now be started as a Windows Service. No additional
arguments needed. Refer to `service_install` and `service_remove`
scripts in released zip file.
 2017-12-20 17:03:22 +03:00
ValdikSS
95765f3ed9 Store fragment_size_message as a pointer 2017-12-20 17:01:21 +03:00
ValdikSS
a5b185c2a9 Set proper options if started without arguments 2017-12-20 12:36:21 +03:00
ValdikSS
c9cd3ac8c7 Fix signed/unsigned integer comparison warning for HTTP fragmentation 2017-12-20 04:05:28 +03:00
ValdikSS
fab9662ac9 Use WinDivert TCP Header structure to change Window Size 2017-12-20 04:04:40 +03:00
ValdikSS
a88ab4337e Apply HTTP Persistent fragmentation only for sufficiently large packets 2017-12-20 03:33:30 +03:00
7 changed files with 459 additions and 149 deletions
Expand all files Collapse all files

22
README.md
View File

@@ -79,26 +79,8 @@ And for x86_64:
# How to install as Windows Service # How to install as Windows Service
One way is using an [srvstart](http://www.rozanski.org.uk/software) program. Use `service_install_russia_blacklist.cmd`, `service_install_russia_blacklist_dnsredir.cmd` and `service_remove.cmd` scripts.
Unpack it to `goodbyedpi` directory and create 3 files: Modify them according to your own needs.
*goodbyedpi.ini*
```INI
[GoodByeDPI]
startup=goodbyedpi.exe
shutdown_method=winmessage
auto_restart=n
```
*srvinstall.bat*
```Batchfile
srvstart install GoodByeDPI -c %CD%\goodbyedpi.ini
```
*srvremove.bat*
```Batchfile
srvstart remove GoodByeDPI
```
Run these batch files as Administrator to install/remove service.
Open Windows Services panel to run service or make it start automaticaly.
# Similar projects # Similar projects

98
dnsredir.c
View File

@@ -17,8 +17,8 @@
#include "dnsredir.h" #include "dnsredir.h"
#include "uthash.h" #include "uthash.h"
// IPv6 incompatible! /* key ('4' for IPv4 or '6' for IPv6 + srcip[16] + srcport[2]) */
#define UDP_CONNRECORD_KEY_LEN 6 #define UDP_CONNRECORD_KEY_LEN 19
#define DNS_CLEANUP_INTERVAL_SEC 30 #define DNS_CLEANUP_INTERVAL_SEC 30
@@ -32,10 +32,10 @@
#define uthash_strlen(s) UDP_CONNRECORD_KEY_LEN #define uthash_strlen(s) UDP_CONNRECORD_KEY_LEN
typedef struct udp_connrecord { typedef struct udp_connrecord {
/* key (srcip[4] + srcport[2]) */ /* key ('4' for IPv4 or '6' for IPv6 + srcip[16] + srcport[2]) */
char key[UDP_CONNRECORD_KEY_LEN]; char key[UDP_CONNRECORD_KEY_LEN];
time_t time; /* time when this record was added */ time_t time; /* time when this record was added */
uint32_t dstip; uint32_t dstip[4];
uint16_t dstport; uint16_t dstport;
UT_hash_handle hh; /* makes this structure hashable */ UT_hash_handle hh; /* makes this structure hashable */
} udp_connrecord_t; } udp_connrecord_t;
@@ -59,26 +59,60 @@ void flush_dns_cache() {
FreeLibrary(dnsapi); FreeLibrary(dnsapi);
} }
inline static void construct_key(const uint32_t srcip, const uint16_t srcport, char *key) { inline static void fill_key_data(char *key, const uint8_t is_ipv6, const uint32_t srcip[4],
const uint16_t srcport)
{
if (is_ipv6) {
*(uint8_t*)(key) = '6';
ipv6_copy_addr((uint32_t*)(key + sizeof(uint8_t)), srcip);
}
else {
*(uint8_t*)(key) = '4';
ipv4_copy_addr((uint32_t*)(key + sizeof(uint8_t)), srcip);
}
*(uint16_t*)(key + sizeof(uint8_t) + sizeof(uint32_t) * 4) = srcport;
}
inline static void fill_data_from_key(uint8_t *is_ipv6, uint32_t srcip[4], uint16_t *srcport,
const char *key)
{
if (key[0] == '6') {
*is_ipv6 = 1;
ipv6_copy_addr(srcip, (uint32_t*)(key + sizeof(uint8_t)));
}
else {
*is_ipv6 = 0;
ipv4_copy_addr(srcip, (uint32_t*)(key + sizeof(uint8_t)));
}
*srcport = *(uint16_t*)(key + sizeof(uint8_t) + sizeof(uint32_t) * 4);
}
inline static void construct_key(const uint32_t srcip[4], const uint16_t srcport,
char *key, int is_ipv6)
{
debug("Construct key enter\n"); debug("Construct key enter\n");
if (key) { if (key) {
debug("Constructing key\n"); debug("Constructing key\n");
fill_key_data(key, is_ipv6, srcip, srcport);
*(uint32_t*)(key) = srcip;
*(uint16_t*)(key + sizeof(srcip)) = srcport;
} }
debug("Construct key end\n"); debug("Construct key end\n");
} }
inline static void deconstruct_key(const char *key, udp_connrecord_t *connrecord, inline static void deconstruct_key(const char *key, const udp_connrecord_t *connrecord,
conntrack_info_t *conn_info) { conntrack_info_t *conn_info)
{
debug("Deconstruct key enter\n"); debug("Deconstruct key enter\n");
if (key && conn_info) { if (key && conn_info) {
debug("Deconstructing key\n"); debug("Deconstructing key\n");
fill_data_from_key(&conn_info->is_ipv6, conn_info->srcip,
&conn_info->srcport, key);
if (conn_info->is_ipv6)
ipv6_copy_addr(conn_info->dstip, connrecord->dstip);
else
ipv4_copy_addr(conn_info->dstip, connrecord->dstip);
conn_info->srcip = *(uint32_t*)(key);
conn_info->srcport = *(uint16_t*)(key + sizeof(conn_info->srcip));
conn_info->dstip = connrecord->dstip;
conn_info->dstport = connrecord->dstport; conn_info->dstport = connrecord->dstport;
} }
debug("Deconstruct key end\n"); debug("Deconstruct key end\n");
@@ -99,17 +133,26 @@ static int check_get_udp_conntrack_key(const char *key, udp_connrecord_t **connr
return FALSE; return FALSE;
} }
static int add_udp_conntrack(const uint32_t srcip, const uint16_t srcport, static int add_udp_conntrack(const uint32_t srcip[4], const uint16_t srcport,
