winws: --wf-raw-part (07eee8af) · Commits · git-mirror / Zapret

docs/changes.txt

+4 −0

Original line number	Diff line number	Diff line
		@@ -541,3 +541,7 @@ nfqws,tpws: fix possible crashes or high memory usage if hostlist has duplicate
		init.d: custom scripts 50-discord-media, 50-stun4all
		init.d: windivert filters for discord media, stun, wireguard
		readme: hardware problems description

		v71.5

		winws: --wf-raw-part

init.d/windivert.filter.examples/README.txt

+3 −3

Original line number	Diff line number	Diff line
		Цель этих фильтров - отсекать полезную нагрузку в режиме ядра, не насилуя процессор перенаправлением целого потока на winws.
		Задействуются через `winws --wf-raw=@filename`.
		Задействуются через `winws --wf-raw-part=@filename`. Может быть несколько частичных фильтров. Они могут сочетаться с --wf-tcp и --wf-udp.
		Однако, язык фильтров windivert не содержит операций с битовыми полями, сдвигов и побитовой логики.
		Поэтому фильтры получились более слабыми, способными передавать неправильную нагрузку.
		Дофильтрация производится силами winws.

		Описание языка фильтров : https://reqrypt.org/windivert-doc.html#filter_language
		Пример инстанса для пробития медиапотоков в discord : `winws --wf-raw=@windivert.discord_media+stun.txt --filter-l7=stun,discord --dpi-desync=fake`
		Пример инстанса для пробития медиапотоков в discord : `winws --wf-raw-part=@windivert_part.discord_media.txt --wf-raw-part=@windivert_part.stun.txt --filter-l7=stun,discord --dpi-desync=fake`


		These filters are invoked using `winws --wf-raw=@filename`.
		These filters are invoked using `winws --wf-raw-part=@filename`. Multiple filter parts are supported. They can be combined with --wf-tcp and --wf-udp.
		Filters are kernel mode and save great amount of CPU.
		However windivert cannot filter by bit fields, lacks shift and bitwise logic operations.
		Filters are relaxed and can pass wrong payloads. Finer filtering is done by winws.

init.d/windivert.filter.examples/windivert.discord_media+stun.txt

deleted100644 → 0

+0 −29

Original line number	Diff line number	Diff line
		!impostor and !loopback and
		(outbound and
		((ip and
		udp.DstPort>=50000 and udp.DstPort<=50099 and
		udp.PayloadLength=74 and
		udp.Payload32[0]=0x00010046 and
		udp.Payload32[2]=0 and
		udp.Payload32[3]=0 and
		udp.Payload32[4]=0 and
		udp.Payload32[5]=0 and
		udp.Payload32[6]=0 and
		udp.Payload32[7]=0 and
		udp.Payload32[8]=0 and
		udp.Payload32[9]=0 and
		udp.Payload32[10]=0 and
		udp.Payload32[11]=0 and
		udp.Payload32[12]=0 and
		udp.Payload32[13]=0 and
		udp.Payload32[14]=0 and
		udp.Payload32[15]=0 and
		udp.Payload32[16]=0 and
		udp.Payload32[17]=0)
		or
		(udp.PayloadLength>=20 and
		udp.Payload32[1]=0x2112A442 and udp.Payload[0]<0x40)) and
		( ((ip.DstAddr < 127.0.0.1 or ip.DstAddr > 127.255.255.255) and (ip.DstAddr < 10.0.0.0 or ip.DstAddr > 10.255.255.255) and (ip.DstAddr < 192.168.0.0 or ip.DstAddr > 192.168.255.255) and (ip.DstAddr < 172.16.0.0 or ip.DstAddr > 172.31.255.255) and (ip.DstAddr < 169.254.0.0 or ip.DstAddr > 169.254.255.255)) or
		((ipv6.DstAddr > ::1) and (ipv6.DstAddr < 2001::0 or ipv6.DstAddr >= 2001:1::0) and (ipv6.DstAddr < fc00::0 or ipv6.DstAddr >= fe00::0) and (ipv6.DstAddr < fe80::0 or ipv6.DstAddr >= fec0::0) and (ipv6.DstAddr < ff00::0 or ipv6.DstAddr >= ffff::0))
		)
		)

init.d/windivert.filter.examples/windivert.stun.txt

deleted100644 → 0

+0 −8

Original line number	Diff line number	Diff line
		!impostor and !loopback and
		(outbound and
		udp.PayloadLength>=20 and
		udp.Payload32[1]=0x2112A442 and udp.Payload[0]<0x40 and
		( ((ip.DstAddr < 127.0.0.1 or ip.DstAddr > 127.255.255.255) and (ip.DstAddr < 10.0.0.0 or ip.DstAddr > 10.255.255.255) and (ip.DstAddr < 192.168.0.0 or ip.DstAddr > 192.168.255.255) and (ip.DstAddr < 172.16.0.0 or ip.DstAddr > 172.31.255.255) and (ip.DstAddr < 169.254.0.0 or ip.DstAddr > 169.254.255.255)) or
		((ipv6.DstAddr > ::1) and (ipv6.DstAddr < 2001::0 or ipv6.DstAddr >= 2001:1::0) and (ipv6.DstAddr < fc00::0 or ipv6.DstAddr >= fe00::0) and (ipv6.DstAddr < fe80::0 or ipv6.DstAddr >= fec0::0) and (ipv6.DstAddr < ff00::0 or ipv6.DstAddr >= ffff::0))
		)
		)

init.d/windivert.filter.examples/windivert.wireguard.txt

deleted100644 → 0

+0 −8

Original line number	Diff line number	Diff line
		!impostor and !loopback and
		(outbound and
		udp.PayloadLength=148 and
		udp.Payload[0]=0x01 and
		( ((ip.DstAddr < 127.0.0.1 or ip.DstAddr > 127.255.255.255) and (ip.DstAddr < 10.0.0.0 or ip.DstAddr > 10.255.255.255) and (ip.DstAddr < 192.168.0.0 or ip.DstAddr > 192.168.255.255) and (ip.DstAddr < 172.16.0.0 or ip.DstAddr > 172.31.255.255) and (ip.DstAddr < 169.254.0.0 or ip.DstAddr > 169.254.255.255)) or
		((ipv6.DstAddr > ::1) and (ipv6.DstAddr < 2001::0 or ipv6.DstAddr >= 2001:1::0) and (ipv6.DstAddr < fc00::0 or ipv6.DstAddr >= fe00::0) and (ipv6.DstAddr < fe80::0 or ipv6.DstAddr >= fec0::0) and (ipv6.DstAddr < ff00::0 or ipv6.DstAddr >= ffff::0))
		)
		)