From 08549b570b03874c1b839c337b0d3119e22cb985 Mon Sep 17 00:00:00 2001 From: bol-van Date: Mon, 9 Feb 2026 13:43:46 +0300 Subject: [PATCH] update docs --- docs/manual.en.md | 157 ++++++++++++++++++++++++---------------------- docs/manual.md | 157 ++++++++++++++++++++++++---------------------- 2 files changed, 166 insertions(+), 148 deletions(-) diff --git a/docs/manual.en.md b/docs/manual.en.md index 2c3427f..c750b66 100644 --- a/docs/manual.en.md +++ b/docs/manual.en.md @@ -59,21 +59,21 @@ - [Random Data Generation](#random-data-generation) - [brandom](#brandom) - [Parsing](#parsing) - - [parse\_hex](#parse_hex) + - [parse_hex](#parse_hex) - [Cryptography](#cryptography) - [bcryptorandom](#bcryptorandom) - [bxor,bor,band](#bxorborband) - [hash](#hash) - [aes](#aes) - - [aes\_gcm](#aes_gcm) - - [aes\_ctr](#aes_ctr) + - [aes_gcm](#aes_gcm) + - [aes_ctr](#aes_ctr) - [hkdf](#hkdf) - [Compression](#compression) - [gunzip](#gunzip) - [gzip](#gzip) - [System functions](#system-functions) - [uname](#uname) - - [clock\_gettime](#clock_gettime) + - [clock_gettime](#clock_gettime) - [getpid](#getpid) - [stat](#stat) - [time](#time) @@ -82,23 +82,23 @@ - [standard rawsend](#standard-rawsend) - [Dissection and reconstruction](#dissection-and-reconstruction) - [dissect](#dissect) - - [reconstruct\_dissect](#reconstruct_dissect) - - [reconstruct\_hdr](#reconstruct_hdr) - - [csum\_fix](#csum_fix) + - [reconstruct_dissect](#reconstruct_dissect) + - [reconstruct_hdr](#reconstruct_hdr) + - [csum_fix](#csum_fix) - [conntrack](#conntrack) - [Obtaining IP addresses](#obtaining-ip-addresses) - [Receiving and sending Packets](#receiving-and-sending-packets) - [rawsend](#rawsend) - - [raw\_packet](#raw_packet) + - [raw_packet](#raw_packet) - [Working with payloads](#working-with-payloads) - [Markers](#markers) - - [resolve\_pos](#resolve_pos) - - [tls\_mod](#tls_mod) + - [resolve_pos](#resolve_pos) + - [tls_mod](#tls_mod) - [Instance execution management](#instance-execution-management) - - [instance\_cutoff](#instance_cutoff) - - [lua\_cutoff](#lua_cutoff) - - [execution\_plan](#execution_plan) - - [execution\_plan\_cancel](#execution_plan_cancel) + - [instance_cutoff](#instance_cutoff) + - [lua_cutoff](#lua_cutoff) + - [execution_plan](#execution_plan) + - [execution_plan_cancel](#execution_plan_cancel) - [zapret-lib.lua base function library](#zapret-liblua-base-function-library) - [Base desync functions](#base-desync-functions) - [luaexec](#luaexec) @@ -106,16 +106,16 @@ - [pktdebug](#pktdebug) - [argdebug](#argdebug) - [posdebug](#posdebug) - - [detect\_payload\_str](#detect_payload_str) - - [desync\_orchestrator\_example](#desync_orchestrator_example) + - [detect_payload_str](#detect_payload_str) + - [desync_orchestrator_example](#desync_orchestrator_example) - [Utility functions](#utility-functions) - - [var\_debug](#var_debug) + - [var_debug](#var_debug) - [deepcopy](#deepcopy) - - [logical\_xor](#logical_xor) - - [array\_search](#array_search) + - [logical_xor](#logical_xor) + - [array_search](#array_search) - [String operations](#string-operations) - - [in\_list](#in_list) - - [find\_next\_line](#find_next_line) + - [in_list](#in_list) + - [find_next_line](#find_next_line) - [Raw string handling](#raw-string-handling) - [hex](#hex) - [pattern](#pattern) @@ -123,18 +123,18 @@ - [TCP sequence number handling](#tcp-sequence-number-handling) - [Position handling](#position-handling) - [Dissection](#dissection) - - [dissect\_url](#dissect_url) - - [dissect\_nld](#dissect_nld) - - [dissect\_http](#dissect_http) - - [dissect\_tls](#dissect_tls) + - [dissect_url](#dissect_url) + - [dissect_nld](#dissect_nld) + - [dissect_http](#dissect_http) + - [dissect_tls](#dissect_tls) - [Working