Tags: dominicusin/GoodbyeDPI
Tags
Print message of HTTP fragmentation > 2 incompatibility. We can't reliably distinguish HTTP data from other data on port 80 when fragmentation is used. HTTP method code has a special case which tries to find HTTP method when fragmentation = 1 or 2 is used, but not for other values.
Block passive DPI packets only with "Connection: close". Fixes Valdik… …SS#17. Some servers set "don't fragment" flag and never increase TCP ID field. If they send HTTP redirection to another website, it would be blocked by the program. This is a hack to block redirects only with "Connection: close" header as presumably legal redirects are most likely would use keep-alive.
Change TCP Window Size based on SrcPort, not DstPort. When HTTPS fragment size was set, the program always used it for HTTP, even if HTTP fragmentation was disabled. This is due to a bug which checked DstPort, not SrcPort, and the packets passed DstPort != htons(80) HTTPS check.
Reimplement -s option to fix unACKed data Old code used to reduce packet size by one byte to remove space in HTTP Host header. This introduces one unACKed byte which OS later tried to send to the host. This byte was \n (the last byte in original packet) which broke POST requests. New code in this commit moves "stolen" space in the end of User-Agent header value and do not reduce packet size anymore. User-Agent value is used because not all web servers are compatible with additional space in the end of Host value. Fix ValdikSS#3
PreviousNext