const uint32_t dstip, const uint16_t dstport) { const uint32_t dstip[4], const uint16_t dstport,
const int is_ipv6
)
{
if (!(srcip && srcport && dstip && dstport)) if (!(srcip && srcport && dstip && dstport))
return FALSE; return FALSE;
udp_connrecord_t *tmp_connrecord = malloc(sizeof(udp_connrecord_t)); udp_connrecord_t *tmp_connrecord = malloc(sizeof(udp_connrecord_t));
construct_key(srcip, srcport, tmp_connrecord->key); construct_key(srcip, srcport, tmp_connrecord->key, is_ipv6);
if (!check_get_udp_conntrack_key(tmp_connrecord->key, NULL)) { if (!check_get_udp_conntrack_key(tmp_connrecord->key, NULL)) {
tmp_connrecord->time = time(NULL); tmp_connrecord->time = time(NULL);
tmp_connrecord->dstip = dstip;
if (is_ipv6) {
ipv6_copy_addr(tmp_connrecord->dstip, dstip);
}
else {
ipv4_copy_addr(tmp_connrecord->dstip, dstip);
}
tmp_connrecord->dstport = dstport; tmp_connrecord->dstport = dstport;
HASH_ADD_STR(conntrack, key, tmp_connrecord); HASH_ADD_STR(conntrack, key, tmp_connrecord);
debug("Added UDP conntrack\n"); debug("Added UDP conntrack\n");
@@ -120,7 +163,7 @@ static int add_udp_conntrack(const uint32_t srcip, const uint16_t srcport,
return FALSE; return FALSE;
} }
void dns_cleanup() { static void dns_cleanup() {
udp_connrecord_t *tmp_connrecord, *tmp_connrecord2 = NULL; udp_connrecord_t *tmp_connrecord, *tmp_connrecord2 = NULL;
if (last_cleanup == 0) { if (last_cleanup == 0) {
@@ -154,10 +197,11 @@ int dns_is_dns_packet(const char *packet_data, const UINT packet_dataLen, const
return FALSE; return FALSE;
} }
int dns_handle_outgoing(const uint32_t srcip, const uint16_t srcport, int dns_handle_outgoing(const uint32_t srcip[4], const uint16_t srcport,
const uint32_t dstip, const uint16_t dstport, const uint32_t dstip[4], const uint16_t dstport,
const char *packet_data, const UINT packet_dataLen) { const char *packet_data, const UINT packet_dataLen,
const uint8_t is_ipv6)
{
if (packet_dataLen < 16) if (packet_dataLen < 16)
return FALSE; return FALSE;
@@ -166,16 +210,16 @@ int dns_handle_outgoing(const uint32_t srcip, const uint16_t srcport,
if (dns_is_dns_packet(packet_data, packet_dataLen, 1)) { if (dns_is_dns_packet(packet_data, packet_dataLen, 1)) {
/* Looks like DNS request */ /* Looks like DNS request */
debug("trying to add srcport = %hu, dstport = %hu\n", ntohs(srcport), ntohs(dstport)); debug("trying to add srcport = %hu, dstport = %hu\n", ntohs(srcport), ntohs(dstport));
return add_udp_conntrack(srcip, srcport, dstip, dstport); return add_udp_conntrack(srcip, srcport, dstip, dstport, is_ipv6);
} }
debug("____dns_handle_outgoing FALSE: srcport = %hu, dstport = %hu\n", ntohs(srcport), ntohs(dstport)); debug("____dns_handle_outgoing FALSE: srcport = %hu, dstport = %hu\n", ntohs(srcport), ntohs(dstport));
return FALSE; return FALSE;
} }
int dns_handle_incoming(const uint32_t srcip, const uint16_t srcport, int dns_handle_incoming(const uint32_t srcip[4], const uint16_t srcport,
const char *packet_data, const UINT packet_dataLen, const char *packet_data, const UINT packet_dataLen,
conntrack_info_t *conn_info) { conntrack_info_t *conn_info, const uint8_t is_ipv6)
{
char key[UDP_CONNRECORD_KEY_LEN]; char key[UDP_CONNRECORD_KEY_LEN];
udp_connrecord_t *tmp_connrecord = NULL; udp_connrecord_t *tmp_connrecord = NULL;
@@ -186,7 +230,7 @@ int dns_handle_incoming(const uint32_t srcip, const uint16_t srcport,
if (dns_is_dns_packet(packet_data, packet_dataLen, 0)) { if (dns_is_dns_packet(packet_data, packet_dataLen, 0)) {
/* Looks like DNS response */ /* Looks like DNS response */
construct_key(srcip, srcport, key); construct_key(srcip, srcport, key, is_ipv6);
if (check_get_udp_conntrack_key(key, &tmp_connrecord) && tmp_connrecord) { if (check_get_udp_conntrack_key(key, &tmp_connrecord) && tmp_connrecord) {
/* Connection exists in conntrack, moving on */ /* Connection exists in conntrack, moving on */
deconstruct_key(key, tmp_connrecord, conn_info); deconstruct_key(key, tmp_connrecord, conn_info);

33
dnsredir.h
View File

@@ -1,19 +1,36 @@
#include <stdint.h> #include <stdint.h>
typedef struct conntrack_info { typedef struct conntrack_info {
uint32_t srcip; uint8_t is_ipv6;
uint32_t srcip[4];
uint16_t srcport; uint16_t srcport;
uint32_t dstip; uint32_t dstip[4];
uint16_t dstport; uint16_t dstport;
} conntrack_info_t; } conntrack_info_t;
int dns_handle_incoming(const uint32_t srcip, const uint16_t srcport, inline static void ipv4_copy_addr(uint32_t dst[4], const uint32_t src[4]) {
const char *packet_data, const UINT packet_dataLen, dst[0] = src[0];
conntrack_info_t *conn_info); dst[1] = 0;
dst[2] = 0;
dst[3] = 0;
}
int dns_handle_outgoing(const uint32_t srcip, const uint16_t srcport, inline static void ipv6_copy_addr(uint32_t dst[4], const uint32_t src[4]) {
const uint32_t dstip, const uint16_t dstport, dst[0] = src[0];
const char *packet_data, const UINT packet_dataLen); dst[1] = src[1];
dst[2] = src[2];
dst[3] = src[3];
}
int dns_handle_incoming(const uint32_t srcip[4], const uint16_t srcport,
const char *packet_data, const UINT packet_dataLen,
conntrack_info_t *conn_info, const uint8_t is_ipv6);
int dns_handle_outgoing(const uint32_t srcip[4], const uint16_t srcport,
const uint32_t dstip[4], const uint16_t dstport,