with L3 and L4 protocol elements](#working-with-l3-and-l4-protocol-elements) - - [find\_tcp\_options](#find_tcp_options) + - [find_tcp_options](#find_tcp_options) - [ip6hdr](#ip6hdr) - [ip protocol](#ip-protocol) - - [packet\_len](#packet_len) + - [packet_len](#packet_len) - [Working with hostnames](#working-with-hostnames) - [genhost](#genhost) - - [host\_ip](#host_ip) + - [host_ip](#host_ip) - [File name and path operations](#file-name-and-path-operations) - [Reading and writing Files](#reading-and-writing-files) - [Data compression](#data-compression) @@ -143,29 +143,29 @@ - [standard ipid](#standard-ipid) - [standard fooling](#standard-fooling) - [standard ipfrag](#standard-ipfrag) - - [apply\_ip\_id](#apply_ip_id) - - [apply\_fooling](#apply_fooling) + - [apply_ip_id](#apply_ip_id) + - [apply_fooling](#apply_fooling) - [ipfrag2](#ipfrag2) - - [wssize\_rewrite](#wssize_rewrite) - - [dis\_reverse](#dis_reverse) + - [wssize_rewrite](#wssize_rewrite) + - [dis_reverse](#dis_reverse) - [IP addresses and interfaces](#ip-addresses-and-interfaces) - [Sending](#sending) - - [rawsend\_dissect\_ipfrag](#rawsend_dissect_ipfrag) - - [rawsend\_dissect\_segmented](#rawsend_dissect_segmented) - - [rawsend\_payload\_segmented](#rawsend_payload_segmented) + - [rawsend_dissect_ipfrag](#rawsend_dissect_ipfrag) + - [rawsend_dissect_segmented](#rawsend_dissect_segmented) + - [rawsend_payload_segmented](#rawsend_payload_segmented) - [Standard direction and payload filters](#standard-direction-and-payload-filters) - [Working with multi-packet payloads](#working-with-multi-packet-payloads) - [Orchestration](#orchestration) - - [instance\_cutoff\_shim](#instance_cutoff_shim) - - [cutoff\_shim\_check](#cutoff_shim_check) - - [apply\_arg\_prefix](#apply_arg_prefix) - - [apply\_execution\_plan](#apply_execution_plan) - - [verdict\_aggregate](#verdict_aggregate) - - [plan\_instance\_execute](#plan_instance_execute) - - [plan\_instance\_pop](#plan_instance_pop) - - [plan\_clear](#plan_clear) + - [instance_cutoff_shim](#instance_cutoff_shim) + - [cutoff_shim_check](#cutoff_shim_check) + - [apply_arg_prefix](#apply_arg_prefix) + - [apply_execution_plan](#apply_execution_plan) + - [verdict_aggregate](#verdict_aggregate) + - [plan_instance_execute](#plan_instance_execute) + - [plan_instance_pop](#plan_instance_pop) + - [plan_clear](#plan_clear) - [orchestrate](#orchestrate) - - [replay\_execution\_plan](#replay_execution_plan) + - [replay_execution_plan](#replay_execution_plan) - [zapret-antidpi.lua DPI attack program library](#zapret-antidpilua-dpi-attack-program-library) - [Standard parameter sets](#standard-parameter-sets) - [standard direction](#standard-direction) @@ -175,22 +175,22 @@ - [send](#send) - [pktmod](#pktmod) - [HTTP fooling](#http-fooling) - - [http\_hostcase](#http_hostcase) - - [http\_domcase](#http_domcase) - - [http\_methodeol](#http_methodeol) - - [http\_unixeol](#http_unixeol) + - [http_hostcase](#http_hostcase) + - [http_domcase](#http_domcase) + - [http_methodeol](#http_methodeol) + - [http_unixeol](#http_unixeol) - [Window size replacement](#window-size-replacement) - [wsize](#wsize) - [wssize](#wssize) - [Fakes](#fakes) - [syndata](#syndata) - - [tls\_client\_hello\_clone](#tls_client_hello_clone) + - [tls_client_hello_clone](#tls_client_hello_clone) - [fake](#fake) - [rst](#rst) - [TCP segmentation](#tcp-segmentation) - [multisplit](#multisplit) - [multidisorder](#multidisorder) - - [multidisorder\_legacy](#multidisorder_legacy) + - [multidisorder_legacy](#multidisorder_legacy) - [fakedsplit](#fakedsplit) - [fakeddisorder](#fakeddisorder) - [hostfakesplit](#hostfakesplit) @@ -198,22 +198,22 @@ - [oob](#oob) - [UDP Fooling](#udp-fooling) - [udplen](#udplen) - - [dht\_dn](#dht_dn) + - [dht_dn](#dht_dn) - [Other Functions](#other-functions) - [synack](#synack) - - [synack\_split](#synack_split) + - [synack_split](#synack_split) - [zapret-auto.lua automation and orchestration library](#zapret-autolua-automation-and-orchestration-library) - [State storage](#state-storage) - - [automate\_conn\_record](#automate_conn_record) - - [standard\_hostkey](#standard_hostkey) - - [automate\_host\_record](#automate_host_record) + - [automate_conn_record](#automate_conn_record) + - [standard_hostkey](#standard_hostkey) + - [automate_host_record](#automate_host_record) - [Handling successes and failures](#handling-successes-and-failures) - - [automate\_failure\_counter](#automate_failure_counter) - - [automate\_failure\_counter\_reset](#automate_failure_counter_reset) + - [automate_failure_counter](#automate_failure_counter) + - [automate_failure_counter_reset](#automate_failure_counter_reset) - [Success and failure detection](#success-and-failure-detection) - - [automate\_failure\_check](#automate_failure_check) - - [standard\_success\_detector](#standard_success_detector) - - [standard\_failure\_detector](#standard_failure_detector) + - [automate_failure_check](#automate_failure_check) + - [standard_success_detector](#standard_success_detector) + - [standard_failure_detector](#standard_failure_detector) - [Orchestrators](#orchestrators) - [circular](#circular) - [repeater](#repeater) @@ -221,10 +221,11 @@ - [per_instance_condition](#per_instance_condition) - [stopif](#stopif) - [iff functions](#iff-functions) - - [cond\_true](#cond_true) - - [cond\_false](#cond_false) - - [cond\_random](#cond_random) - - [cond\_payload\_str](#cond_payload_str) + - [cond_true](#cond_true) + - [cond_false](#cond_false) + - [cond_random](#cond_random) + - [cond_payload_str](#cond_payload_str) + - [cond_tcp_has_ts](#cond_tcp_has_ts) - [Auxiliary programs](#auxiliary-programs) - [ip2net](#ip2net) - [mdig](#mdig) @@ -248,16 +249,16 @@ - [List management system](#list-management-system) - [Standard list files](#standard-list-files) - [ipset scripts](#ipset-scripts) - - [clear\_lists.sh](#clear_listssh) - - [create\_ipset.sh](#create_ipsetsh) - - [get\_config.sh](#get_configsh) - - [get\_user.sh](#get_usersh) - - [get\_ipban.sh](#get_ipbansh) - - [get\_exclude.sh](#get_excludesh) - - [get\_antifilter\_\*.sh](#get_antifilter_sh) - - [get\_antizapret\_domains.sh](#get_antizapret_domainssh) - - [get\_refilter\_\*.sh](#get_refilter_sh) - - [get\_reestr\_\*.sh](#get_reestr_sh) + - [clear_lists.sh](#clear_listssh) + - [create_ipset.sh](#create_ipsetsh) + - [get_config.sh](#get_configsh) + - [get_user.sh](#get_usersh) + - [get_ipban.sh](#get_ipbansh) + - [get_exclude.sh](#get_excludesh) + - [get_antifilter_*.sh](#get_antifilter_sh) + - [get_antizapret_domains.sh](#get_antizapret_domainssh) + - [get_refilter_*.sh](#get_refilter_sh) + - [get_reestr_*.sh](#get_reestr_sh) - [ipban system](#ipban-system) - [Init scripts](#init-scripts) - [Firewall integration](#firewall-integration) @@ -4453,6 +4454,14 @@ function cond_payload_str(desync) Returns `true` if the substring `pattern` is present in `desync.dis.payload`. This is a basic signature detector. If the C code does not recognize the protocol you need, you can write your own signature detector and run subsequent instances under a `condition` orchestrator using your detector as the `iff` function. +#### cond_tcp_ts + +``` +function cond_tcp_ts(desync) +``` + +Returns `true` if the dissect is tcp and has tcp timestamp option. + # Auxiliary programs diff --git a/docs/manual.md b/docs/manual.md index 60de3b9..acf9393 100644 --- a/docs/manual.md +++ b/docs/manual.md @@ -56,21 +56,21 @@ - [Генерация случайных данных](#генерация-случайных-данных) - [brandom](#brandom) - [Парсинг](#парсинг) - - [parse\_hex](#parse_hex) + - [parse_hex](#parse_hex) - [Криптография](#криптография) - [bcryptorandom](#bcryptorandom) - [bxor,bor,band](#bxorborband) - [hash](#hash) - [aes](#aes) - - [aes\_gcm](#aes_gcm) - - [aes\_ctr](#aes_ctr) + - [aes_gcm](#aes_gcm) + - [aes_ctr](#aes_ctr) - [hkdf](#hkdf) - [Компрессия](#компрессия) - [gunzip](#gunzip) - [gzip](#gzip) - [Системные функции](#системные-функции) - [uname](#uname) - - [clock\_gettime](#clock_gettime) + - [clock_gettime](#clock_gettime) - [getpid](#getpid) - [stat](#stat) - [time](#time) @@ -79,23 +79,23 @@ - [standard rawsend](#standard-rawsend) - [Диссекция и реконструкция](#диссекция-и-реконструкция) - [dissect](#dissect) - - [reconstruct\_dissect](#reconstruct_dissect) - - [reconstruct\_hdr](#reconstruct_hdr) - - [csum\_fix](#csum_fix) + - [reconstruct_dissect](#reconstruct_dissect) + - [reconstruct_hdr](#reconstruct_hdr) + - [csum_fix](#csum_fix) - [conntrack](#conntrack) - [Получение ip адресов](#получение-ip-адресов) - [Прием и отсылка пакетов](#прием-и-отсылка-пакетов) - [rawsend](#rawsend) - - [raw\_packet](#raw_packet) + - [raw_packet](#raw_packet) - [Работа с пейлоадами](#работа-с-пейлоадами) - [маркеры](#маркеры) - - [resolve\_pos](#resolve_pos) - - [tls\_mod](#tls_mod) + - [resolve_pos](#resolve_pos) + - [tls_mod](#tls_mod) - [Управление выполнением инстансов](#управление-выполнением-инстансов) - - [instance\_cutoff](#instance_cutoff) - - [lua\_cutoff](#lua_cutoff) - - [execution\_plan](#execution_plan) - - [execution\_plan\_cancel](#execution_plan_cancel) + - [instance_cutoff](#instance_cutoff) + - [lua_cutoff](#lua_cutoff) + - [execution_plan](#execution_plan) + - [execution_plan_cancel](#execution_plan_cancel) - [Библиотека базовых функций zapret-lib.lua](#библиотека-базовых-функций-zapret-liblua) - [Базовые desync функции](#базовые-desync-функции) - [luaexec](#luaexec) @@ -103,16 +103,16 @@ - [pktdebug](#pktdebug) - [argdebug](#argdebug) - [posdebug](#posdebug) - - [detect\_payload\_str](#detect_payload_str) - - [desync\_orchestrator\_example](#desync_orchestrator_example) + - [detect_payload_str](#detect_payload_str) + - [desync_orchestrator_example](#desync_orchestrator_example) - [Служебные функции](#служебные-функции) - - [var\_debug](#var_debug) + - [var_debug](#var_debug) - [deepcopy](#deepcopy) - - [logical\_xor](#logical_xor) - - [array\_search](#array_search) + - [logical_xor](#logical_xor) + - [array_search](#array_search) - [Работа со строками](#работа-со-строками) - - [in\_list](#in_list) - - [find\_next\_line](#find_next_line) + - [in_list](#in_list) + - [find_next_line](#find_next_line) - [Обслуживание raw string](#обслуживание-raw-string) - [hex](#hex) - [pattern](#pattern) @@ -120,18 +120,18 @@ - [Обслуживание tcp sequence numbers](#обслуживание-tcp-sequence-numbers) - [Обслуживание позиций](#обслуживание-позиций) - [Диссекция](#диссекция) - - [dissect\_url](#dissect_url) - - [dissect\_nld](#dissect_nld) - - [dissect\_http](#dissect_http) - - [dissect\_tls](#dissect_tls) + - [dissect_url](#dissect_url) + - [dissect_nld](#dissect_nld) + - [dissect_http](#dissect_http) + - [dissect_tls](#dissect_tls) - [Работа с элементами L3 и L4 