windivert filter examples (fc837e14) · Commits · git-mirror / Zapret

.gitattributes

+1 −0

Original line number	Diff line number	Diff line
		* text=auto eol=lf
		*.cmd eol=crlf
		*.bat eol=crlf
		init.d/windivert.filter.examples/** eol=crlf

0 → 100644

+12 −0

Original line number	Diff line number	Diff line
		- , winws.
		`winws --wf-raw=@filename`.
		, windivert , .
		, .
		winws.

		discord : `winws --wf-raw=@windivert.discord_media+stun.txt --dpi-desync=fake`

		These filters are invoked using `winws --wf-raw=@filename`.
		Filters are kernel mode and save great amount of CPU.
		However windivert cannot filter by bit fields, lacks shift and bitwise logic operations.
		Filters are relaxed and can pass wrong payloads. Finer filtering is done by winws.

0 → 100644

+28 −0

Original line number	Diff line number	Diff line
		!impostor and !loopback and
		(outbound and
		((udp.DstPort>=50000 and udp.DstPort<=50099 and
		udp.PayloadLength=74 and
		udp.Payload32[0]=0x00010046 and
		udp.Payload32[2]=0 and
		udp.Payload32[3]=0 and
		udp.Payload32[4]=0 and
		udp.Payload32[5]=0 and
		udp.Payload32[6]=0 and
		udp.Payload32[7]=0 and
		udp.Payload32[8]=0 and
		udp.Payload32[9]=0 and
		udp.Payload32[10]=0 and
		udp.Payload32[11]=0 and
		udp.Payload32[12]=0 and
		udp.Payload32[13]=0 and
		udp.Payload32[14]=0 and
		udp.Payload32[15]=0 and
		udp.Payload32[16]=0 and
		udp.Payload32[17]=0)
		or
		(udp.PayloadLength>=20 and
		udp.Payload32[1]=0x2112A442)) and
		( ((ip.DstAddr < 127.0.0.1 or ip.DstAddr > 127.255.255.255) and (ip.DstAddr < 10.0.0.0 or ip.DstAddr > 10.255.255.255) and (ip.DstAddr < 192.168.0.0 or ip.DstAddr > 192.168.255.255) and (ip.DstAddr < 172.16.0.0 or ip.DstAddr > 172.31.255.255) and (ip.DstAddr < 169.254.0.0 or ip.DstAddr > 169.254.255.255)) or
		((ipv6.DstAddr > ::1) and (ipv6.DstAddr < 2001::0 or ipv6.DstAddr >= 2001:1::0) and (ipv6.DstAddr < fc00::0 or ipv6.DstAddr >= fe00::0) and (ipv6.DstAddr < fe80::0 or ipv6.DstAddr >= fec0::0) and (ipv6.DstAddr < ff00::0 or ipv6.DstAddr >= ffff::0))
		)
		)

0 → 100644

+25 −0

Original line number	Diff line number	Diff line
		!impostor and !loopback and
		(outbound and
		udp.DstPort>=50000 and udp.DstPort<=50099 and
		udp.PayloadLength=74 and
		udp.Payload32[0]=0x00010046 and
		udp.Payload32[2]=0 and
		udp.Payload32[3]=0 and
		udp.Payload32[4]=0 and
		udp.Payload32[5]=0 and
		udp.Payload32[6]=0 and
		udp.Payload32[7]=0 and
		udp.Payload32[8]=0 and
		udp.Payload32[9]=0 and
		udp.Payload32[10]=0 and
		udp.Payload32[11]=0 and
		udp.Payload32[12]=0 and
		udp.Payload32[13]=0 and
		udp.Payload32[14]=0 and
		udp.Payload32[15]=0 and
		udp.Payload32[16]=0 and
		udp.Payload32[17]=0 and
		( ((ip.DstAddr < 127.0.0.1 or ip.DstAddr > 127.255.255.255) and (ip.DstAddr < 10.0.0.0 or ip.DstAddr > 10.255.255.255) and (ip.DstAddr < 192.168.0.0 or ip.DstAddr > 192.168.255.255) and (ip.DstAddr < 172.16.0.0 or ip.DstAddr > 172.31.255.255) and (ip.DstAddr < 169.254.0.0 or ip.DstAddr > 169.254.255.255)) or
		((ipv6.DstAddr > ::1) and (ipv6.DstAddr < 2001::0 or ipv6.DstAddr >= 2001:1::0) and (ipv6.DstAddr < fc00::0 or ipv6.DstAddr >= fe00::0) and (ipv6.DstAddr < fe80::0 or ipv6.DstAddr >= fec0::0) and (ipv6.DstAddr < ff00::0 or ipv6.DstAddr >= ffff::0))
		)
		)

0 → 100644

+8 −0

Original line number	Diff line number	Diff line
		!impostor and !loopback and
		(outbound and
		udp.PayloadLength>=20 and
		udp.Payload32[1]=0x2112A442 and
		( ((ip.DstAddr < 127.0.0.1 or ip.DstAddr > 127.255.255.255) and (ip.DstAddr < 10.0.0.0 or ip.DstAddr > 10.255.255.255) and (ip.DstAddr < 192.168.0.0 or ip.DstAddr > 192.168.255.255) and (ip.DstAddr < 172.16.0.0 or ip.DstAddr > 172.31.255.255) and (ip.DstAddr < 169.254.0.0 or ip.DstAddr > 169.254.255.255)) or
		((ipv6.DstAddr > ::1) and (ipv6.DstAddr < 2001::0 or ipv6.DstAddr >= 2001:1::0) and (ipv6.DstAddr < fc00::0 or ipv6.DstAddr >= fe00::0) and (ipv6.DstAddr < fe80::0 or ipv6.DstAddr >= fec0::0) and (ipv6.DstAddr < ff00::0 or ipv6.DstAddr >= ffff::0))
		)
		)