const char *packet_data, const UINT packet_dataLen,
const uint8_t is_ipv6
);
void flush_dns_cache(); void flush_dns_cache();
int dns_is_dns_packet(const char *packet_data, const UINT packet_dataLen, const int outgoing); int dns_is_dns_packet(const char *packet_data, const UINT packet_dataLen, const int outgoing);

353
goodbyedpi.c
View File

@@ -9,29 +9,31 @@
#include <unistd.h> #include <unistd.h>
#include <string.h> #include <string.h>
#include <getopt.h> #include <getopt.h>
#include <in6addr.h>
#include <ws2tcpip.h>
#include "windivert.h" #include "windivert.h"
#include "goodbyedpi.h" #include "goodbyedpi.h"
#include "service.h"
#include "dnsredir.h" #include "dnsredir.h"
#include "blackwhitelist.h" #include "blackwhitelist.h"
WINSOCK_API_LINKAGE INT WSAAPI inet_pton(INT Family, LPCSTR pStringBuf, PVOID pAddr);
#define die() do { printf("Something went wrong!\n" \ #define die() do { printf("Something went wrong!\n" \
"Make sure you're running this program with administrator privileges\n"); \ "Make sure you're running this program with administrator privileges\n"); \
sleep(10); exit(EXIT_FAILURE); } while (0) sleep(10); exit(EXIT_FAILURE); } while (0)
#define MAX_FILTERS 4 #define MAX_FILTERS 4
#define MAX_PACKET_SIZE 9016 #define MAX_PACKET_SIZE 9016
#define IPV4_HDR_LEN 20
#define TCP_HDR_LEN 20
#define TCP_WINDOWSIZE_OFFSET 14
#define DIVERT_NO_LOCALNETS_DST "(" \ #define DIVERT_NO_LOCALNETSv4_DST "(" \
"(ip.DstAddr < 127.0.0.1 or ip.DstAddr > 127.255.255.255) and " \ "(ip.DstAddr < 127.0.0.1 or ip.DstAddr > 127.255.255.255) and " \
"(ip.DstAddr < 10.0.0.0 or ip.DstAddr > 10.255.255.255) and " \ "(ip.DstAddr < 10.0.0.0 or ip.DstAddr > 10.255.255.255) and " \
"(ip.DstAddr < 192.168.0.0 or ip.DstAddr > 192.168.255.255) and " \ "(ip.DstAddr < 192.168.0.0 or ip.DstAddr > 192.168.255.255) and " \
"(ip.DstAddr < 172.16.0.0 or ip.DstAddr > 172.31.255.255) and " \ "(ip.DstAddr < 172.16.0.0 or ip.DstAddr > 172.31.255.255) and " \
"(ip.DstAddr < 169.254.0.0 or ip.DstAddr > 169.254.255.255)" \ "(ip.DstAddr < 169.254.0.0 or ip.DstAddr > 169.254.255.255)" \
")" ")"
#define DIVERT_NO_LOCALNETS_SRC "(" \ #define DIVERT_NO_LOCALNETSv4_SRC "(" \
"(ip.SrcAddr < 127.0.0.1 or ip.SrcAddr > 127.255.255.255) and " \ "(ip.SrcAddr < 127.0.0.1 or ip.SrcAddr > 127.255.255.255) and " \
"(ip.SrcAddr < 10.0.0.0 or ip.SrcAddr > 10.255.255.255) and " \ "(ip.SrcAddr < 10.0.0.0 or ip.SrcAddr > 10.255.255.255) and " \
"(ip.SrcAddr < 192.168.0.0 or ip.SrcAddr > 192.168.255.255) and " \ "(ip.SrcAddr < 192.168.0.0 or ip.SrcAddr > 192.168.255.255) and " \
@@ -39,15 +41,30 @@
"(ip.SrcAddr < 169.254.0.0 or ip.SrcAddr > 169.254.255.255)" \ "(ip.SrcAddr < 169.254.0.0 or ip.SrcAddr > 169.254.255.255)" \
")" ")"
#define DIVERT_NO_LOCALNETSv6_DST "(" \
"(ipv6.DstAddr > ::1) and " \
"(ipv6.DstAddr < 2001::0 or ipv6.DstAddr > 2001:1::0) and " \
"(ipv6.DstAddr < fc00::0 or ipv6.DstAddr > fe00::0) and " \
"(ipv6.DstAddr < fe80::0 or ipv6.DstAddr > fec0::0) and " \
"(ipv6.DstAddr < ff00::0 or ipv6.DstAddr > ffff::0)" \
")"
#define DIVERT_NO_LOCALNETSv6_SRC "(" \
"(ipv6.SrcAddr > ::1) and " \
"(ipv6.SrcAddr < 2001::0 or ipv6.SrcAddr > 2001:1::0) and " \
"(ipv6.SrcAddr < fc00::0 or ipv6.SrcAddr > fe00::0) and " \
"(ipv6.SrcAddr < fe80::0 or ipv6.SrcAddr > fec0::0) and " \
"(ipv6.SrcAddr < ff00::0 or ipv6.SrcAddr > ffff::0)" \
")"
#define SET_HTTP_FRAGMENT_SIZE_OPTION(fragment_size) do { \ #define SET_HTTP_FRAGMENT_SIZE_OPTION(fragment_size) do { \
if (!http_fragment_size) { \ if (!http_fragment_size) { \
http_fragment_size = fragment_size; \ if (fragment_size <= 0 || fragment_size > 65535) { \
if (http_fragment_size <= 0 || http_fragment_size > 65535) { \ puts("Fragment size should be in range [0 - 65535]\n"); \
printf(fragment_size_message); \
exit(EXIT_FAILURE); \ exit(EXIT_FAILURE); \
} \ } \
http_fragment_size = fragment_size; \
} \ } \
else if (http_fragment_size != fragment_size) { \ else if (http_fragment_size != (unsigned int)fragment_size) { \
printf( \ printf( \
"WARNING: HTTP fragment size is already set to %d, not changing.\n", \ "WARNING: HTTP fragment size is already set to %d, not changing.\n", \
http_fragment_size \ http_fragment_size \
@@ -55,6 +72,7 @@
} \ } \
} while (0) } while (0)
static int running_from_service = 0;
static HANDLE filters[MAX_FILTERS]; static HANDLE filters[MAX_FILTERS];
static int filter_num = 0; static int filter_num = 0;
static const char *http10_redirect_302 = "HTTP/1.0 302 "; static const char *http10_redirect_302 = "HTTP/1.0 302 ";
@@ -75,28 +93,35 @@ static const char *http_methods[] = {
}; };
static struct option long_options[] = { static struct option long_options[] = {
{"port", required_argument, 0, 'z' }, {"port", required_argument, 0, 'z' },
{"dns-addr", required_argument, 0, 'd' }, {"dns-addr", required_argument, 0, 'd' },
{"dns-port", required_argument, 0, 'g' }, {"dns-port", required_argument, 0, 'g' },
{"dns-verb", no_argument, 0, 'v' }, {"dnsv6-addr", required_argument, 0, '!' },
{"blacklist", required_argument, 0, 'b' }, {"dnsv6-port", required_argument, 0, '@' },
{0, 0, 0, 0 } {"dns-verb", no_argument, 0, 'v' },
{"blacklist", required_argument, 0, 'b' },
{0, 0, 0, 0 }
}; };
static char *filter_string = NULL; static char *filter_string = NULL;