протоколов](#работа-с-элементами-l3-и-l4-протоколов) - - [find\_tcp\_options](#find_tcp_options) + - [find_tcp_options](#find_tcp_options) - [ip6hdr](#ip6hdr) - [ip protocol](#ip-protocol) - - [packet\_len](#packet_len) + - [packet_len](#packet_len) - [Работа с именами хостов](#работа-с-именами-хостов) - [genhost](#genhost) - - [host\_ip](#host_ip) + - [host_ip](#host_ip) - [Операции с именами файлов и путями](#операции-с-именами-файлов-и-путями) - [Чтение и запись файлов](#чтение-и-запись-файлов) - [Компрессия данных](#компрессия-данных) @@ -140,29 +140,29 @@ - [standard ipid](#standard-ipid) - [standard fooling](#standard-fooling) - [standard ipfrag](#standard-ipfrag) - - [apply\_ip\_id](#apply_ip_id) - - [apply\_fooling](#apply_fooling) + - [apply_ip_id](#apply_ip_id) + - [apply_fooling](#apply_fooling) - [ipfrag2](#ipfrag2) - - [wssize\_rewrite](#wssize_rewrite) - - [dis\_reverse](#dis_reverse) + - [wssize_rewrite](#wssize_rewrite) + - [dis_reverse](#dis_reverse) - [IP адреса и интерфейсы](#ip-адреса-и-интерфейсы) - [Отсылка](#отсылка) - - [rawsend\_dissect\_ipfrag](#rawsend_dissect_ipfrag) - - [rawsend\_dissect\_segmented](#rawsend_dissect_segmented) - - [rawsend\_payload\_segmented](#rawsend_payload_segmented) + - [rawsend_dissect_ipfrag](#rawsend_dissect_ipfrag) + - [rawsend_dissect_segmented](#rawsend_dissect_segmented) + - [rawsend_payload_segmented](#rawsend_payload_segmented) - [Стандартные фильтры direction и payload](#стандартные-фильтры-direction-и-payload) - [Работа с многопакетными пейлоадам](#работа-с-многопакетными-пейлоадам) - [Оркестрация](#оркестрация) - - [instance\_cutoff\_shim](#instance_cutoff_shim) - - [cutoff\_shim\_check](#cutoff_shim_check) - - [apply\_arg\_prefix](#apply_arg_prefix) - - [apply\_execution\_plan](#apply_execution_plan) - - [verdict\_aggregate](#verdict_aggregate) - - [plan\_instance\_execute](#plan_instance_execute) - - [plan\_instance\_pop](#plan_instance_pop) - - [plan\_clear](#plan_clear) + - [instance_cutoff_shim](#instance_cutoff_shim) + - [cutoff_shim_check](#cutoff_shim_check) + - [apply_arg_prefix](#apply_arg_prefix) + - [apply_execution_plan](#apply_execution_plan) + - [verdict_aggregate](#verdict_aggregate) + - [plan_instance_execute](#plan_instance_execute) + - [plan_instance_pop](#plan_instance_pop) + - [plan_clear](#plan_clear) - [orchestrate](#orchestrate) - - [replay\_execution\_plan](#replay_execution_plan) + - [replay_execution_plan](#replay_execution_plan) - [Библиотека программ атаки на DPI zapret-antidpi.lua](#библиотека-программ-атаки-на-dpi-zapret-antidpilua) - [Стандартные наборы параметров](#стандартные-наборы-параметров) - [standard direction](#standard-direction) @@ -172,22 +172,22 @@ - [send](#send) - [pktmod](#pktmod) - [Дурение http](#дурение-http) - - [http\_hostcase](#http_hostcase) - - [http\_domcase](#http_domcase) - - [http\_methodeol](#http_methodeol) - - [http\_unixeol](#http_unixeol) + - [http_hostcase](#http_hostcase) + - [http_domcase](#http_domcase) + - [http_methodeol](#http_methodeol) + - [http_unixeol](#http_unixeol) - [Замена window size](#замена-window-size) - [wsize](#wsize) - [wssize](#wssize) - [Фейки](#фейки) - [syndata](#syndata) - - [tls\_client\_hello\_clone](#tls_client_hello_clone) + - [tls_client_hello_clone](#tls_client_hello_clone) - [fake](#fake) - [rst](#rst) - [TCP сегментация](#tcp-сегментация) - [multisplit](#multisplit) - [multidisorder](#multidisorder) - - [multidisorder\_legacy](#multidisorder_legacy) + - [multidisorder_legacy](#multidisorder_legacy) - [fakedsplit](#fakedsplit) - [fakeddisorder](#fakeddisorder) - [hostfakesplit](#hostfakesplit) @@ -195,22 +195,22 @@ - [oob](#oob) - [Дурение