gandc/zapret2
Template
1
0
Fork 0
mirror of https://github.com/bol-van/zapret2.git synced 2026-03-14 06:13:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

AI inspired fixes

Browse Source
This commit is contained in:
bol-van
2026-01-31 17:47:18 +03:00
parent a531da39fd
commit 2490ef6951
5 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lua/zapret-obfs.lua
View File

@@ -410,7 +410,7 @@ function synhide(ctx, desync)
if magic=="tsecr" then if magic=="tsecr" then
desync.dis.tcp.options[tsidx].data = string.sub(desync.dis.tcp.options[tsidx].data,1,6) .. "\x00\x00" desync.dis.tcp.options[tsidx].data = string.sub(desync.dis.tcp.options[tsidx].data,1,6) .. "\x00\x00"
elseif magic=="x2" then elseif magic=="x2" then
desync.dis.tcp.th_x2 = bitand(desync.dis.tcp.th_x2,bitnot(1)) desync.dis.tcp.th_x2 = bitand(desync.dis.tcp.th_x2,bitnot(x2))
elseif magic=="urp" then elseif magic=="urp" then
desync.dis.tcp.th_urp = 0 desync.dis.tcp.th_urp = 0
elseif magic=="opt" then elseif magic=="opt" then

9
nfq2/darkmagic.c
View File

@@ -373,7 +373,7 @@ void print_icmphdr(const struct icmp46 *icmp, bool v6)
bool proto_check_ipv4(const uint8_t *data, size_t len) bool proto_check_ipv4(const uint8_t *data, size_t len)
{ {
return len >= sizeof(struct ip) && (data[0] & 0xF0) == 0x40 && return len >= sizeof(struct ip) && (data[0] & 0xF0) == 0x40 && (data[0] & 0x0F)>=5 &&
len >= ((data[0] & 0x0F) << 2); len >= ((data[0] & 0x0F) << 2);
} }
// move to transport protocol // move to transport protocol
@@ -402,7 +402,8 @@ bool proto_check_udp(const uint8_t *data, size_t len)
} }
bool proto_check_udp_payload(const uint8_t *data, size_t len) bool proto_check_udp_payload(const uint8_t *data, size_t len)
{ {
return len >= ntohs(((struct udphdr*)data)->uh_ulen); uint16_t l = ntohs(((struct udphdr*)data)->uh_ulen);
return l>=sizeof(struct udphdr) && len >= l;
} }
void proto_skip_udp(const uint8_t **data, size_t *len) void proto_skip_udp(const uint8_t **data, size_t *len)
{ {
@@ -2267,8 +2268,10 @@ void verdict_udp_csum_fix(uint8_t verdict, struct udphdr *udphdr, size_t transpo
#ifdef __FreeBSD__ #ifdef __FreeBSD__
if (ip6hdr) if (ip6hdr)
#endif #endif
{
DLOG("fixing udp checksum\n"); DLOG("fixing udp checksum\n");
udp_fix_checksum(udphdr,transport_len,ip,ip6hdr); udp_fix_checksum(udphdr,transport_len,ip,ip6hdr);
}
} }
#endif #endif
} }
@@ -2284,8 +2287,10 @@ void verdict_icmp_csum_fix(uint8_t verdict, struct icmp46 *icmphdr, size_t trans
#ifdef __FreeBSD__ #ifdef __FreeBSD__
if (ip6hdr) if (ip6hdr)
#endif #endif
{
DLOG("fixing icmp checksum\n"); DLOG("fixing icmp checksum\n");
icmp_fix_checksum(icmphdr,transport_len,ip6hdr); icmp_fix_checksum(icmphdr,transport_len,ip6hdr);
}
} }
#endif #endif
} }

2
nfq2/desync.c
View File

@@ -630,8 +630,8 @@ static uint8_t ct_new_postnat_fix(const t_ctrack *ctrack, const struct dissect *
((struct ip*)mod_pkt)->ip_ttl = 1; ((struct ip*)mod_pkt)->ip_ttl = 1;
} }
*len_mod_pkt = dis->len_pkt; *len_mod_pkt = dis->len_pkt;
return VERDICT_MODIFY | VERDICT_NOCSUM;
} }
return VERDICT_MODIFY | VERDICT_NOCSUM;
} }
#endif #endif
return VERDICT_DROP; return VERDICT_DROP;

2
nfq2/helpers.c
View File

@@ -109,7 +109,7 @@ bool load_file(const char *filename, off_t offset, void *buffer, size_t *buffer_
if (offset) if (offset)
{ {
if (-1 == lseek(fileno(F), offset, SEEK_SET)) if (fseek(F, offset, SEEK_SET))
{ {
fclose(F); fclose(F);
return false; return false;

2
nfq2/lua.c
View File

@@ -1565,7 +1565,7 @@ void lua_push_ip6hdr(lua_State *L, const struct ip6_hdr *ip6, size_t len)
{ {
LUA_STACK_GUARD_ENTER(L) LUA_STACK_GUARD_ENTER(L)
if (ip6) if (ip6 && len>=sizeof(struct ip6_hdr))
{ {
lua_createtable(L, 0, 7); lua_createtable(L, 0, 7);
lua_pushf_lint(L,"ip6_flow",ntohl(ip6->ip6_ctlun.ip6_un1.ip6_un1_flow)); lua_pushf_lint(L,"ip6_flow",ntohl(ip6->ip6_ctlun.ip6_un1.ip6_un1_flow));