static char *filter_string_template = "(ip and tcp and " static char *filter_string_template = "(tcp and "
"(inbound and ((" "(inbound and ("
"((ip.Id == 0x0001 or ip.Id == 0x0000) and tcp.SrcPort == 80 and tcp.Ack) or " "("
"((tcp.SrcPort == 80 or tcp.SrcPort == 443) and tcp.Ack and tcp.Syn)" "("
") and " DIVERT_NO_LOCALNETS_SRC ") or " "(ip.Id >= 0x0 and ip.Id <= 0xF) and "
"tcp.SrcPort == 80 and tcp.Ack"
") or "
"((tcp.SrcPort == 80 or tcp.SrcPort == 443) and tcp.Ack and tcp.Syn)"
")"
" and (" DIVERT_NO_LOCALNETSv4_SRC " or " DIVERT_NO_LOCALNETSv6_SRC ")) or "
"(outbound and " "(outbound and "
"(tcp.DstPort == 80 or tcp.DstPort == 443) and tcp.Ack and " "(tcp.DstPort == 80 or tcp.DstPort == 443) and tcp.Ack and "
DIVERT_NO_LOCALNETS_DST ")" "(" DIVERT_NO_LOCALNETSv4_DST " or " DIVERT_NO_LOCALNETSv6_DST "))"
"))"; "))";
static void add_filter_str(int proto, int port) { static void add_filter_str(int proto, int port) {
const char *udp = " or (ip and udp and (udp.SrcPort == %d or udp.DstPort == %d))"; const char *udp = " or (udp and (udp.SrcPort == %d or udp.DstPort == %d))";
const char *tcp = " or (ip and tcp and (tcp.SrcPort == %d or tcp.DstPort == %d))"; const char *tcp = " or (tcp and (tcp.SrcPort == %d or tcp.DstPort == %d))";
char *current_filter = filter_string; char *current_filter = filter_string;
int new_filter_size = strlen(current_filter) + int new_filter_size = strlen(current_filter) +
@@ -134,7 +159,7 @@ static HANDLE init(char *filter, UINT64 flags) {
FORMAT_MESSAGE_IGNORE_INSERTS, FORMAT_MESSAGE_IGNORE_INSERTS,
NULL, GetLastError(), MAKELANGID(LANG_ENGLISH, SUBLANG_DEFAULT), NULL, GetLastError(), MAKELANGID(LANG_ENGLISH, SUBLANG_DEFAULT),
(LPTSTR)&errormessage, 0, NULL); (LPTSTR)&errormessage, 0, NULL);
printf("%s", errormessage); puts(errormessage);
free(errormessage); free(errormessage);
return NULL; return NULL;
} }
@@ -147,7 +172,7 @@ static int deinit(HANDLE handle) {
return FALSE; return FALSE;
} }
static void deinit_all() { void deinit_all() {
for (int i = 0; i < filter_num; i++) { for (int i = 0; i < filter_num; i++) {
deinit(filters[i]); deinit(filters[i]);
} }
@@ -216,9 +241,9 @@ static int find_header_and_get_info(const char *pktdata, int pktlen,
return FALSE; return FALSE;
} }
static void change_window_size(const char *pkt, int size) { static inline void change_window_size(const PWINDIVERT_TCPHDR ppTcpHdr, int size) {
if (size >= 1 && size <= 65535) { if (size >= 1 && size <= 65535) {
*(uint16_t*)(pkt + IPV4_HDR_LEN + TCP_WINDOWSIZE_OFFSET) = htons(size); ppTcpHdr->Window = htons(size);
} }
} }
@@ -246,10 +271,14 @@ static PVOID find_http_method_end(const char *pkt, int http_frag, int *is_fragme
} }
int main(int argc, char *argv[]) { int main(int argc, char *argv[]) {
static const char fragment_size_message[] = static enum packet_type_e {
"Fragment size should be in range [0 - 65535]\n"; unknown,
ipv4_tcp, ipv4_tcp_data, ipv4_udp_data,
ipv6_tcp, ipv6_tcp_data, ipv6_udp_data
} packet_type;
int i, should_reinject, should_recalc_checksum = 0; int i, should_reinject, should_recalc_checksum = 0;
int opt; int opt;
int packet_v4, packet_v6;
HANDLE w_filter = NULL; HANDLE w_filter = NULL;
WINDIVERT_ADDRESS addr; WINDIVERT_ADDRESS addr;
char packet[MAX_PACKET_SIZE]; char packet[MAX_PACKET_SIZE];
@@ -257,6 +286,7 @@ int main(int argc, char *argv[]) {
UINT packetLen; UINT packetLen;
UINT packet_dataLen; UINT packet_dataLen;
PWINDIVERT_IPHDR ppIpHdr; PWINDIVERT_IPHDR ppIpHdr;
PWINDIVERT_IPV6HDR ppIpV6Hdr;
PWINDIVERT_TCPHDR ppTcpHdr; PWINDIVERT_TCPHDR ppTcpHdr;
PWINDIVERT_UDPHDR ppUdpHdr; PWINDIVERT_UDPHDR ppUdpHdr;
conntrack_info_t dns_conn_info; conntrack_info_t dns_conn_info;
@@ -267,12 +297,16 @@ int main(int argc, char *argv[]) {
do_fragment_https = 0, do_host = 0, do_fragment_https = 0, do_host = 0,
do_host_removespace = 0, do_additional_space = 0, do_host_removespace = 0, do_additional_space = 0,
do_http_allports = 0, do_http_allports = 0,
do_host_mixedcase = 0, do_dns_redirect = 0, do_host_mixedcase = 0,
do_dnsv4_redirect = 0, do_dnsv6_redirect = 0,
do_dns_verb = 0, do_blacklist = 0; do_dns_verb = 0, do_blacklist = 0;
int http_fragment_size = 2; unsigned int http_fragment_size = 2;
int https_fragment_size = 2; unsigned int https_fragment_size = 2;
uint32_t dns_addr = 0; uint32_t dnsv4_addr = 0;
uint16_t dns_port = htons(53); struct in6_addr dnsv6_addr = {0};
struct in6_addr dns_temp_addr = {0};
uint16_t dnsv4_port = htons(53);
uint16_t dnsv6_port = htons(53);
char *host_addr, *useragent_addr, *method_addr; char *host_addr, *useragent_addr, *method_addr;
int host_len, useragent_len; int host_len, useragent_len;
int http_req_fragmented; int http_req_fragmented;
@@ -280,17 +314,35 @@ int main(int argc, char *argv[]) {
char *hdr_name_addr = NULL, *hdr_value_addr = NULL; char *hdr_name_addr = NULL, *hdr_value_addr = NULL;
int hdr_value_len; int hdr_value_len;
if (filter_string == NULL) { if (!running_from_service) {
filter_string = malloc(strlen(filter_string_template) + 1); running_from_service = 1;
strcpy(filter_string, filter_string_template); if (service_register(argc, argv)) {
/* We've been called as a service. Register service
* and exit this thread. main() would be called from
* service.c next time.