udp](#дурение-udp) - [udplen](#udplen) - - [dht\_dn](#dht_dn) + - [dht_dn](#dht_dn) - [Другие функции](#другие-функции) - [synack](#synack) - - [synack\_split](#synack_split) + - [synack_split](#synack_split) - [Библиотека программ автоматизации и оркестрации zapret-auto.lua](#библиотека-программ-автоматизации-и-оркестрации-zapret-autolua) - [Хранилище состояний](#хранилище-состояний) - - [automate\_conn\_record](#automate_conn_record) - - [standard\_hostkey](#standard_hostkey) - - [automate\_host\_record](#automate_host_record) + - [automate_conn_record](#automate_conn_record) + - [standard_hostkey](#standard_hostkey) + - [automate_host_record](#automate_host_record) - [Обслуживание удач и неудач](#обслуживание-удач-и-неудач) - - [automate\_failure\_counter](#automate_failure_counter) - - [automate\_failure\_counter\_reset](#automate_failure_counter_reset) + - [automate_failure_counter](#automate_failure_counter) + - [automate_failure_counter_reset](#automate_failure_counter_reset) - [Детекция удач и неудач](#детекция-удач-и-неудач) - - [automate\_failure\_check](#automate_failure_check) - - [standard\_success\_detector](#standard_success_detector) - - [standard\_failure\_detector](#standard_failure_detector) + - [automate_failure_check](#automate_failure_check) + - [standard_success_detector](#standard_success_detector) + - [standard_failure_detector](#standard_failure_detector) - [Оркестраторы](#оркестраторы) - [circular](#circular) - [repeater](#repeater) @@ -218,10 +218,11 @@ - [per_instance_condition](#per_instance_condition) - [stopif](#stopif) - [iff функции](#iff-функции) - - [cond\_true](#cond_true) - - [cond\_false](#cond_false) - - [cond\_random](#cond_random) - - [cond\_payload\_str](#cond_payload_str) + - [cond_true](#cond_true) + - [cond_false](#cond_false) + - [cond_random](#cond_random) + - [cond_payload_str](#cond_payload_str) + - [cond_tcp_has_ts](#cond_tcp_has_ts) - [Вспомогательные программы](#вспомогательные-программы) - [ip2net](#ip2net) - [mdig](#mdig) @@ -245,16 +246,16 @@ - [Система ведения листов](#система-ведения-листов) - [Стандартные файлы листов](#стандартные-файлы-листов) - [Скрипты ipset](#скрипты-ipset) - - [clear\_lists.sh](#clear_listssh) - - [create\_ipset.sh](#create_ipsetsh) - - [get\_config.sh](#get_configsh) - - [get\_user.sh](#get_usersh) - - [get\_ipban.sh](#get_ipbansh) - - [get\_exclude.sh](#get_excludesh) - - [get\_antifilter\_\*.sh](#get_antifilter_sh) - - [get\_antizapret\_domains.sh](#get_antizapret_domainssh) - - [get\_refilter\_\*.sh](#get_refilter_sh) - - [get\_reestr\_\*.sh](#get_reestr_sh) + - [clear_lists.sh](#clear_listssh) + - [create_ipset.sh](#create_ipsetsh) + - [get_config.sh](#get_configsh) + - [get_user.sh](#get_usersh) + - [get_ipban.sh](#get_ipbansh) + - [get_exclude.sh](#get_excludesh) + - [get_antifilter_*.sh](#get_antifilter_sh) + - [get_antizapret_domains.sh](#get_antizapret_domainssh) + - [get_refilter_*.sh](#get_refilter_sh) + - [get_reestr_*.sh](#get_reestr_sh) - [Система ipban](#система-ipban) - [Стартовые скрипты](#стартовые-скрипты) - [Интеграция с firewall](#интеграция-с-firewall) @@ -4632,6 +4633,14 @@ function cond_payload_str(desync) Возвращает true, если в desync.dis.payload присутствует подстрока pattern. Это простейший сигнатурый детектор. Если C код не распознает нужный вам протокол, вы можете написать свой сигнатурный детектор и запускать последующие инстансы под оркестратором condition с вашим детектором в качестве iff. +#### cond_tcp_ts + +``` +function cond_tcp_ts(desync) +``` + +Возвращает true, если диссект является tcp и присутствует timestamp tcp option. + # Вспомогательные программы ## ip2net