*
* Note that if service_register() succeedes it does
* not return until the service is stopped.
* That is why we should set running_from_service
* before calling service_register and unset it
* afterwards.
*/
return 0;
}
running_from_service = 0;
} }
if (filter_string == NULL)
filter_string = strdup(filter_string_template);
printf("GoodbyeDPI: Passive DPI blocker and Active DPI circumvention utility\n"); printf("GoodbyeDPI: Passive DPI blocker and Active DPI circumvention utility\n");
if (argc == 1) { if (argc == 1) {
/* enable mode -1 by default */ /* enable mode -1 by default */
do_passivedpi = do_host = do_host_removespace \ do_passivedpi = do_host = do_host_removespace \
= do_fragment_http = do_fragment_https = 1; = do_fragment_http = do_fragment_https \
= do_fragment_http_persistent \
= do_fragment_http_persistent_nowait = 1;
} }
while ((opt = getopt_long(argc, argv, "1234prsaf:e:mwk:n", long_options, NULL)) != -1) { while ((opt = getopt_long(argc, argv, "1234prsaf:e:mwk:n", long_options, NULL)) != -1) {
@@ -347,7 +399,7 @@ int main(int argc, char *argv[]) {
do_fragment_https = 1; do_fragment_https = 1;
https_fragment_size = atoi(optarg); https_fragment_size = atoi(optarg);
if (https_fragment_size <= 0 || https_fragment_size > 65535) { if (https_fragment_size <= 0 || https_fragment_size > 65535) {
printf(fragment_size_message); puts("Fragment size should be in range [0 - 65535]\n");
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
break; break;
@@ -366,33 +418,70 @@ int main(int argc, char *argv[]) {
i = 0; i = 0;
break; break;
case 'd': case 'd':
if (!do_dns_redirect) { if ((inet_pton(AF_INET, optarg, dns_temp_addr.s6_addr) == 1) &&
do_dns_redirect = 1; !do_dnsv4_redirect)
dns_addr = inet_addr(optarg); {
if (!dns_addr) { do_dnsv4_redirect = 1;
printf("DNS address parameter error!\n"); if (inet_pton(AF_INET, optarg, &dnsv4_addr) != 1) {
puts("DNS address parameter error!");
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
add_filter_str(IPPROTO_UDP, 53); add_filter_str(IPPROTO_UDP, 53);
flush_dns_cache(); flush_dns_cache();
break;
} }
puts("DNS address parameter error!");
exit(EXIT_FAILURE);
break;
case '!':
if ((inet_pton(AF_INET6, optarg, dns_temp_addr.s6_addr) == 1) &&
!do_dnsv6_redirect)
{
do_dnsv6_redirect = 1;
if (inet_pton(AF_INET6, optarg, dnsv6_addr.s6_addr) != 1) {
puts("DNS address parameter error!");
exit(EXIT_FAILURE);
}
add_filter_str(IPPROTO_UDP, 53);
flush_dns_cache();
break;
}
puts("DNS address parameter error!");
exit(EXIT_FAILURE);
break; break;
case 'g': case 'g':
if (!do_dns_redirect) { if (!do_dnsv4_redirect) {
printf("--dns-port should be used with --dns-addr!\n" puts("--dns-port should be used with --dns-addr!\n"
"Make sure you use --dns-addr and pass it before " "Make sure you use --dns-addr and pass it before "
"--dns-port\n"); "--dns-port");
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
dns_port = atoi(optarg); dnsv4_port = atoi(optarg);
if (atoi(optarg) <= 0 || atoi(optarg) > 65535) { if (atoi(optarg) <= 0 || atoi(optarg) > 65535) {
printf("DNS port parameter error!\n"); puts("DNS port parameter error!");
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
if (dns_port != 53) { if (dnsv4_port != 53) {
add_filter_str(IPPROTO_UDP, dns_port); add_filter_str(IPPROTO_UDP, dnsv4_port);
} }
dns_port = ntohs(dns_port); dnsv4_port = htons(dnsv4_port);
break;
case '@':
if (!do_dnsv6_redirect) {
puts("--dnsv6-port should be used with --dnsv6-addr!\n"
"Make sure you use --dnsv6-addr and pass it before "
"--dnsv6-port");
exit(EXIT_FAILURE);
}
dnsv6_port = atoi(optarg);
if (atoi(optarg) <= 0 || atoi(optarg) > 65535) {
puts("DNS port parameter error!");
exit(EXIT_FAILURE);
}
if (dnsv6_port != 53) {
add_filter_str(IPPROTO_UDP, dnsv6_port);
}
dnsv6_port = htons(dnsv6_port);
break; break;
case 'v': case 'v':
do_dns_verb = 1; do_dns_verb = 1;
@@ -405,7 +494,7 @@ int main(int argc, char *argv[]) {
} }
break; break;
default: default:
printf("Usage: goodbyedpi.exe [OPTION...]\n" puts("Usage: goodbyedpi.exe [OPTION...]\n"
" -p block passive DPI\n" " -p block passive DPI\n"
" -r replace Host with hoSt\n" " -r replace Host with hoSt\n"
" -s remove space between host header and its value\n" " -s remove space between host header and its value\n"
@@ -416,17 +505,19 @@ int main(int argc, char *argv[]) {
" -n do not wait for first segment ACK when -k is enabled\n" " -n do not wait for first segment ACK when -k is enabled\n"
" -e [value] set HTTPS fragmentation to value\n" " -e [value] set HTTPS fragmentation to value\n"
" -w try to find and parse HTTP traffic on all processed ports (not only on port 80)\n" " -w try to find and parse HTTP traffic on all processed ports (not only on port 80)\n"
" --port [value] additional TCP port to perform fragmentation on (and HTTP tricks with -w)\n" " --port [value] additional TCP port to perform fragmentation on (and HTTP tricks with -w)\n"
" --dns-addr [value] redirect UDP DNS requests to the supplied IP address (experimental)\n" " --dns-addr [value] redirect UDPv4 DNS requests to the supplied IPv4 address (experimental)\n"
" --dns-port [value] redirect UDP DNS requests to the supplied port (53 by default)\n" " --dns-port [value] redirect UDPv4 DNS requests to the supplied port (53 by default)\n"
" --dns-verb print verbose DNS redirection messages\n" " --dnsv6-addr [value] redirect UDPv6 DNS requests to the supplied IPv6 address (experimental)\n"
" --blacklist [txtfile] perform HTTP tricks only to host names and subdomains from\n" " --dnsv6-port [value] redirect UDPv6 DNS requests to the supplied port (53 by default)\n"
" supplied text file. This option can be supplied multiple times.\n" " --dns-verb print verbose DNS redirection messages\n"
" --blacklist [txtfile] perform HTTP tricks only to host names and subdomains from\n"
" supplied text file. This option can be supplied multiple times.\n"
"\n" "\n"
" -1 -p -r -s -f 2 -k 2 -n -e 2 (most compatible mode, default)\n" " -1 -p -r -s -f 2 -k 2 -n -e 2 (most compatible mode, default)\n"
" -2 -p -r -s -f 2 -k 2 -n -e 40 (better speed for HTTPS yet still compatible)\n" " -2 -p -r -s -f 2 -k 2 -n -e 40 (better speed for HTTPS yet still compatible)\n"
" -3 -p -r -s -e 40 (better speed for HTTP and HTTPS)\n" " -3 -p -r -s -e 40 (better speed for HTTP and HTTPS)\n"
" -4 -p -r -s (best speed)\n"); " -4 -p -r -s (best speed)");
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
} }
@@ -434,12 +525,14 @@ int main(int argc, char *argv[]) {
printf("Block passive: %d, Fragment HTTP: %d, Fragment persistent HTTP: %d, " printf("Block passive: %d, Fragment HTTP: %d, Fragment persistent HTTP: %d, "
"Fragment HTTPS: %d, " "Fragment HTTPS: %d, "
"hoSt: %d, Host no space: %d, Additional space: %d, Mix Host: %d, " "hoSt: %d, Host no space: %d, Additional space: %d, Mix Host: %d, "
"HTTP AllPorts: %d, HTTP Persistent Nowait: %d, DNS redirect: %d\n", "HTTP AllPorts: %d, HTTP Persistent Nowait: %d, DNS redirect: %d, "
"DNSv6 redirect: %d\n",
do_passivedpi, (do_fragment_http ? http_fragment_size : 0), do_passivedpi, (do_fragment_http ? http_fragment_size : 0),
(do_fragment_http_persistent ? http_fragment_size : 0), (do_fragment_http_persistent ? http_fragment_size : 0),
(do_fragment_https ? https_fragment_size : 0), (do_fragment_https ? https_fragment_size : 0),
do_host, do_host_removespace, do_additional_space, do_host_mixedcase, do_host, do_host_removespace, do_additional_space, do_host_mixedcase,
do_http_allports, do_fragment_http_persistent_nowait, do_dns_redirect do_http_allports, do_fragment_http_persistent_nowait, do_dnsv4_redirect,
do_dnsv6_redirect
); );
if (do_fragment_http && http_fragment_size > 2) { if (do_fragment_http && http_fragment_size > 2) {
@@ -452,18 +545,18 @@ int main(int argc, char *argv[]) {
filter_num = 0; filter_num = 0;
if (do_passivedpi) { if (do_passivedpi) {
/* IPv4 filter for inbound RST packets with ID = 0 or 1 */ /* IPv4 only filter for inbound RST packets with ID = 0 or 1 */
filters[filter_num] = init( filters[filter_num] = init(
"inbound and ip and tcp and " "inbound and ip and tcp and "
"(ip.Id == 0x0001 or ip.Id == 0x0000) and " "(ip.Id >= 0x0000 and ip.Id <= 0x000F) and "
"(tcp.SrcPort == 443 or tcp.SrcPort == 80) and tcp.Rst and " "(tcp.SrcPort == 443 or tcp.SrcPort == 80) and tcp.Rst and "
DIVERT_NO_LOCALNETS_SRC, DIVERT_NO_LOCALNETSv4_SRC,
WINDIVERT_FLAG_DROP); WINDIVERT_FLAG_DROP);
filter_num++; filter_num++;
} }
/* /*
* IPv4 filter for inbound HTTP redirection packets and * IPv4 & IPv6 filter for inbound HTTP redirection packets and
* active DPI circumvention * active DPI circumvention
*/ */
filters[filter_num] = init(filter_string, 0); filters[filter_num] = init(filter_string, 0);
@@ -481,13 +574,53 @@ int main(int argc, char *argv[]) {
while (1) { while (1) {
if (WinDivertRecv(w_filter, packet, sizeof(packet), &addr, &packetLen)) { if (WinDivertRecv(w_filter, packet, sizeof(packet), &addr, &packetLen)) {
//printf("Got %s packet, len=%d!\n", addr.Direction ? "inbound" : "outbound", debug("Got %s packet, len=%d!\n", addr.Direction ? "inbound" : "outbound",
// packetLen); packetLen);
should_reinject = 1; should_reinject = 1;
should_recalc_checksum = 0; should_recalc_checksum = 0;
if (WinDivertHelperParsePacket(packet, packetLen, &ppIpHdr, ppIpHdr = (PWINDIVERT_IPHDR)NULL;
NULL, NULL, NULL, &ppTcpHdr, NULL, &packet_data, &packet_dataLen)) { ppIpV6Hdr = (PWINDIVERT_IPV6HDR)NULL;
ppTcpHdr = (PWINDIVERT_TCPHDR)NULL;
ppUdpHdr = (PWINDIVERT_UDPHDR)NULL;
packet_v4 = packet_v6 = 0;
packet_type = unknown;
// Parse network packet and set it's type
if ((packet_v4 = WinDivertHelperParsePacket(packet, packetLen, &ppIpHdr,
NULL, NULL, NULL, &ppTcpHdr, NULL, &packet_data, &packet_dataLen)))
{
packet_type = ipv4_tcp_data;
}
else if ((packet_v6 = WinDivertHelperParsePacket(packet, packetLen, NULL,
&ppIpV6Hdr, NULL, NULL, &ppTcpHdr, NULL, &packet_data, &packet_dataLen)))
{
packet_type = ipv6_tcp_data;
}
else if ((packet_v4 = WinDivertHelperParsePacket(packet, packetLen, &ppIpHdr,
NULL, NULL, NULL, &ppTcpHdr, NULL, NULL, NULL)))
{
packet_type = ipv4_tcp;
}
else if ((packet_v6 = WinDivertHelperParsePacket(packet, packetLen, NULL,
&ppIpV6Hdr, NULL, NULL, &ppTcpHdr, NULL, NULL, NULL)))
{
packet_type = ipv6_tcp;
}
else if ((packet_v4 = WinDivertHelperParsePacket(packet, packetLen, &ppIpHdr,
NULL, NULL, NULL, NULL, &ppUdpHdr, &packet_data, &packet_dataLen)))
{
packet_type = ipv4_udp_data;
}
else if ((packet_v6 = WinDivertHelperParsePacket(packet, packetLen, NULL,
&ppIpV6Hdr, NULL, NULL, NULL, &ppUdpHdr, &packet_data, &packet_dataLen)))
{
packet_type = ipv6_udp_data;
}
debug("packet_type: %d, packet_v4: %d, packet_v6: %d\n", packet_type, packet_v4, packet_v6);
if (packet_type == ipv4_tcp_data || packet_type == ipv6_tcp_data) {
//printf("Got parsed packet, len=%d!\n", packet_dataLen); //printf("Got parsed packet, len=%d!\n", packet_dataLen);
/* Got a TCP packet WITH DATA */ /* Got a TCP packet WITH DATA */
@@ -533,11 +666,20 @@ int main(int argc, char *argv[]) {
* ack number of received packet and retransmitting missing part again, * ack number of received packet and retransmitting missing part again,
* but it's better to send it anyway since it eliminates one RTT. * but it's better to send it anyway since it eliminates one RTT.
*/ */
if (do_fragment_http_persistent && !http_req_fragmented) { if (do_fragment_http_persistent && !http_req_fragmented &&
ppIpHdr->Length = htons( (packet_dataLen > http_fragment_size))
ntohs(ppIpHdr->Length) - {
packet_dataLen + http_fragment_size if (packet_v4)
); ppIpHdr->Length = htons(
ntohs(ppIpHdr->Length) -
packet_dataLen + http_fragment_size
);
else if (packet_v6)
ppIpV6Hdr->Length = htons(
ntohs(ppIpV6Hdr->Length) -
packet_dataLen + http_fragment_size
);
WinDivertHelperCalcChecksums( WinDivertHelperCalcChecksums(
packet, packetLen - packet_dataLen + http_fragment_size, 0 packet, packetLen - packet_dataLen + http_fragment_size, 0
); );
@@ -546,11 +688,18 @@ int main(int argc, char *argv[]) {
packetLen - packet_dataLen + http_fragment_size, packetLen - packet_dataLen + http_fragment_size,
&addr, NULL &addr, NULL
); );
if (do_fragment_http_persistent_nowait) { if (do_fragment_http_persistent_nowait) {
ppIpHdr->Length = htons( if (packet_v4)
ntohs(ppIpHdr->Length) - ppIpHdr->Length = htons(
http_fragment_size + packet_dataLen - http_fragment_size ntohs(ppIpHdr->Length) -
); http_fragment_size + packet_dataLen - http_fragment_size
);
else if (packet_v6)
ppIpV6Hdr->Length = htons(
ntohs(ppIpV6Hdr->Length) -
http_fragment_size + packet_dataLen - http_fragment_size
);
memmove(packet_data, memmove(packet_data,
packet_data + http_fragment_size, packet_data + http_fragment_size,
packet_dataLen); packet_dataLen);
@@ -647,8 +796,7 @@ int main(int argc, char *argv[]) {
} /* Handle TCP packet with data */ } /* Handle TCP packet with data */
/* Else if we got TCP packet without data */ /* Else if we got TCP packet without data */
else if (WinDivertHelperParsePacket(packet, packetLen, &ppIpHdr, else if (packet_type == ipv4_tcp || packet_type == ipv6_tcp) {
NULL, NULL, NULL, &ppTcpHdr, NULL, NULL, NULL)) {
/* If we got INBOUND SYN+ACK packet */ /* If we got INBOUND SYN+ACK packet */
if (addr.Direction == WINDIVERT_DIRECTION_INBOUND && if (addr.Direction == WINDIVERT_DIRECTION_INBOUND &&
ppTcpHdr->Syn == 1 && ppTcpHdr->Ack == 1) { ppTcpHdr->Syn == 1 && ppTcpHdr->Ack == 1) {
@@ -658,28 +806,35 @@ int main(int argc, char *argv[]) {
* is enabled as there could be non-HTTP data on port 80 * is enabled as there could be non-HTTP data on port 80
*/ */
if (do_fragment_http && ppTcpHdr->SrcPort == htons(80)) { if (do_fragment_http && ppTcpHdr->SrcPort == htons(80)) {
change_window_size(packet, http_fragment_size); change_window_size(ppTcpHdr, http_fragment_size);
should_recalc_checksum = 1; should_recalc_checksum = 1;
} }
else if (do_fragment_https && ppTcpHdr->SrcPort != htons(80)) { else if (do_fragment_https && ppTcpHdr->SrcPort != htons(80)) {
change_window_size(packet, https_fragment_size); change_window_size(ppTcpHdr, https_fragment_size);
should_recalc_checksum = 1; should_recalc_checksum = 1;
} }
} }
} }
/* Else if we got UDP packet with data */ /* Else if we got UDP packet with data */
else if (do_dns_redirect && WinDivertHelperParsePacket(packet, packetLen, &ppIpHdr, else if ((do_dnsv4_redirect && (packet_type == ipv4_udp_data)) ||
NULL, NULL, NULL, NULL, &ppUdpHdr, &packet_data, &packet_dataLen)) { (do_dnsv6_redirect && (packet_type == ipv6_udp_data)))
{
if (addr.Direction == WINDIVERT_DIRECTION_INBOUND) { if (addr.Direction == WINDIVERT_DIRECTION_INBOUND) {
if (dns_handle_incoming(ppIpHdr->DstAddr, ppUdpHdr->DstPort, if ((packet_v4 && dns_handle_incoming(&ppIpHdr->DstAddr, ppUdpHdr->DstPort,
packet_data, packet_dataLen, packet_data, packet_dataLen,
&dns_conn_info)) &dns_conn_info, 0))
||
(packet_v6 && dns_handle_incoming(ppIpV6Hdr->DstAddr, ppUdpHdr->DstPort,
packet_data, packet_dataLen,
&dns_conn_info, 1)))
{ {
/* Changing source IP and port to the values /* Changing source IP and port to the values
* from DNS conntrack */ * from DNS conntrack */
ppIpHdr->SrcAddr = dns_conn_info.dstip; if (packet_v4)
ppIpHdr->SrcAddr = dns_conn_info.dstip[0];
else if (packet_v6)
ipv6_copy_addr(ppIpV6Hdr->SrcAddr, dns_conn_info.dstip);
ppUdpHdr->DstPort = dns_conn_info.srcport; ppUdpHdr->DstPort = dns_conn_info.srcport;
ppUdpHdr->SrcPort = dns_conn_info.dstport; ppUdpHdr->SrcPort = dns_conn_info.dstport;
should_recalc_checksum = 1; should_recalc_checksum = 1;
@@ -696,14 +851,24 @@ int main(int argc, char *argv[]) {
} }
else if (addr.Direction == WINDIVERT_DIRECTION_OUTBOUND) { else if (addr.Direction == WINDIVERT_DIRECTION_OUTBOUND) {
if (dns_handle_outgoing(ppIpHdr->SrcAddr, ppUdpHdr->SrcPort, if ((packet_v4 && dns_handle_outgoing(&ppIpHdr->SrcAddr, ppUdpHdr->SrcPort,
ppIpHdr->DstAddr, ppUdpHdr->DstPort, &ppIpHdr->DstAddr, ppUdpHdr->DstPort,
packet_data, packet_dataLen)) packet_data, packet_dataLen, 0))
||
(packet_v6 && dns_handle_outgoing(ppIpV6Hdr->SrcAddr, ppUdpHdr->SrcPort,
ppIpV6Hdr->DstAddr, ppUdpHdr->DstPort,
packet_data, packet_dataLen, 1)))
{ {
/* Changing destination IP and port to the values /* Changing destination IP and port to the values
* from configuration */ * from configuration */
ppIpHdr->DstAddr = dns_addr; if (packet_v4) {
ppUdpHdr->DstPort = dns_port; ppIpHdr->DstAddr = dnsv4_addr;
ppUdpHdr->DstPort = dnsv4_port;
}
else if (packet_v6) {
ipv6_copy_addr(ppIpV6Hdr->DstAddr, (uint32_t*)dnsv6_addr.s6_addr);
ppUdpHdr->DstPort = dnsv6_port;
}
should_recalc_checksum = 1; should_recalc_checksum = 1;
} }
else { else {

3
goodbyedpi.h
View File

@@ -5,3 +5,6 @@
#else #else
#define debug(...) printf(__VA_ARGS__) #define debug(...) printf(__VA_ARGS__)
#endif #endif
int main(int argc, char *argv[]);
void deinit_all();

96
service.c Normal file
View File

@@ -0,0 +1,96 @@
#include <windows.h>
#include <stdio.h>
#include "goodbyedpi.h"
#include "service.h"
#define SERVICE_NAME "GoodbyeDPI"
static SERVICE_STATUS ServiceStatus;
static SERVICE_STATUS_HANDLE hStatus;
static int service_argc = 0;
static char **service_argv = NULL;
int service_register(int argc, char *argv[])
{
int i, ret;
SERVICE_TABLE_ENTRY ServiceTable[] = {
{SERVICE_NAME, (LPSERVICE_MAIN_FUNCTION)service_main},
{NULL, NULL}
};
/*
* Save argc & argv as service_main is called with different
* arguments, which are passed from "start" command, not
* from the program command line.
* We don't need this behaviour.
*
* Note that if StartServiceCtrlDispatcher() succeedes
* it does not return until the service is stopped,
* so we should copy all arguments first and then
* handle the failure.
*/
if (!service_argc && !service_argv) {
service_argc = argc;
service_argv = malloc(sizeof(void*) * argc);
for (i = 0; i < argc; i++) {
service_argv[i] = strdup(argv[i]);
}
}
ret = StartServiceCtrlDispatcher(ServiceTable);
if (service_argc && service_argv) {
for (i = 0; i < service_argc; i++) {
free(service_argv[i]);
}
free(service_argv);
}
return ret;
}
void service_main(int argc __attribute__((unused)),
char *argv[] __attribute__((unused)))
{
ServiceStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
ServiceStatus.dwCurrentState = SERVICE_RUNNING;
ServiceStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP | SERVICE_ACCEPT_SHUTDOWN;
ServiceStatus.dwWin32ExitCode = 0;
ServiceStatus.dwServiceSpecificExitCode = 0;
ServiceStatus.dwCheckPoint = 1;
ServiceStatus.dwWaitHint = 0;
hStatus = RegisterServiceCtrlHandler(
SERVICE_NAME,
(LPHANDLER_FUNCTION)service_controlhandler);
if (hStatus == (SERVICE_STATUS_HANDLE)0)
{
// Registering Control Handler failed
return;
}
SetServiceStatus(hStatus, &ServiceStatus);
// Calling main with saved argc & argv
ServiceStatus.dwWin32ExitCode = main(service_argc, service_argv);
ServiceStatus.dwCurrentState = SERVICE_STOPPED;
SetServiceStatus(hStatus, &ServiceStatus);
return;
}
// Control handler function
void service_controlhandler(DWORD request)
{
switch(request)
{
case SERVICE_CONTROL_STOP:
case SERVICE_CONTROL_SHUTDOWN:
deinit_all();
ServiceStatus.dwWin32ExitCode = 0;
ServiceStatus.dwCurrentState = SERVICE_STOPPED;
default:
break;
}
// Report current status
SetServiceStatus(hStatus, &ServiceStatus);
return;
}

3
service.h Normal file
View File

@@ -0,0 +1,3 @@
int service_register();
void service_main(int argc, char *argv[]);
void service_controlhandler(DWORD request);